diff options
| author | Stefan Metzmacher <metze@samba.org> | 2004-08-18 07:56:35 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:58:06 -0500 |
| commit | 8de0c24a08cf71058dd58004fe82ca2e8368ffbc (patch) | |
| tree | c6764c9f08d54294aefe4d967c289150f4ac2284 | |
| parent | 2aa976aeb0d7024e335951870f871f68e4595f31 (diff) | |
| download | samba-8de0c24a08cf71058dd58004fe82ca2e8368ffbc.tar.gz samba-8de0c24a08cf71058dd58004fe82ca2e8368ffbc.tar.bz2 samba-8de0c24a08cf71058dd58004fe82ca2e8368ffbc.zip | |
r1875: - move 'net' code into a subdir
- and remove all unneeded files
we'll reimplement the stuff step by step using the functions from
libnet/ which will do the hard work for us
metze
(This used to be commit 8b2d5ec973fde980389bfe03cbcd70274b98b2dc)
| -rw-r--r-- | source4/utils/net/net.c (renamed from source4/utils/net.c) | 0 | ||||
| -rw-r--r-- | source4/utils/net/net.h (renamed from source4/utils/net.h) | 0 | ||||
| -rw-r--r-- | source4/utils/net_ads.c | 1176 | ||||
| -rw-r--r-- | source4/utils/net_ads_cldap.c | 354 | ||||
| -rw-r--r-- | source4/utils/net_cache.c | 348 | ||||
| -rw-r--r-- | source4/utils/net_help.c | 199 | ||||
| -rw-r--r-- | source4/utils/net_lookup.c | 234 | ||||
| -rw-r--r-- | source4/utils/net_rap.c | 1051 | ||||
| -rw-r--r-- | source4/utils/net_rpc.c | 2262 | ||||
| -rw-r--r-- | source4/utils/net_rpc_join.c | 354 | ||||
| -rw-r--r-- | source4/utils/net_rpc_samsync.c | 725 | ||||
| -rw-r--r-- | source4/utils/net_time.c | 180 |
12 files changed, 0 insertions, 6883 deletions
diff --git a/source4/utils/net.c b/source4/utils/net/net.c index 6db62ea6b0..6db62ea6b0 100644 --- a/source4/utils/net.c +++ b/source4/utils/net/net.c diff --git a/source4/utils/net.h b/source4/utils/net/net.h index 1d83a02635..1d83a02635 100644 --- a/source4/utils/net.h +++ b/source4/utils/net/net.h diff --git a/source4/utils/net_ads.c b/source4/utils/net_ads.c deleted file mode 100644 index f7bfdcac3b..0000000000 --- a/source4/utils/net_ads.c +++ /dev/null @@ -1,1176 +0,0 @@ -/* - Samba Unix/Linux SMB client library - net ads commands - Copyright (C) 2001 Andrew Tridgell (tridge@samba.org) - Copyright (C) 2001 Remus Koos (remuskoos@yahoo.com) - Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "../utils/net.h" - -#ifdef HAVE_ADS - -int net_ads_usage(int argc, const char **argv) -{ - d_printf( -"\nnet ads join <org_unit>"\ -"\n\tjoins the local machine to a ADS realm\n"\ -"\nnet ads leave"\ -"\n\tremoves the local machine from a ADS realm\n"\ -"\nnet ads testjoin"\ -"\n\ttests that an exiting join is OK\n"\ -"\nnet ads user"\ -"\n\tlist, add, or delete users in the realm\n"\ -"\nnet ads group"\ -"\n\tlist, add, or delete groups in the realm\n"\ -"\nnet ads info"\ -"\n\tshows some info on the server\n"\ -"\nnet ads status"\ -"\n\tdump the machine account details to stdout\n" -"\nnet ads lookup"\ -"\n\tperform a CLDAP search on the server\n" -"\nnet ads password <username@realm> -Uadmin_username@realm%%admin_pass"\ -"\n\tchange a user's password using an admin account"\ -"\n\t(note: use realm in UPPERCASE)\n"\ -"\nnet ads chostpass"\ -"\n\tchange the trust account password of this machine in the AD tree\n"\ -"\nnet ads printer [info | publish | remove] <printername> <servername>"\ -"\n\t lookup, add, or remove directory entry for a printer\n"\ -"\nnet ads search"\ -"\n\tperform a raw LDAP search and dump the results\n" -"\nnet ads dn"\ -"\n\tperform a raw LDAP search and dump attributes of a particular DN\n" - ); - return -1; -} - - -/* - this implements the CLDAP based netlogon lookup requests - for finding the domain controller of a ADS domain -*/ -static int net_ads_lookup(int argc, const char **argv) -{ - ADS_STRUCT *ads; - - ads = ads_init(NULL, NULL, opt_host); - if (ads) { - ads->auth.flags |= ADS_AUTH_NO_BIND; - } - - ads_connect(ads); - - if (!ads || !ads->config.realm) { - d_printf("Didn't find the cldap server!\n"); - return -1; - } - - return ads_cldap_netlogon(ads); -} - - - -static int net_ads_info(int argc, const char **argv) -{ - ADS_STRUCT *ads; - - ads = ads_init(NULL, NULL, opt_host); - - if (ads) { - ads->auth.flags |= ADS_AUTH_NO_BIND; - } - - ads_connect(ads); - - if (!ads || !ads->config.realm) { - d_printf("Didn't find the ldap server!\n"); - return -1; - } - - d_printf("LDAP server: %s\n", inet_ntoa(ads->ldap_ip)); - d_printf("LDAP server name: %s\n", ads->config.ldap_server_name); - d_printf("Realm: %s\n", ads->config.realm); - d_printf("Bind Path: %s\n", ads->config.bind_path); - d_printf("LDAP port: %d\n", ads->ldap_port); - d_printf("Server time: %s\n", timestring(ads->config.current_time)); - - return 0; -} - -static void use_in_memory_ccache(void) { - /* Use in-memory credentials cache so we do not interfere with - * existing credentials */ - setenv(KRB5_ENV_CCNAME, "MEMORY:net_ads", 1); -} - -static ADS_STRUCT *ads_startup(void) -{ - ADS_STRUCT *ads; - ADS_STATUS status; - BOOL need_password = False; - BOOL second_time = False; - - ads = ads_init(NULL, NULL, opt_host); - - if (!opt_user_name) { - opt_user_name = "administrator"; - } - - if (opt_user_specified) { - need_password = True; - } - -retry: - if (!opt_password && need_password) { - char *prompt; - asprintf(&prompt,"%s password: ", opt_user_name); - opt_password = getpass(prompt); - free(prompt); - } - - if (opt_password) { - use_in_memory_ccache(); - ads->auth.password = strdup(opt_password); - } - - ads->auth.user_name = strdup(opt_user_name); - - status = ads_connect(ads); - if (!ADS_ERR_OK(status)) { - if (!need_password && !second_time) { - need_password = True; - second_time = True; - goto retry; - } else { - DEBUG(1,("ads_connect: %s\n", ads_errstr(status))); - return NULL; - } - } - return ads; -} - - -/* - Check to see if connection can be made via ads. - ads_startup() stores the password in opt_password if it needs to so - that rpc or rap can use it without re-prompting. -*/ -int net_ads_check(void) -{ - ADS_STRUCT *ads; - - ads = ads_startup(); - if (!ads) - return -1; - ads_destroy(&ads); - return 0; -} - -/* - determine the netbios workgroup name for a domain - */ -static int net_ads_workgroup(int argc, const char **argv) -{ - ADS_STRUCT *ads; - TALLOC_CTX *ctx; - char *workgroup; - - if (!(ads = ads_startup())) return -1; - - if (!(ctx = talloc_init("net_ads_workgroup"))) { - return -1; - } - - if (!ADS_ERR_OK(ads_workgroup_name(ads, ctx, &workgroup))) { - d_printf("Failed to find workgroup for realm '%s'\n", - ads->config.realm); - talloc_destroy(ctx); - return -1; - } - - d_printf("Workgroup: %s\n", workgroup); - - talloc_destroy(ctx); - - return 0; -} - - - -static BOOL usergrp_display(char *field, void **values, void *data_area) -{ - char **disp_fields = (char **) data_area; - - if (!field) { /* must be end of record */ - if (!strchr_m(disp_fields[0], '$')) { - if (disp_fields[1]) - d_printf("%-21.21s %-50.50s\n", - disp_fields[0], disp_fields[1]); - else - d_printf("%s\n", disp_fields[0]); - } - SAFE_FREE(disp_fields[0]); - SAFE_FREE(disp_fields[1]); - return True; - } - if (!values) /* must be new field, indicate string field */ - return True; - if (StrCaseCmp(field, "sAMAccountName") == 0) { - disp_fields[0] = strdup((char *) values[0]); - } - if (StrCaseCmp(field, "description") == 0) - disp_fields[1] = strdup((char *) values[0]); - return True; -} - -static int net_ads_user_usage(int argc, const char **argv) -{ - return net_help_user(argc, argv); -} - -static int ads_user_add(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS status; - char *upn, *userdn; - void *res=NULL; - int rc = -1; - - if (argc < 1) return net_ads_user_usage(argc, argv); - - if (!(ads = ads_startup())) return -1; - - status = ads_find_user_acct(ads, &res, argv[0]); - - if (!ADS_ERR_OK(status)) { - d_printf("ads_user_add: %s\n", ads_errstr(status)); - goto done; - } - - if (ads_count_replies(ads, res)) { - d_printf("ads_user_add: User %s already exists\n", argv[0]); - goto done; - } - - status = ads_add_user_acct(ads, argv[0], opt_container, opt_comment); - - if (!ADS_ERR_OK(status)) { - d_printf("Could not add user %s: %s\n", argv[0], - ads_errstr(status)); - goto done; - } - - /* if no password is to be set, we're done */ - if (argc == 1) { - d_printf("User %s added\n", argv[0]); - rc = 0; - goto done; - } - - /* try setting the password */ - asprintf(&upn, "%s@%s", argv[0], ads->config.realm); - status = krb5_set_password(ads->auth.kdc_server, upn, argv[1], ads->auth.time_offset); - safe_free(upn); - if (ADS_ERR_OK(status)) { - d_printf("User %s added\n", argv[0]); - rc = 0; - goto done; - } - - /* password didn't set, delete account */ - d_printf("Could not add user %s. Error setting password %s\n", - argv[0], ads_errstr(status)); - ads_msgfree(ads, res); - status=ads_find_user_acct(ads, &res, argv[0]); - if (ADS_ERR_OK(status)) { - userdn = ads_get_dn(ads, res); - ads_del_dn(ads, userdn); - ads_memfree(ads, userdn); - } - - done: - if (res) - ads_msgfree(ads, res); - ads_destroy(&ads); - return rc; -} - -static int ads_user_info(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - void *res; - const char *attrs[] = {"memberOf", NULL}; - char *searchstring=NULL; - char **grouplist; - char *escaped_user = escape_ldap_string_alloc(argv[0]); - - if (argc < 1) return net_ads_user_usage(argc, argv); - - if (!(ads = ads_startup())) return -1; - - if (!escaped_user) { - d_printf("ads_user_info: failed to escape user %s\n", argv[0]); - return -1; - } - - asprintf(&searchstring, "(sAMAccountName=%s)", escaped_user); - rc = ads_search(ads, &res, searchstring, attrs); - safe_free(searchstring); - - if (!ADS_ERR_OK(rc)) { - d_printf("ads_search: %s\n", ads_errstr(rc)); - return -1; - } - - grouplist = ldap_get_values(ads->ld, res, "memberOf"); - - if (grouplist) { - int i; - char **groupname; - for (i=0;grouplist[i];i++) { - groupname = ldap_explode_dn(grouplist[i], 1); - d_printf("%s\n", groupname[0]); - ldap_value_free(groupname); - } - ldap_value_free(grouplist); - } - - ads_msgfree(ads, res); - - ads_destroy(&ads); - return 0; -} - -static int ads_user_delete(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - void *res; - char *userdn; - - if (argc < 1) return net_ads_user_usage(argc, argv); - - if (!(ads = ads_startup())) return -1; - - rc = ads_find_user_acct(ads, &res, argv[0]); - if (!ADS_ERR_OK(rc)) { - DEBUG(0, ("User %s does not exist\n", argv[0])); - return -1; - } - userdn = ads_get_dn(ads, res); - ads_msgfree(ads, res); - rc = ads_del_dn(ads, userdn); - ads_memfree(ads, userdn); - if (!ADS_ERR_OK(rc)) { - d_printf("User %s deleted\n", argv[0]); - return 0; - } - d_printf("Error deleting user %s: %s\n", argv[0], - ads_errstr(rc)); - return -1; -} - -int net_ads_user(int argc, const char **argv) -{ - struct functable func[] = { - {"ADD", ads_user_add}, - {"INFO", ads_user_info}, - {"DELETE", ads_user_delete}, - {NULL, NULL} - }; - ADS_STRUCT *ads; - ADS_STATUS rc; - const char *shortattrs[] = {"sAMAccountName", NULL}; - const char *longattrs[] = {"sAMAccountName", "description", NULL}; - char *disp_fields[2] = {NULL, NULL}; - - if (argc == 0) { - if (!(ads = ads_startup())) return -1; - - if (opt_long_list_entries) - d_printf("\nUser name Comment"\ - "\n-----------------------------\n"); - - rc = ads_do_search_all_fn(ads, ads->config.bind_path, - LDAP_SCOPE_SUBTREE, - "(objectclass=user)", - opt_long_list_entries ? longattrs : - shortattrs, usergrp_display, - disp_fields); - ads_destroy(&ads); - return 0; - } - - return net_run_function(argc, argv, func, net_ads_user_usage); -} - -static int net_ads_group_usage(int argc, const char **argv) -{ - return net_help_group(argc, argv); -} - -static int ads_group_add(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS status; - void *res=NULL; - int rc = -1; - - if (argc < 1) return net_ads_group_usage(argc, argv); - - if (!(ads = ads_startup())) return -1; - - status = ads_find_user_acct(ads, &res, argv[0]); - - if (!ADS_ERR_OK(status)) { - d_printf("ads_group_add: %s\n", ads_errstr(status)); - goto done; - } - - if (ads_count_replies(ads, res)) { - d_printf("ads_group_add: Group %s already exists\n", argv[0]); - ads_msgfree(ads, res); - goto done; - } - - status = ads_add_group_acct(ads, argv[0], opt_container, opt_comment); - - if (ADS_ERR_OK(status)) { - d_printf("Group %s added\n", argv[0]); - rc = 0; - } else { - d_printf("Could not add group %s: %s\n", argv[0], - ads_errstr(status)); - } - - done: - if (res) - ads_msgfree(ads, res); - ads_destroy(&ads); - return rc; -} - -static int ads_group_delete(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - void *res; - char *groupdn; - - if (argc < 1) return net_ads_group_usage(argc, argv); - - if (!(ads = ads_startup())) return -1; - - rc = ads_find_user_acct(ads, &res, argv[0]); - if (!ADS_ERR_OK(rc)) { - DEBUG(0, ("Group %s does not exist\n", argv[0])); - return -1; - } - groupdn = ads_get_dn(ads, res); - ads_msgfree(ads, res); - rc = ads_del_dn(ads, groupdn); - ads_memfree(ads, groupdn); - if (!ADS_ERR_OK(rc)) { - d_printf("Group %s deleted\n", argv[0]); - return 0; - } - d_printf("Error deleting group %s: %s\n", argv[0], - ads_errstr(rc)); - return -1; -} - -int net_ads_group(int argc, const char **argv) -{ - struct functable func[] = { - {"ADD", ads_group_add}, - {"DELETE", ads_group_delete}, - {NULL, NULL} - }; - ADS_STRUCT *ads; - ADS_STATUS rc; - const char *shortattrs[] = {"sAMAccountName", NULL}; - const char *longattrs[] = {"sAMAccountName", "description", NULL}; - char *disp_fields[2] = {NULL, NULL}; - - if (argc == 0) { - if (!(ads = ads_startup())) return -1; - - if (opt_long_list_entries) - d_printf("\nGroup name Comment"\ - "\n-----------------------------\n"); - rc = ads_do_search_all_fn(ads, ads->config.bind_path, - LDAP_SCOPE_SUBTREE, - "(objectclass=group)", - opt_long_list_entries ? longattrs : - shortattrs, usergrp_display, - disp_fields); - - ads_destroy(&ads); - return 0; - } - return net_run_function(argc, argv, func, net_ads_group_usage); -} - -static int net_ads_status(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - void *res; - - if (!(ads = ads_startup())) return -1; - - rc = ads_find_machine_acct(ads, &res, lp_netbios_name()); - if (!ADS_ERR_OK(rc)) { - d_printf("ads_find_machine_acct: %s\n", ads_errstr(rc)); - return -1; - } - - if (ads_count_replies(ads, res) == 0) { - d_printf("No machine account for '%s' found\n", lp_netbios_name()); - return -1; - } - - ads_dump(ads, res); - - return 0; -} - -static int net_ads_leave(int argc, const char **argv) -{ - ADS_STRUCT *ads = NULL; - ADS_STATUS rc; - - if (!secrets_init()) { - DEBUG(1,("Failed to initialise secrets database\n")); - return -1; - } - - if (!opt_password) { - char *user_name; - asprintf(&user_name, "%s$", lp_netbios_name()); - opt_password = secrets_fetch_machine_password(); - opt_user_name = user_name; - } - - if (!(ads = ads_startup())) { - return -1; - } - - rc = ads_leave_realm(ads, lp_netbios_name()); - if (!ADS_ERR_OK(rc)) { - d_printf("Failed to delete host '%s' from the '%s' realm.\n", - lp_netbios_name(), ads->config.realm); - return -1; - } - - d_printf("Removed '%s' from realm '%s'\n", lp_netbios_name(), ads->config.realm); - - return 0; -} - -static int net_ads_join_ok(void) -{ - char *user_name; - ADS_STRUCT *ads = NULL; - - if (!secrets_init()) { - DEBUG(1,("Failed to initialise secrets database\n")); - return -1; - } - - asprintf(&user_name, "%s$", lp_netbios_name()); - opt_user_name = user_name; - opt_password = secrets_fetch_machine_password(); - - if (!(ads = ads_startup())) { - return -1; - } - - ads_destroy(&ads); - return 0; -} - -/* - check that an existing join is OK - */ -int net_ads_testjoin(int argc, const char **argv) -{ - use_in_memory_ccache(); - - /* Display success or failure */ - if (net_ads_join_ok() != 0) { - fprintf(stderr,"Join to domain is not valid\n"); - return -1; - } - - printf("Join is OK\n"); - return 0; -} - -/* - join a domain using ADS - */ -int net_ads_join(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - char *password; - char *tmp_password; - const char *org_unit = "Computers"; - char *dn; - void *res; - DOM_SID dom_sid; - char *ou_str; - - if (argc > 0) org_unit = argv[0]; - - if (!secrets_init()) { - DEBUG(1,("Failed to initialise secrets database\n")); - return -1; - } - - tmp_password = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); - password = strdup(tmp_password); - - if (!(ads = ads_startup())) return -1; - - ou_str = ads_ou_string(org_unit); - asprintf(&dn, "%s,%s", ou_str, ads->config.bind_path); - free(ou_str); - - rc = ads_search_dn(ads, &res, dn, NULL); - ads_msgfree(ads, res); - - if (rc.error_type == ADS_ERROR_LDAP && rc.err.rc == LDAP_NO_SUCH_OBJECT) { - d_printf("ads_join_realm: organizational unit %s does not exist (dn:%s)\n", - org_unit, dn); - return -1; - } - free(dn); - - if (!ADS_ERR_OK(rc)) { - d_printf("ads_join_realm: %s\n", ads_errstr(rc)); - return -1; - } - - rc = ads_join_realm(ads, lp_netbios_name(), org_unit); - if (!ADS_ERR_OK(rc)) { - d_printf("ads_join_realm: %s\n", ads_errstr(rc)); - return -1; - } - - rc = ads_domain_sid(ads, &dom_sid); - if (!ADS_ERR_OK(rc)) { - d_printf("ads_domain_sid: %s\n", ads_errstr(rc)); - return -1; - } - - rc = ads_set_machine_password(ads, lp_netbios_name(), password); - if (!ADS_ERR_OK(rc)) { - d_printf("ads_set_machine_password: %s\n", ads_errstr(rc)); - return -1; - } - - if (!secrets_store_domain_sid(lp_workgroup(), &dom_sid)) { - DEBUG(1,("Failed to save domain sid\n")); - return -1; - } - - if (!secrets_store_machine_password(password)) { - DEBUG(1,("Failed to save machine password\n")); - return -1; - } - - d_printf("Joined '%s' to realm '%s'\n", lp_netbios_name(), ads->config.realm); - - free(password); - - return 0; -} - -int net_ads_printer_usage(int argc, const char **argv) -{ - d_printf( -"\nnet ads printer info <printer> <server>" -"\n\tlookup info in directory for printer on server" -"\n\t(note: printer defaults to \"*\", server defaults to local)\n" -"\nnet ads printer publish <printername>" -"\n\tpublish printer in directory" -"\n\t(note: printer name is required)\n" -"\nnet ads printer remove <printername>" -"\n\tremove printer from directory" -"\n\t(note: printer name is required)\n"); - return -1; -} - -static int net_ads_printer_info(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - const char *servername, *printername; - void *res = NULL; - - if (!(ads = ads_startup())) return -1; - - if (argc > 0) - printername = argv[0]; - else - printername = "*"; - - if (argc > 1) - servername = argv[1]; - else - servername = lp_netbios_name(); - - rc = ads_find_printer_on_server(ads, &res, printername, servername); - - if (!ADS_ERR_OK(rc)) { - d_printf("ads_find_printer_on_server: %s\n", ads_errstr(rc)); - ads_msgfree(ads, res); - return -1; - } - - if (ads_count_replies(ads, res) == 0) { - d_printf("Printer '%s' not found\n", printername); - ads_msgfree(ads, res); - return -1; - } - - ads_dump(ads, res); - ads_msgfree(ads, res); - - return 0; -} - -void do_drv_upgrade_printer(int msg_type, pid_t src, void *buf, size_t len) -{ - return; -} - -static int net_ads_printer_publish(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - const char *servername; - struct smbcli_state *cli; - struct in_addr server_ip; - NTSTATUS nt_status; - TALLOC_CTX *mem_ctx = talloc_init("net_ads_printer_publish"); - ADS_MODLIST mods = ads_init_mods(mem_ctx); - char *prt_dn, *srv_dn, **srv_cn; - void *res = NULL; - - if (!(ads = ads_startup())) return -1; - - if (argc < 1) - return net_ads_printer_usage(argc, argv); - - if (argc == 2) - servername = argv[1]; - else - servername = lp_netbios_name(); - - ads_find_machine_acct(ads, &res, servername); - srv_dn = ldap_get_dn(ads->ld, res); - srv_cn = ldap_explode_dn(srv_dn, 1); - asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn[0], argv[0], srv_dn); - - resolve_name(servername, &server_ip, 0x20); - - nt_status = smbcli_full_connection(&cli, lp_netbios_name(), servername, - &server_ip, 0, - "IPC$", "IPC", - opt_user_name, opt_workgroup, - opt_password ? opt_password : "", - SMBCLI_FULL_CONNECTION_USE_KERBEROS, - NULL); - - smbcli_nt_session_open(cli, PI_SPOOLSS); - get_remote_printer_publishing_data(cli, mem_ctx, &mods, argv[0]); - - rc = ads_add_printer_entry(ads, prt_dn, mem_ctx, &mods); - if (!ADS_ERR_OK(rc)) { - d_printf("ads_publish_printer: %s\n", ads_errstr(rc)); - return -1; - } - - d_printf("published printer\n"); - - return 0; -} - -static int net_ads_printer_remove(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - const char *servername; - char *prt_dn; - void *res = NULL; - - if (!(ads = ads_startup())) return -1; - - if (argc < 1) - return net_ads_printer_usage(argc, argv); - - if (argc > 1) - servername = argv[1]; - else - servername = lp_netbios_name(); - - rc = ads_find_printer_on_server(ads, &res, argv[0], servername); - - if (!ADS_ERR_OK(rc)) { - d_printf("ads_find_printer_on_server: %s\n", ads_errstr(rc)); - ads_msgfree(ads, res); - return -1; - } - - if (ads_count_replies(ads, res) == 0) { - d_printf("Printer '%s' not found\n", argv[1]); - ads_msgfree(ads, res); - return -1; - } - - prt_dn = ads_get_dn(ads, res); - ads_msgfree(ads, res); - rc = ads_del_dn(ads, prt_dn); - ads_memfree(ads, prt_dn); - - if (!ADS_ERR_OK(rc)) { - d_printf("ads_del_dn: %s\n", ads_errstr(rc)); - return -1; - } - - return 0; -} - -static int net_ads_printer(int argc, const char **argv) -{ - struct functable func[] = { - {"INFO", net_ads_printer_info}, - {"PUBLISH", net_ads_printer_publish}, - {"REMOVE", net_ads_printer_remove}, - {NULL, NULL} - }; - - return net_run_function(argc, argv, func, net_ads_printer_usage); -} - - -static int net_ads_password(int argc, const char **argv) -{ - ADS_STRUCT *ads; - const char *auth_principal = opt_user_name; - const char *auth_password = opt_password; - char *realm = NULL; - char *new_password = NULL; - char *c; - char *prompt; - ADS_STATUS ret; - - - if ((argc != 1) || (opt_user_name == NULL) || - (opt_password == NULL) || (strchr(opt_user_name, '@') == NULL) || - (strchr(argv[0], '@') == NULL)) { - return net_ads_usage(argc, argv); - } - - use_in_memory_ccache(); - c = strchr(auth_principal, '@'); - realm = ++c; - - /* use the realm so we can eventually change passwords for users - in realms other than default */ - if (!(ads = ads_init(realm, NULL, NULL))) return -1; - - asprintf(&prompt, "Enter new password for %s:", argv[0]); - - new_password = getpass(prompt); - - ret = kerberos_set_password(ads->auth.kdc_server, auth_principal, - auth_password, argv[0], new_password, ads->auth.time_offset); - if (!ADS_ERR_OK(ret)) { - d_printf("Password change failed :-( ...\n"); - ads_destroy(&ads); - free(prompt); - return -1; - } - - d_printf("Password change for %s completed.\n", argv[0]); - ads_destroy(&ads); - free(prompt); - - return 0; -} - - -static int net_ads_change_localhost_pass(int argc, const char **argv) -{ - ADS_STRUCT *ads; - char *host_principal; - char *hostname; - ADS_STATUS ret; - char *user_name; - - if (!secrets_init()) { - DEBUG(1,("Failed to initialise secrets database\n")); - return -1; - } - - asprintf(&user_name, "%s$", lp_netbios_name()); - opt_user_name = user_name; - - opt_password = secrets_fetch_machine_password(); - - use_in_memory_ccache(); - - if (!(ads = ads_startup())) { - return -1; - } - - hostname = strdup(lp_netbios_name()); - strlower(hostname); - asprintf(&host_principal, "%s@%s", hostname, ads->config.realm); - SAFE_FREE(hostname); - d_printf("Changing password for principal: HOST/%s\n", host_principal); - - ret = ads_change_trust_account_password(ads, host_principal); - - if (!ADS_ERR_OK(ret)) { - d_printf("Password change failed :-( ...\n"); - ads_destroy(&ads); - SAFE_FREE(host_principal); - return -1; - } - - d_printf("Password change for principal HOST/%s succeeded.\n", host_principal); - ads_destroy(&ads); - SAFE_FREE(host_principal); - - return 0; -} - -/* - help for net ads search -*/ -static int net_ads_search_usage(int argc, const char **argv) -{ - d_printf( - "\nnet ads search <expression> <attributes...>\n"\ - "\nperform a raw LDAP search on a ADS server and dump the results\n"\ - "The expression is a standard LDAP search expression, and the\n"\ - "attributes are a list of LDAP fields to show in the results\n\n"\ - "Example: net ads search '(objectCategory=group)' sAMAccountName\n\n" - ); - net_common_flags_usage(argc, argv); - return -1; -} - - -/* - general ADS search function. Useful in diagnosing problems in ADS -*/ -static int net_ads_search(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - const char *exp; - const char **attrs; - void *res = NULL; - - if (argc < 1) { - return net_ads_search_usage(argc, argv); - } - - if (!(ads = ads_startup())) { - return -1; - } - - exp = argv[0]; - attrs = (argv + 1); - - rc = ads_do_search_all(ads, ads->config.bind_path, - LDAP_SCOPE_SUBTREE, - exp, attrs, &res); - if (!ADS_ERR_OK(rc)) { - d_printf("search failed: %s\n", ads_errstr(rc)); - return -1; - } - - d_printf("Got %d replies\n\n", ads_count_replies(ads, res)); - - /* dump the results */ - ads_dump(ads, res); - - ads_msgfree(ads, res); - ads_destroy(&ads); - - return 0; -} - - -/* - help for net ads search -*/ -static int net_ads_dn_usage(int argc, const char **argv) -{ - d_printf( - "\nnet ads dn <dn> <attributes...>\n"\ - "\nperform a raw LDAP search on a ADS server and dump the results\n"\ - "The DN standard LDAP DN, and the attributes are a list of LDAP fields \n"\ - "to show in the results\n\n"\ - "Example: net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' sAMAccountName\n\n" - ); - net_common_flags_usage(argc, argv); - return -1; -} - - -/* - general ADS search function. Useful in diagnosing problems in ADS -*/ -static int net_ads_dn(int argc, const char **argv) -{ - ADS_STRUCT *ads; - ADS_STATUS rc; - const char *dn; - const char **attrs; - void *res = NULL; - - if (argc < 1) { - return net_ads_dn_usage(argc, argv); - } - - if (!(ads = ads_startup())) { - return -1; - } - - dn = argv[0]; - attrs = (argv + 1); - - rc = ads_do_search_all(ads, dn, - LDAP_SCOPE_BASE, - "(objectclass=*)", attrs, &res); - if (!ADS_ERR_OK(rc)) { - d_printf("search failed: %s\n", ads_errstr(rc)); - return -1; - } - - d_printf("Got %d replies\n\n", ads_count_replies(ads, res)); - - /* dump the results */ - ads_dump(ads, res); - - ads_msgfree(ads, res); - ads_destroy(&ads); - - return 0; -} - - -int net_ads_help(int argc, const char **argv) -{ - struct functable func[] = { - {"USER", net_ads_user_usage}, - {"GROUP", net_ads_group_usage}, - {"PRINTER", net_ads_printer_usage}, - {"SEARCH", net_ads_search_usage}, -#if 0 - {"INFO", net_ads_info}, - {"JOIN", net_ads_join}, - {"LEAVE", net_ads_leave}, - {"STATUS", net_ads_status}, - {"PASSWORD", net_ads_password}, - {"CHOSTPASS", net_ads_change_localhost_pass}, -#endif - {NULL, NULL} - }; - - return net_run_function(argc, argv, func, net_ads_usage); -} - -int net_ads(int argc, const char **argv) -{ - struct functable func[] = { - {"INFO", net_ads_info}, - {"JOIN", net_ads_join}, - {"TESTJOIN", net_ads_testjoin}, - {"LEAVE", net_ads_leave}, - {"STATUS", net_ads_status}, - {"USER", net_ads_user}, - {"GROUP", net_ads_group}, - {"PASSWORD", net_ads_password}, - {"CHOSTPASS", net_ads_change_localhost_pass}, - {"PRINTER", net_ads_printer}, - {"SEARCH", net_ads_search}, - {"DN", net_ads_dn}, - {"WORKGROUP", net_ads_workgroup}, - {"LOOKUP", net_ads_lookup}, - {"HELP", net_ads_help}, - {NULL, NULL} - }; - - return net_run_function(argc, argv, func, net_ads_usage); -} - -#else - -static int net_ads_noads(void) -{ - d_printf("ADS support not compiled in\n"); - return -1; -} - -int net_ads_usage(int argc, const char **argv) -{ - return net_ads_noads(); -} - -int net_ads_help(int argc, const char **argv) -{ - return net_ads_noads(); -} - -int net_ads_join(int argc, const char **argv) -{ - return net_ads_noads(); -} - -int net_ads_user(int argc, const char **argv) -{ - return net_ads_noads(); -} - -int net_ads_group(int argc, const char **argv) -{ - return net_ads_noads(); -} - -/* this one shouldn't display a message */ -int net_ads_check(void) -{ - return -1; -} - -int net_ads(int argc, const char **argv) -{ - return net_ads_usage(argc, argv); -} - -#endif diff --git a/source4/utils/net_ads_cldap.c b/source4/utils/net_ads_cldap.c deleted file mode 100644 index a4464182bb..0000000000 --- a/source4/utils/net_ads_cldap.c +++ /dev/null @@ -1,354 +0,0 @@ -/* - Samba Unix/Linux SMB client library - net ads cldap functions - Copyright (C) 2001 Andrew Tridgell (tridge@samba.org) - Copyright (C) 2003 Jim McDonough (jmcd@us.ibm.com) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "../utils/net.h" - -#ifdef HAVE_ADS - -struct netlogon_string { - uint32_t comp_len; - char **component; - uint8_t extra_flag; -}; - -struct cldap_netlogon_reply { - uint32_t type; - uint32_t flags; - GUID guid; - - struct netlogon_string forest; - struct netlogon_string domain; - struct netlogon_string hostname; - - struct netlogon_string netbios_domain; - struct netlogon_string netbios_hostname; - - struct netlogon_string user_name; - struct netlogon_string site_name; - - struct netlogon_string unk0; - - uint32_t version; - uint16_t lmnt_token; - uint16_t lm20_token; -}; - -/* - These strings are rather interesting... They are composed of a series of - length encoded strings, terminated by either 1) a zero length string or 2) - a 0xc0 byte with what appears to be a one byte flags immediately following. -*/ -static uint_t pull_netlogon_string(struct netlogon_string *ret,const char *d) -{ - char *p = (char *)d; - - ZERO_STRUCTP(ret); - - do { - uint_t len = (uint8_t)*p; - p++; - - if (len > 0 && len != 0xc0) { - ret->component = realloc(ret->component, - ++ret->comp_len * - sizeof(char *)); - - ret->component[ret->comp_len - 1] = - smb_xstrndup(p, len); - p += len; - } else { - if (len == 0xc0) { - ret->extra_flag = *p; - p++; - }; - break; - } - } while (1); - - return (p - d); -} - -/* - do a cldap netlogon query -*/ -static int send_cldap_netlogon(int sock, const char *domain, - const char *hostname, uint_t ntversion) -{ - ASN1_DATA data; - char ntver[4]; - - SIVAL(ntver, 0, ntversion); - - memset(&data, 0, sizeof(data)); - - asn1_push_tag(&data,ASN1_SEQUENCE(0)); - asn1_write_Integer(&data, 4); - asn1_push_tag(&data, ASN1_APPLICATION(3)); - asn1_write_OctetString(&data, NULL, 0); - asn1_write_enumerated(&data, 0); - asn1_write_enumerated(&data, 0); - asn1_write_Integer(&data, 0); - asn1_write_Integer(&data, 0); - asn1_write_BOOLEAN2(&data, False); - asn1_push_tag(&data, ASN1_CONTEXT(0)); - - asn1_push_tag(&data, ASN1_CONTEXT(3)); - asn1_write_OctetString(&data, "DnsDomain", 9); - asn1_write_OctetString(&data, domain, strlen(domain)); - asn1_pop_tag(&data); - - asn1_push_tag(&data, ASN1_CONTEXT(3)); - asn1_write_OctetString(&data, "Host", 4); - asn1_write_OctetString(&data, hostname, strlen(hostname)); - asn1_pop_tag(&data); - - asn1_push_tag(&data, ASN1_CONTEXT(3)); - asn1_write_OctetString(&data, "NtVer", 5); - asn1_write_OctetString(&data, ntver, 4); - asn1_pop_tag(&data); - - asn1_pop_tag(&data); - - asn1_push_tag(&data,ASN1_SEQUENCE(0)); - asn1_write_OctetString(&data, "NetLogon", 8); - asn1_pop_tag(&data); - asn1_pop_tag(&data); - asn1_pop_tag(&data); - - if (data.has_error) { - d_printf("Failed to build cldap netlogon at offset %d\n", (int)data.ofs); - asn1_free(&data); - return -1; - } - - if (write(sock, data.data, data.length) != data.length) { - d_printf("failed to send cldap query (%s)\n", strerror(errno)); - } - - file_save("cldap_query.dat", data.data, data.length); - asn1_free(&data); - - return 0; -} - - -/* - receive a cldap netlogon reply -*/ -static int recv_cldap_netlogon(int sock, struct cldap_netlogon_reply *reply) -{ - int ret; - ASN1_DATA data; - DATA_BLOB blob; - DATA_BLOB os1, os2, os3; - uint32_t i1; - char *p; - - blob = data_blob(NULL, 8192); - - ret = read(sock, blob.data, blob.length); - - if (ret <= 0) { - d_printf("no reply received to cldap netlogon\n"); - return -1; - } - blob.length = ret; - - file_save("cldap_reply.dat", blob.data, blob.length); - - asn1_load(&data, blob); - asn1_start_tag(&data, ASN1_SEQUENCE(0)); - asn1_read_Integer(&data, &i1); - asn1_start_tag(&data, ASN1_APPLICATION(4)); - asn1_read_OctetString(&data, &os1); - asn1_start_tag(&data, ASN1_SEQUENCE(0)); - asn1_start_tag(&data, ASN1_SEQUENCE(0)); - asn1_read_OctetString(&data, &os2); - asn1_start_tag(&data, ASN1_SET); - asn1_read_OctetString(&data, &os3); - asn1_end_tag(&data); - asn1_end_tag(&data); - asn1_end_tag(&data); - asn1_end_tag(&data); - asn1_end_tag(&data); - - if (data.has_error) { - d_printf("Failed to parse cldap reply\n"); - return -1; - } - - file_save("cldap_reply_core.dat", os3.data, os3.length); - - p = os3.data; - - reply->type = IVAL(p, 0); p += 4; - reply->flags = IVAL(p, 0); p += 4; - - memcpy(&reply->guid.info, p, GUID_SIZE); - p += GUID_SIZE; - - p += pull_netlogon_string(&reply->forest, p); - p += pull_netlogon_string(&reply->domain, p); - p += pull_netlogon_string(&reply->hostname, p); - p += pull_netlogon_string(&reply->netbios_domain, p); - p += pull_netlogon_string(&reply->netbios_hostname, p); - p += pull_netlogon_string(&reply->user_name, p); - p += pull_netlogon_string(&reply->site_name, p); - - p += pull_netlogon_string(&reply->unk0, p); - - reply->version = IVAL(p, 0); - reply->lmnt_token = SVAL(p, 4); - reply->lm20_token = SVAL(p, 6); - - data_blob_free(&os1); - data_blob_free(&os2); - data_blob_free(&os3); - data_blob_free(&blob); - - return 0; -} - -/* - free a netlogon string -*/ -static void netlogon_string_free(struct netlogon_string *str) -{ - int i; - - for (i = 0; i < str->comp_len; ++i) { - SAFE_FREE(str->component[i]); - } - SAFE_FREE(str->component); -} - -/* - free a cldap reply packet -*/ -static void cldap_reply_free(struct cldap_netlogon_reply *reply) -{ - netlogon_string_free(&reply->forest); - netlogon_string_free(&reply->domain); - netlogon_string_free(&reply->hostname); - netlogon_string_free(&reply->netbios_domain); - netlogon_string_free(&reply->netbios_hostname); - netlogon_string_free(&reply->user_name); - netlogon_string_free(&reply->site_name); - netlogon_string_free(&reply->unk0); -} - -static void d_print_netlogon_string(const char *label, - struct netlogon_string *str) -{ - int i; - - if (str->comp_len) { - d_printf("%s", label); - if (str->extra_flag) { - d_printf("[%d]", str->extra_flag); - } - d_printf(": "); - for (i = 0; i < str->comp_len; ++i) { - d_printf("%s%s", (i ? "." : ""), str->component[i]); - } - d_printf("\n"); - } -} - -/* - do a cldap netlogon query -*/ -int ads_cldap_netlogon(ADS_STRUCT *ads) -{ - int sock; - int ret; - struct cldap_netlogon_reply reply; - - sock = open_udp_socket(inet_ntoa(ads->ldap_ip), ads->ldap_port); - if (sock == -1) { - d_printf("Failed to open udp socket to %s:%u\n", - inet_ntoa(ads->ldap_ip), - ads->ldap_port); - return -1; - } - - ret = send_cldap_netlogon(sock, ads->config.realm, lp_netbios_name(), 6); - if (ret != 0) { - return ret; - } - ret = recv_cldap_netlogon(sock, &reply); - close(sock); - - if (ret == -1) { - return -1; - } - - d_printf("Information for Domain Controller: %s\n\n", - ads->config.ldap_server_name); - - d_printf("Response Type: 0x%x\n", reply.type); - d_printf("GUID: "); - print_guid(&reply.guid); - d_printf("Flags:\n" - "\tIs a PDC: %s\n" - "\tIs a GC of the forest: %s\n" - "\tIs an LDAP server: %s\n" - "\tSupports DS: %s\n" - "\tIs running a KDC: %s\n" - "\tIs running time services: %s\n" - "\tIs the closest DC: %s\n" - "\tIs writable: %s\n" - "\tHas a hardware clock: %s\n" - "\tIs a non-domain NC serviced by LDAP server: %s\n", - (reply.flags & ADS_PDC) ? "yes" : "no", - (reply.flags & ADS_GC) ? "yes" : "no", - (reply.flags & ADS_LDAP) ? "yes" : "no", - (reply.flags & ADS_DS) ? "yes" : "no", - (reply.flags & ADS_KDC) ? "yes" : "no", - (reply.flags & ADS_TIMESERV) ? "yes" : "no", - (reply.flags & ADS_CLOSEST) ? "yes" : "no", - (reply.flags & ADS_WRITABLE) ? "yes" : "no", - (reply.flags & ADS_GOOD_TIMESERV) ? "yes" : "no", - (reply.flags & ADS_NDNC) ? "yes" : "no"); - - d_print_netlogon_string("Forest", &reply.forest); - d_print_netlogon_string("Domain", &reply.domain); - d_print_netlogon_string("Hostname", &reply.hostname); - - d_print_netlogon_string("Pre-Win2k Domain", &reply.netbios_domain); - d_print_netlogon_string("Pre-Win2k Hostname", &reply.netbios_hostname); - - d_print_netlogon_string("User name", &reply.user_name); - d_print_netlogon_string("Site Name", &reply.site_name); - d_print_netlogon_string("Unknown Field", &reply.unk0); - - d_printf("NT Version: %d\n", reply.version); - d_printf("LMNT Token: %.2x\n", reply.lmnt_token); - d_printf("LM20 Token: %.2x\n", reply.lm20_token); - - cldap_reply_free(&reply); - - return ret; -} - - -#endif diff --git a/source4/utils/net_cache.c b/source4/utils/net_cache.c deleted file mode 100644 index 93c4f1aa1d..0000000000 --- a/source4/utils/net_cache.c +++ /dev/null @@ -1,348 +0,0 @@ -/* - Samba Unix/Linux SMB client library - Distributed SMB/CIFS Server Management Utility - Copyright (C) Rafal Szczesniak 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - - -#include "includes.h" -#include "net.h" - -/** - * @file net_cache.c - * @brief This is part of the net tool which is basically command - * line wrapper for gencache.c functions (mainly for testing) - * - **/ - - -/* - * These routines are used via gencache_iterate() to display the cache's contents - * (print_cache_entry) and to flush it (delete_cache_entry). - * Both of them are defined by first arg of gencache_iterate() routine. - */ -static void print_cache_entry(const char* keystr, const char* datastr, - const time_t timeout, void* dptr) -{ - char* timeout_str; - time_t now_t = time(NULL); - struct tm timeout_tm, *now_tm; - /* localtime returns statically allocated pointer, so timeout_tm - has to be copied somewhere else */ - memcpy(&timeout_tm, localtime(&timeout), sizeof(struct tm)); - now_tm = localtime(&now_t); - - /* form up timeout string depending whether it's today's date or not */ - if (timeout_tm.tm_year != now_tm->tm_year || - timeout_tm.tm_mon != now_tm->tm_mon || - timeout_tm.tm_mday != now_tm->tm_mday) { - - timeout_str = asctime(&timeout_tm); - timeout_str[strlen(timeout_str) - 1] = '\0'; /* remove tailing CR */ - } else - asprintf(&timeout_str, "%.2d:%.2d:%.2d", timeout_tm.tm_hour, - timeout_tm.tm_min, timeout_tm.tm_sec); - - d_printf("Key: %s\t Timeout: %s\t Value: %s %s\n", keystr, - timeout_str, datastr, timeout > now_t ? "": "(expired)"); -} - -static void delete_cache_entry(const char* keystr, const char* datastr, - const time_t timeout, void* dptr) -{ - if (!gencache_del(keystr)) - d_printf("Couldn't delete entry! key = %s", keystr); -} - - -/** - * Parse text representation of timeout value - * - * @param timeout_str string containing text representation of the timeout - * @return numeric timeout of time_t type - **/ -static time_t parse_timeout(const char* timeout_str) -{ - char sign = '\0', *number = NULL, unit = '\0'; - int len, number_begin, number_end; - time_t timeout; - - /* sign detection */ - if (timeout_str[0] == '!' || timeout_str[0] == '+') { - sign = timeout_str[0]; - number_begin = 1; - } else { - number_begin = 0; - } - - /* unit detection */ - len = strlen(timeout_str); - switch (timeout_str[len - 1]) { - case 's': - case 'm': - case 'h': - case 'd': - case 'w': unit = timeout_str[len - 1]; - } - - /* number detection */ - len = (sign) ? strlen(&timeout_str[number_begin]) : len; - number_end = (unit) ? len - 1 : len; - number = strndup(&timeout_str[number_begin], number_end); - - /* calculate actual timeout value */ - timeout = (time_t)atoi(number); - - switch (unit) { - case 'm': timeout *= 60; break; - case 'h': timeout *= 60*60; break; - case 'd': timeout *= 60*60*24; break; - case 'w': timeout *= 60*60*24*7; break; /* that's fair enough, I think :) */ - } - - switch (sign) { - case '!': timeout = time(NULL) - timeout; break; - case '+': - default: timeout += time(NULL); break; - } - - if (number) SAFE_FREE(number); - return timeout; -} - - -/** - * Add an entry to the cache. If it does exist, then set it. - * - * @param argv key, value and timeout are passed in command line - * @return 0 on success, otherwise failure - **/ -static int net_cache_add(int argc, const char **argv) -{ - const char *keystr, *datastr, *timeout_str; - time_t timeout; - - if (argc < 3) { - d_printf("\nUsage: net cache add <key string> <data string> <timeout>\n"); - return -1; - } - - keystr = argv[0]; - datastr = argv[1]; - timeout_str = argv[2]; - - /* parse timeout given in command line */ - timeout = parse_timeout(timeout_str); - if (!timeout) { - d_printf("Invalid timeout argument.\n"); - return -1; - } - - if (gencache_set(keystr, datastr, timeout)) { - d_printf("New cache entry stored successfully.\n"); - gencache_shutdown(); - return 0; - } - - d_printf("Entry couldn't be added. Perhaps there's already such a key.\n"); - gencache_shutdown(); - return -1; -} - - -/** - * Set new value of an existing entry in the cache. Fail If the entry doesn't - * exist. - * - * @param argv key being searched and new value and timeout to set in the entry - * @return 0 on success, otherwise failure - **/ -static int net_cache_set(int argc, const char **argv) -{ - const char *keystr, *datastr, *timeout_str; - time_t timeout; - - if (argc < 3) { - d_printf("\nUsage: net cache set <key string> <data string> <timeout>\n"); - return -1; - } - - keystr = argv[0]; - datastr = argv[1]; - timeout_str = argv[2]; - - /* parse timeout given in command line */ - timeout = parse_timeout(timeout_str); - if (!timeout) { - d_printf("Invalid timeout argument.\n"); - return -1; - } - - if (gencache_set_only(keystr, datastr, timeout)) { - d_printf("Cache entry set successfully.\n"); - gencache_shutdown(); - return 0; - } - - d_printf("Entry couldn't be set. Perhaps there's no such a key.\n"); - gencache_shutdown(); - return -1; -} - - -/** - * Delete an entry in the cache - * - * @param argv key to delete an entry of - * @return 0 on success, otherwise failure - **/ -static int net_cache_del(int argc, const char **argv) -{ - const char *keystr = argv[0]; - - if (argc < 1) { - d_printf("\nUsage: net cache add <key string>\n"); - return -1; - } - - if(gencache_del(keystr)) { - d_printf("Entry deleted.\n"); - return 0; - } - - d_printf("Couldn't delete specified entry\n"); - return -1; -} - - -/** - * Get and display an entry from the cache - * - * @param argv key to search an entry of - * @return 0 on success, otherwise failure - **/ -static int net_cache_get(int argc, const char **argv) -{ - const char* keystr = argv[0]; - char* valuestr; - time_t timeout; - - if (argc < 1) { - d_printf("\nUsage: net cache get <key>\n"); - return -1; - } - - if (gencache_get(keystr, &valuestr, &timeout)) { - print_cache_entry(keystr, valuestr, timeout, NULL); - return 0; - } - - d_printf("Failed to find entry\n"); - return -1; -} - - -/** - * Search an entry/entries in the cache - * - * @param argv key pattern to match the entries to - * @return 0 on success, otherwise failure - **/ -static int net_cache_search(int argc, const char **argv) -{ - const char* pattern; - - if (argc < 1) { - d_printf("Usage: net cache search <pattern>\n"); - return -1; - } - - pattern = argv[0]; - gencache_iterate(print_cache_entry, NULL, pattern); - return 0; -} - - -/** - * List the contents of the cache - * - * @param argv ignored in this functionailty - * @return always returns 0 - **/ -static int net_cache_list(int argc, const char **argv) -{ - const char* pattern = "*"; - gencache_iterate(print_cache_entry, NULL, pattern); - gencache_shutdown(); - return 0; -} - - -/** - * Flush the whole cache - * - * @param argv ignored in this functionality - * @return always returns 0 - **/ -static int net_cache_flush(int argc, const char **argv) -{ - const char* pattern = "*"; - gencache_iterate(delete_cache_entry, NULL, pattern); - gencache_shutdown(); - return 0; -} - - -/** - * Short help - * - * @param argv ignored in this functionality - * @return always returns -1 - **/ -static int net_cache_usage(int argc, const char **argv) -{ - d_printf(" net cache add \t add add new cache entry\n"); - d_printf(" net cache set \t set new value for existing cache entry\n"); - d_printf(" net cache del \t delete existing cache entry by key\n"); - d_printf(" net cache flush \t delete all entries existing in the cache\n"); - d_printf(" net cache get \t get cache entry by key\n"); - d_printf(" net cache search \t search for entries in the cache, by given pattern\n"); - d_printf(" net cache list \t list all cache entries (just like search for \"*\")\n"); - return -1; -} - - -/** - * Entry point to 'net cache' subfunctionality - * - * @param argv arguments passed to further called functions - * @return whatever further functions return - **/ -int net_cache(int argc, const char **argv) -{ - struct functable func[] = { - {"add", net_cache_add}, - {"set", net_cache_set}, - {"del", net_cache_del}, - {"get", net_cache_get}, - {"search", net_cache_search}, - {"list", net_cache_list}, - {"flush", net_cache_flush}, - {NULL, NULL} - }; - - return net_run_function(argc, argv, func, net_cache_usage); -} diff --git a/source4/utils/net_help.c b/source4/utils/net_help.c deleted file mode 100644 index 4000a248ff..0000000000 --- a/source4/utils/net_help.c +++ /dev/null @@ -1,199 +0,0 @@ -/* - Samba Unix/Linux SMB client library - net help commands - Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "../utils/net.h" - -int net_common_methods_usage(int argc, const char**argv) -{ - d_printf("Valid methods: (auto-detected if not specified)\n"); - d_printf("\tads\t\t\t\tActive Directory (LDAP/Kerberos)\n"); - d_printf("\trpc\t\t\t\tDCE-RPC\n"); - d_printf("\trap\t\t\t\tRAP (older systems)\n"); - d_printf("\n"); - return 0; -} - -int net_common_flags_usage(int argc, const char **argv) -{ - d_printf("Valid targets: choose one (none defaults to localhost)\n"); - d_printf("\t-S or --server=<server>\t\tserver name\n"); - d_printf("\t-I or --ipaddress=<ipaddr>\taddress of target server\n"); - d_printf("\t-w or --workgroup=<wg>\t\ttarget workgroup or domain\n"); - - d_printf("\n"); - d_printf("Valid miscellaneous options are:\n"); /* misc options */ - d_printf("\t-p or --port=<port>\t\tconnection port on target\n"); - d_printf("\t-W or --myworkgroup=<wg>\tclient workgroup\n"); - d_printf("\t-d or --debug=<level>\t\tdebug level (0-10)\n"); - d_printf("\t-n or --myname=<name>\t\tclient name\n"); - d_printf("\t-U or --user=<name>\t\tuser name\n"); - d_printf("\t-s or --conf=<path>\t\tpathname of smb.conf file\n"); - d_printf("\t-l or --long\t\t\tDisplay full information\n"); - d_printf("\t-P or --machine-pass\t\tAuthenticate as machine account\n"); - return -1; -} - -static int help_usage(int argc, const char **argv) -{ - d_printf( -"\n"\ -"Usage: net help <function>\n"\ -"\n"\ -"Valid functions are:\n"\ -" RPC RAP ADS FILE SHARE SESSION SERVER DOMAIN PRINTQ USER GROUP VALIDATE\n"\ -" GROUPMEMBER ADMIN SERVICE PASSWORD TIME LOOKUP GETLOCALSID SETLOCALSID\n"); - return -1; -} - -int net_help_user(int argc, const char **argv) -{ - d_printf("\nnet [<method>] user [misc. options] [targets]"\ - "\n\tList users\n\n"); - d_printf("net [<method>] user DELETE <name> [misc. options] [targets]"\ - "\n\tDelete specified user\n"); - d_printf("\nnet [<method>] user INFO <name> [misc. options] [targets]"\ - "\n\tList the domain groups of the specified user\n"); - d_printf("\nnet [<method>] user ADD <name> [password] [-c container] "\ - "[-F user flags] [misc. options]"\ - " [targets]\n\tAdd specified user\n"); - - net_common_methods_usage(argc, argv); - net_common_flags_usage(argc, argv); - d_printf("\t-C or --comment=<comment>\tdescriptive comment (for add only)\n"); - d_printf("\t-c or --container=<container>\tLDAP container, defaults to cn=Users (for add in ADS only)\n"); - return -1; -} - -int net_help_group(int argc, const char **argv) -{ - d_printf("net [<method>] group [misc. options] [targets]"\ - "\n\tList user groups\n\n"); - d_printf("net [<method>] group DELETE <name> "\ - "[misc. options] [targets]"\ - "\n\tDelete specified group\n"); - d_printf("\nnet [<method>] group ADD <name> [-C comment] [-c container]"\ - " [misc. options] [targets]\n\tCreate specified group\n"); - net_common_methods_usage(argc, argv); - net_common_flags_usage(argc, argv); - d_printf("\t-C or --comment=<comment>\tdescriptive comment (for add only)\n"); - d_printf("\t-c or --container=<container>\tLDAP container, defaults to cn=Users (for add in ADS only)\n"); - return -1; -} - - -int net_help_join(int argc, const char **argv) -{ - d_printf("\nnet [<method>] join [misc. options]\n" - "\tjoins this server to a domain\n"); - d_printf("Valid methods: (auto-detected if not specified)\n"); - d_printf("\tads\t\t\t\tActive Directory (LDAP/Kerberos)\n"); - d_printf("\trpc\t\t\t\tDCE-RPC\n"); - net_common_flags_usage(argc, argv); - return -1; -} - -int net_help_share(int argc, const char **argv) -{ - d_printf( - "\nnet [<method>] share [misc. options] [targets] \n" - "\tenumerates all exported resources (network shares) " - "on target server\n\n" - "net [<method>] share ADD <name=serverpath> [misc. options] [targets]" - "\n\tAdds a share from a server (makes the export active)\n\n" - "net [<method>] share DELETE <sharename> [misc. options] [targets]\n" - "\n\tDeletes a share from a server (makes the export inactive)\n"); - net_common_methods_usage(argc, argv); - net_common_flags_usage(argc, argv); - d_printf( - "\t-C or --comment=<comment>\tdescriptive comment (for add only)\n" - "\t-M or --maxusers=<num>\t\tmax users allowed for share\n"); - return -1; -} - -int net_help_file(int argc, const char **argv) -{ - d_printf("net [<method>] file [misc. options] [targets]\n"\ - "\tlists all open files on file server\n\n"); - d_printf("net [<method>] file USER <username> "\ - "[misc. options] [targets]"\ - "\n\tlists all files opened by username on file server\n\n"); - d_printf("net [<method>] file CLOSE <id> [misc. options] [targets]\n"\ - "\tcloses specified file on target server\n\n"); - d_printf("net [rap] file INFO <id> [misc. options] [targets]\n"\ - "\tdisplays information about the specified open file\n"); - - net_common_methods_usage(argc, argv); - net_common_flags_usage(argc, argv); - return -1; -} - -static int net_usage(int argc, const char **argv) -{ - d_printf(" net time\t\tto view or set time information\n"\ - " net lookup\t\tto lookup host name or ip address\n"\ - " net user\t\tto manage users\n"\ - " net group\t\tto manage groups\n"\ - " net join\t\tto join a domain\n"\ - " net cache\t\tto operate on cache tdb file\n"\ - " net getlocalsid [NAME]\tto get the SID for local name\n"\ - " net setlocalsid SID\tto set the local domain SID\n"\ - "\n"\ - " net ads <command>\tto run ADS commands\n"\ - " net rap <command>\tto run RAP (pre-RPC) commands\n"\ - " net rpc <command>\tto run RPC commands\n"\ - "\n"\ - "Type \"net help <option>\" to get more information on that option\n"); - net_common_flags_usage(argc, argv); - return -1; -} - -/* - handle "net help *" subcommands -*/ -int net_help(int argc, const char **argv) -{ - struct functable func[] = { - {"ADS", net_ads_help}, - {"RAP", net_rap_help}, - {"RPC", net_rpc_help}, - - {"FILE", net_help_file}, - {"SHARE", net_help_share}, - {"SESSION", net_rap_session_usage}, - {"SERVER", net_rap_server_usage}, - {"DOMAIN", net_rap_domain_usage}, - {"PRINTQ", net_rap_printq_usage}, - {"USER", net_help_user}, - {"GROUP", net_help_group}, - {"JOIN", net_help_join}, - {"VALIDATE", net_rap_validate_usage}, - {"GROUPMEMBER", net_rap_groupmember_usage}, - {"ADMIN", net_rap_admin_usage}, - {"SERVICE", net_rap_service_usage}, - {"PASSWORD", net_rap_password_usage}, - {"TIME", net_time_usage}, - {"LOOKUP", net_lookup_usage}, - - {"HELP", help_usage}, - {NULL, NULL}}; - - return net_run_function(argc, argv, func, net_usage); -} diff --git a/source4/utils/net_lookup.c b/source4/utils/net_lookup.c deleted file mode 100644 index 271094480c..0000000000 --- a/source4/utils/net_lookup.c +++ /dev/null @@ -1,234 +0,0 @@ -/* - Samba Unix/Linux SMB client library - net lookup command - Copyright (C) 2001 Andrew Tridgell (tridge@samba.org) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -#include "includes.h" -#include "../utils/net.h" - -int net_lookup_usage(int argc, const char **argv) -{ - d_printf( -" net lookup host HOSTNAME <type>\n\tgives IP for a hostname\n\n" -" net lookup ldap [domain]\n\tgives IP of domain's ldap server\n\n" -" net lookup kdc [realm]\n\tgives IP of realm's kerberos KDC\n\n" -" net lookup dc [domain]\n\tgives IP of domains Domain Controllers\n\n" -" net lookup master [domain|wg]\n\tgive IP of master browser\n\n" -); - return -1; -} - -/* lookup a hostname giving an IP */ -static int net_lookup_host(int argc, const char **argv) -{ - struct in_addr ip; - int name_type = 0x20; - - if (argc == 0) return net_lookup_usage(argc, argv); - if (argc > 1) name_type = strtol(argv[1], NULL, 0); - - if (!resolve_name(argv[0], &ip, name_type)) { - /* we deliberately use DEBUG() here to send it to stderr - so scripts aren't mucked up */ - DEBUG(0,("Didn't find %s#%02x\n", argv[0], name_type)); - return -1; - } - - d_printf("%s\n", inet_ntoa(ip)); - return 0; -} - -static void print_ldap_srvlist(char *srvlist) -{ - char *cur, *next; - struct in_addr ip; - BOOL printit; - - cur = srvlist; - do { - next = strchr(cur,':'); - if (next) *next++='\0'; - printit = resolve_name(cur, &ip, 0x20); - cur=next; - next=cur ? strchr(cur,' ') :NULL; - if (next) - *next++='\0'; - if (printit) - d_printf("%s:%s\n", inet_ntoa(ip), cur?cur:""); - cur = next; - } while (next); -} - - -static int net_lookup_ldap(int argc, const char **argv) -{ -#ifdef HAVE_LDAP - char *srvlist; - const char *domain; - int rc; - struct in_addr addr; - struct hostent *hostent; - - if (argc > 0) - domain = argv[0]; - else - domain = opt_target_workgroup; - - DEBUG(9, ("Lookup up ldap for domain %s\n", domain)); - rc = ldap_domain2hostlist(domain, &srvlist); - if ((rc == LDAP_SUCCESS) && srvlist) { - print_ldap_srvlist(srvlist); - return 0; - } - - DEBUG(9, ("Looking up DC for domain %s\n", domain)); - if (!get_pdc_ip(domain, &addr)) - return -1; - - hostent = gethostbyaddr((char *) &addr.s_addr, sizeof(addr.s_addr), - AF_INET); - if (!hostent) - return -1; - - DEBUG(9, ("Found DC with DNS name %s\n", hostent->h_name)); - domain = strchr(hostent->h_name, '.'); - if (!domain) - return -1; - domain++; - - DEBUG(9, ("Looking up ldap for domain %s\n", domain)); - rc = ldap_domain2hostlist(domain, &srvlist); - if ((rc == LDAP_SUCCESS) && srvlist) { - print_ldap_srvlist(srvlist); - return 0; - } - return -1; -#endif - DEBUG(1,("No LDAP support\n")); - return -1; -} - -static int net_lookup_dc(int argc, const char **argv) -{ - struct in_addr *ip_list, addr; - char *pdc_str = NULL; - const char *domain=opt_target_workgroup; - int count, i; - BOOL list_ordered; - - if (argc > 0) - domain=argv[0]; - - /* first get PDC */ - if (!get_pdc_ip(domain, &addr)) - return -1; - - asprintf(&pdc_str, "%s", inet_ntoa(addr)); - d_printf("%s\n", pdc_str); - - if (!get_dc_list(domain, &ip_list, &count, &list_ordered)) { - SAFE_FREE(pdc_str); - return 0; - } - for (i=0;i<count;i++) { - char *dc_str = inet_ntoa(ip_list[i]); - if (!strequal(pdc_str, dc_str)) - d_printf("%s\n", dc_str); - } - SAFE_FREE(pdc_str); - return 0; -} - -static int net_lookup_master(int argc, const char **argv) -{ - struct in_addr master_ip; - const char *domain=opt_target_workgroup; - - if (argc > 0) - domain=argv[0]; - - if (!find_master_ip(domain, &master_ip)) - return -1; - d_printf("%s\n", inet_ntoa(master_ip)); - return 0; -} - -static int net_lookup_kdc(int argc, const char **argv) -{ -#ifdef HAVE_KRB5 - krb5_error_code rc; - krb5_context ctx; - struct sockaddr_in *addrs; - int num_kdcs,i; - krb5_data realm; - char **realms; - - rc = krb5_init_context(&ctx); - if (rc) { - DEBUG(1,("krb5_init_context failed (%s)\n", - error_message(rc))); - return -1; - } - - if (argc>0) { - realm.data = (krb5_pointer) argv[0]; - realm.length = strlen(argv[0]); - } else if (lp_realm() && *lp_realm()) { - realm.data = (krb5_pointer) lp_realm(); - realm.length = strlen(realm.data); - } else { - rc = krb5_get_host_realm(ctx, NULL, &realms); - if (rc) { - DEBUG(1,("krb5_gethost_realm failed (%s)\n", - error_message(rc))); - return -1; - } - realm.data = (krb5_pointer) *realms; - realm.length = strlen(realm.data); - } - - rc = krb5_locate_kdc(ctx, &realm, &addrs, &num_kdcs, 0); - if (rc) { - DEBUG(1, ("krb5_locate_kdc failed (%s)\n", error_message(rc))); - return -1; - } - for (i=0;i<num_kdcs;i++) - if (addrs[i].sin_family == AF_INET) - d_printf("%s:%hd\n", inet_ntoa(addrs[i].sin_addr), - ntohs(addrs[i].sin_port)); - return 0; - -#endif - DEBUG(1, ("No kerberos support\n")); - return -1; -} - - -/* lookup hosts or IP addresses using internal samba lookup fns */ -int net_lookup(int argc, const char **argv) -{ - struct functable func[] = { - {"HOST", net_lookup_host}, - {"LDAP", net_lookup_ldap}, - {"DC", net_lookup_dc}, - {"MASTER", net_lookup_master}, - {"KDC", net_lookup_kdc}, - {NULL, NULL} - }; - - return net_run_function(argc, argv, func, net_lookup_usage); -} diff --git a/source4/utils/net_rap.c b/source4/utils/net_rap.c deleted file mode 100644 index 77875d3733..0000000000 --- a/source4/utils/net_rap.c +++ /dev/null @@ -1,1051 +0,0 @@ -/* - Samba Unix/Linux SMB client library - Distributed SMB/CIFS Server Management Utility - Copyright (C) 2001 Steve French (sfrench@us.ibm.com) - Copyright (C) 2001 Jim McDonough (jmcd@us.ibm.com) - Copyright (C) 2001 Andrew Tridgell (tridge@samba.org) - Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org) - - Originally written by Steve and Jim. Largely rewritten by tridge in - November 2001. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -#include "includes.h" -#include "../utils/net.h" - -/* The following messages were for error checking that is not properly - reported at the moment. Which should be reinstated? */ -#define ERRMSG_TARGET_WG_NOT_VALID "\nTarget workgroup option not valid "\ - "except on net rap server command, ignored" -#define ERRMSG_INVALID_HELP_OPTION "\nInvalid help option\n" - -#define ERRMSG_BOTH_SERVER_IPADDRESS "\nTarget server and IP address both "\ - "specified. Do not set both at the same time. The target IP address was used\n" - -const char *share_type[] = { - "Disk", - "Print", - "Dev", - "IPC" -}; - -static int errmsg_not_implemented(void) -{ - d_printf("\nNot implemented\n"); - return 0; -} - -int net_rap_file_usage(int argc, const char **argv) -{ - return net_help_file(argc, argv); -} - -/*************************************************************************** - list info on an open file -***************************************************************************/ -static void file_fn(const char * pPath, const char * pUser, uint16_t perms, - uint16_t locks, uint32_t id) -{ - d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n", - id, pUser, perms, locks, pPath); -} - -static void one_file_fn(const char *pPath, const char *pUser, uint16_t perms, - uint16_t locks, uint32_t id) -{ - d_printf("File ID %d\n"\ - "User name %s\n"\ - "Locks 0x%-4.2x\n"\ - "Path %s\n"\ - "Permissions 0x%x\n", - id, pUser, locks, pPath, perms); -} - - -static int rap_file_close(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - if (argc == 0) { - d_printf("\nMissing fileid of file to close\n\n"); - return net_rap_file_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetFileClose(cli, atoi(argv[0])); - smbcli_shutdown(cli); - return ret; -} - -static int rap_file_info(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - if (argc == 0) - return net_rap_file_usage(argc, argv); - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetFileGetInfo(cli, atoi(argv[0]), one_file_fn); - smbcli_shutdown(cli); - return ret; -} - -static int rap_file_user(int argc, const char **argv) -{ - if (argc == 0) - return net_rap_file_usage(argc, argv); - - d_printf("net rap file user not implemented yet\n"); - return -1; -} - -int net_rap_file(int argc, const char **argv) -{ - struct functable func[] = { - {"CLOSE", rap_file_close}, - {"USER", rap_file_user}, - {"INFO", rap_file_info}, - {NULL, NULL} - }; - - if (argc == 0) { - struct smbcli_state *cli; - int ret; - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - /* list open files */ - d_printf( - "\nEnumerating open files on remote server:\n\n"\ - "\nFileId Opened by Perms Locks Path \n"\ - "------ --------- ----- ----- ---- \n"); - ret = smbcli_NetFileEnum(cli, NULL, NULL, file_fn); - smbcli_shutdown(cli); - return ret; - } - - return net_run_function(argc, argv, func, net_rap_file_usage); -} - -int net_rap_share_usage(int argc, const char **argv) -{ - return net_help_share(argc, argv); -} - -static void long_share_fn(const char *share_name, uint32_t type, - const char *comment, void *state) -{ - d_printf("%-12.12s %-8.8s %-50.50s\n", - share_name, share_type[type], comment); -} - -static void share_fn(const char *share_name, uint32_t type, - const char *comment, void *state) -{ - d_printf("%-12.12s\n", share_name); -} - -static int rap_share_delete(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (argc == 0) { - d_printf("\n\nShare name not specified\n"); - return net_rap_share_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetShareDelete(cli, argv[0]); - smbcli_shutdown(cli); - return ret; -} - -static int rap_share_add(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - RAP_SHARE_INFO_2 sinfo; - char *p; - char *sharename; - - if (argc == 0) { - d_printf("\n\nShare name not specified\n"); - return net_rap_share_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - sharename = strdup(argv[0]); - p = strchr(sharename, '='); - *p = 0; - strlcpy(sinfo.share_name, sharename, sizeof(sinfo.share_name)); - sinfo.reserved1 = '\0'; - sinfo.share_type = 0; - sinfo.comment = smb_xstrdup(opt_comment); - sinfo.perms = 0; - sinfo.maximum_users = opt_maxusers; - sinfo.active_users = 0; - sinfo.path = p+1; - memset(sinfo.password, '\0', sizeof(sinfo.password)); - sinfo.reserved2 = '\0'; - - ret = smbcli_NetShareAdd(cli, &sinfo); - smbcli_shutdown(cli); - return ret; -} - - -int net_rap_share(int argc, const char **argv) -{ - struct functable func[] = { - {"DELETE", rap_share_delete}, - {"CLOSE", rap_share_delete}, - {"ADD", rap_share_add}, - {NULL, NULL} - }; - - if (argc == 0) { - struct smbcli_state *cli; - int ret; - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - if (opt_long_list_entries) { - d_printf( - "\nEnumerating shared resources (exports) on remote server:\n\n"\ - "\nShare name Type Description\n"\ - "---------- ---- -----------\n"); - ret = smbcli_RNetShareEnum(cli, long_share_fn, NULL); - } - ret = smbcli_RNetShareEnum(cli, share_fn, NULL); - smbcli_shutdown(cli); - return ret; - } - - return net_run_function(argc, argv, func, net_rap_share_usage); -} - - -int net_rap_session_usage(int argc, const char **argv) -{ - d_printf( - "\nnet rap session [misc. options] [targets]"\ - "\n\tenumerates all active SMB/CIFS sessions on target server\n"); - d_printf( - "\nnet rap session DELETE <client_name> [misc. options] [targets] \n"\ - "\tor"\ - "\nnet rap session CLOSE <client_name> [misc. options] [targets]"\ - "\n\tDeletes (closes) a session from specified client to server\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - -static void list_sessions_func(char *wsname, char *username, uint16_t conns, - uint16_t opens, uint16_t users, uint32_t sess_time, - uint32_t idle_time, uint32_t user_flags, char *clitype) -{ - int hrs = idle_time / 3600; - int min = (idle_time / 60) % 60; - int sec = idle_time % 60; - - d_printf("\\\\%-18.18s %-20.20s %-18.18s %5d %2.2d:%2.2d:%2.2d\n", - wsname, username, clitype, opens, hrs, min, sec); -} - -static void display_session_func(const char *wsname, const char *username, - uint16_t conns, uint16_t opens, uint16_t users, - uint32_t sess_time, uint32_t idle_time, - uint32_t user_flags, const char *clitype) -{ - int ihrs = idle_time / 3600; - int imin = (idle_time / 60) % 60; - int isec = idle_time % 60; - int shrs = sess_time / 3600; - int smin = (sess_time / 60) % 60; - int ssec = sess_time % 60; - d_printf("User name %-20.20s\n"\ - "Computer %-20.20s\n"\ - "Guest logon %-20.20s\n"\ - "Client Type %-40.40s\n"\ - "Sess time %2.2d:%2.2d:%2.2d\n"\ - "Idle time %2.2d:%2.2d:%2.2d\n", - username, wsname, - (user_flags&0x0)?"yes":"no", clitype, - shrs, smin, ssec, ihrs, imin, isec); -} - -static void display_conns_func(uint16_t conn_id, uint16_t conn_type, uint16_t opens, - uint16_t users, uint32_t conn_time, - const char *username, const char *netname) -{ - d_printf("%-14.14s %-8.8s %5d\n", - netname, share_type[conn_type], opens); -} - -static int rap_session_info(int argc, const char **argv) -{ - const char *sessname; - struct smbcli_state *cli; - int ret; - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - if (argc == 0) - return net_rap_session_usage(argc, argv); - - sessname = argv[0]; - - ret = smbcli_NetSessionGetInfo(cli, sessname, display_session_func); - if (ret < 0) { - smbcli_shutdown(cli); - return ret; - } - - d_printf("Share name Type # Opens\n-------------------------"\ - "-----------------------------------------------------\n"); - ret = smbcli_NetConnectionEnum(cli, sessname, display_conns_func); - smbcli_shutdown(cli); - return ret; -} - -static int rap_session_delete(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - if (argc == 0) - return net_rap_session_usage(argc, argv); - - ret = smbcli_NetSessionDel(cli, argv[0]); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_session(int argc, const char **argv) -{ - struct functable func[] = { - {"INFO", rap_session_info}, - {"DELETE", rap_session_delete}, - {"CLOSE", rap_session_delete}, - {NULL, NULL} - }; - - if (argc == 0) { - struct smbcli_state *cli; - int ret; - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - d_printf("Computer User name "\ - "Client Type Opens Idle time\n"\ - "------------------------------------------"\ - "------------------------------------\n"); - ret = smbcli_NetSessionEnum(cli, list_sessions_func); - - smbcli_shutdown(cli); - return ret; - } - - return net_run_function(argc, argv, func, net_rap_session_usage); -} - -/**************************************************************************** -list a server name -****************************************************************************/ -static void display_server_func(const char *name, uint32_t m, - const char *comment, void * reserved) -{ - d_printf("\t%-16.16s %s\n", name, comment); -} - - -int net_rap_server_usage(int argc, const char **argv) -{ - d_printf("net rap server [misc. options] [target]\n\t"\ - "lists the servers in the specified domain or workgroup.\n"); - d_printf("\n\tIf domain is not specified, it uses the current"\ - " domain or workgroup as\n\tthe default.\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - -int net_rap_server(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - d_printf("\nEnumerating servers in this domain or workgroup: \n\n"\ - "\tServer name Server description\n"\ - "\t------------- ----------------------------\n"); - - ret = smbcli_NetServerEnum(cli, cli->server_domain, SV_TYPE_ALL, - display_server_func,NULL); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_domain_usage(int argc, const char **argv) -{ - d_printf("net rap domain [misc. options] [target]\n\tlists the"\ - " domains or workgroups visible on the current network\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - - -int net_rap_domain(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - d_printf("\nEnumerating domains:\n\n"\ - "\tDomain name Server name of Browse Master\n"\ - "\t------------- ----------------------------\n"); - - ret = smbcli_NetServerEnum(cli, cli->server_domain, SV_TYPE_DOMAIN_ENUM, - display_server_func,NULL); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_printq_usage(int argc, const char **argv) -{ - d_printf( - "net rap printq [misc. options] [targets]\n"\ - "\tor\n"\ - "net rap printq list [<queue_name>] [misc. options] [targets]\n"\ - "\tlists the specified queue and jobs on the target server.\n"\ - "\tIf the queue name is not specified, all queues are listed.\n\n"); - d_printf( - "net rap printq delete [<queue name>] [misc. options] [targets]\n"\ - "\tdeletes the specified job number on the target server, or the\n"\ - "\tprinter queue if no job number is specified\n"); - - net_common_flags_usage(argc, argv); - d_printf("\t-j or --jobid=<job id>\t\tjob id\n"); - - return -1; -} - -static void enum_queue(const char *queuename, uint16_t pri, uint16_t start, - uint16_t until, const char *sep, const char *pproc, - const char *dest, const char *qparms, - const char *qcomment, uint16_t status, uint16_t jobcount) -{ - d_printf("%-17.17s Queue %5d jobs ", - queuename, jobcount); - - switch (status) { - case 0: - d_printf("*Printer Active*\n"); - break; - case 1: - d_printf("*Printer Paused*\n"); - break; - case 2: - d_printf("*Printer error*\n"); - break; - case 3: - d_printf("*Delete Pending*\n"); - break; - default: - d_printf("**UNKNOWN STATUS**\n"); - } -} - -static void enum_jobs(uint16_t jobid, const char *ownername, - const char *notifyname, const char *datatype, - const char *jparms, uint16_t pos, uint16_t status, - const char *jstatus, uint_t submitted, uint_t jobsize, - const char *comment) -{ - d_printf(" %-23.23s %5d %9d ", - ownername, jobid, jobsize); - switch (status) { - case 0: - d_printf("Waiting\n"); - break; - case 1: - d_printf("Held in queue\n"); - break; - case 2: - d_printf("Spooling\n"); - break; - case 3: - d_printf("Printing\n"); - break; - default: - d_printf("**UNKNOWN STATUS**\n"); - } -} - -#define PRINTQ_ENUM_DISPLAY \ - "Print queues at \\\\%s\n\n"\ - "Name Job # Size Status\n\n"\ - "------------------------------------------------------------------"\ - "-------------\n" - -static int rap_printq_info(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (argc == 0) - return net_rap_printq_usage(argc, argv); - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - d_printf(PRINTQ_ENUM_DISPLAY, cli->desthost); /* list header */ - ret = smbcli_NetPrintQGetInfo(cli, argv[0], enum_queue, enum_jobs); - smbcli_shutdown(cli); - return ret; -} - -static int rap_printq_delete(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (argc == 0) - return net_rap_printq_usage(argc, argv); - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_printjob_del(cli, atoi(argv[0])); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_printq(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - struct functable func[] = { - {"INFO", rap_printq_info}, - {"DELETE", rap_printq_delete}, - {NULL, NULL} - }; - - if (argc == 0) { - if (!(cli = net_make_ipc_connection(0))) - return -1; - - d_printf(PRINTQ_ENUM_DISPLAY, cli->desthost); /* list header */ - ret = smbcli_NetPrintQEnum(cli, enum_queue, enum_jobs); - smbcli_shutdown(cli); - return ret; - } - - return net_run_function(argc, argv, func, net_rap_printq_usage); -} - - -static int net_rap_user_usage(int argc, const char **argv) -{ - return net_help_user(argc, argv); -} - -static void user_fn(const char *user_name, const char *comment, - const char * home_dir, const char * logon_script, - void *state) -{ - d_printf("%-21.21s\n", user_name); -} - -static void long_user_fn(const char *user_name, const char *comment, - const char * home_dir, const char * logon_script, - void *state) -{ - d_printf("%-21.21s %-50.50s\n", - user_name, comment); -} - -static void group_member_fn(const char *user_name, void *state) -{ - d_printf("%-21.21s\n", user_name); -} - -static int rap_user_delete(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (argc == 0) { - d_printf("\n\nUser name not specified\n"); - return net_rap_user_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetUserDelete(cli, argv[0]); - smbcli_shutdown(cli); - return ret; -} - -static int rap_user_add(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - RAP_USER_INFO_1 userinfo; - - if (argc == 0) { - d_printf("\n\nUser name not specified\n"); - return net_rap_user_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - safe_strcpy(userinfo.user_name, argv[0], sizeof(userinfo.user_name)); - if (opt_flags == -1) - opt_flags = 0x21; - - userinfo.userflags = opt_flags; - userinfo.reserved1 = '\0'; - userinfo.comment = smb_xstrdup(opt_comment); - userinfo.priv = 1; - userinfo.home_dir = NULL; - userinfo.logon_script = NULL; - - ret = smbcli_NetUserAdd(cli, &userinfo); - - smbcli_shutdown(cli); - return ret; -} - -static int rap_user_info(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - if (argc == 0) { - d_printf("\n\nUser name not specified\n"); - return net_rap_user_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetUserGetGroups(cli, argv[0], group_member_fn, NULL); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_user(int argc, const char **argv) -{ - int ret = -1; - struct functable func[] = { - {"ADD", rap_user_add}, - {"INFO", rap_user_info}, - {"DELETE", rap_user_delete}, - {NULL, NULL} - }; - - if (argc == 0) { - struct smbcli_state *cli; - if (!(cli = net_make_ipc_connection(0))) - goto done; - if (opt_long_list_entries) { - d_printf("\nUser name Comment"\ - "\n-----------------------------\n"); - ret = smbcli_RNetUserEnum(cli, long_user_fn, NULL); - smbcli_shutdown(cli); - goto done; - } - ret = smbcli_RNetUserEnum(cli, user_fn, NULL); - smbcli_shutdown(cli); - goto done; - } - - ret = net_run_function(argc, argv, func, net_rap_user_usage); - done: - if (ret != 0) { - DEBUG(1, ("Net user returned: %d\n", ret)); - } - return ret; -} - - -int net_rap_group_usage(int argc, const char **argv) -{ - return net_help_group(argc, argv); -} - -static void long_group_fn(const char *group_name, const char *comment, - void *state) -{ - d_printf("%-21.21s %-50.50s\n", group_name, comment); -} - -static void group_fn(const char *group_name, const char *comment, void *state) -{ - d_printf("%-21.21s\n", group_name); -} - -static int rap_group_delete(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - if (argc == 0) { - d_printf("\n\nGroup name not specified\n"); - return net_rap_group_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetGroupDelete(cli, argv[0]); - smbcli_shutdown(cli); - return ret; -} - -static int rap_group_add(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - RAP_GROUP_INFO_1 grinfo; - - if (argc == 0) { - d_printf("\n\nGroup name not specified\n"); - return net_rap_group_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - /* BB check for length 21 or smaller explicitly ? BB */ - safe_strcpy(grinfo.group_name, argv[0], sizeof(grinfo.group_name)); - grinfo.reserved1 = '\0'; - grinfo.comment = smb_xstrdup(opt_comment); - - ret = smbcli_NetGroupAdd(cli, &grinfo); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_group(int argc, const char **argv) -{ - struct functable func[] = { - {"ADD", rap_group_add}, - {"DELETE", rap_group_delete}, - {NULL, NULL} - }; - - if (argc == 0) { - struct smbcli_state *cli; - int ret; - if (!(cli = net_make_ipc_connection(0))) - return -1; - if (opt_long_list_entries) { - d_printf("Group name Comment\n"); - d_printf("-----------------------------\n"); - ret = smbcli_RNetGroupEnum(cli, long_group_fn, NULL); - smbcli_shutdown(cli); - return ret; - } - ret = smbcli_RNetGroupEnum(cli, group_fn, NULL); - smbcli_shutdown(cli); - return ret; - } - - return net_run_function(argc, argv, func, net_rap_group_usage); -} - -int net_rap_groupmember_usage(int argc, const char **argv) -{ - d_printf( - "net rap groupmember LIST <group> [misc. options] [targets]"\ - "\n\t Enumerate users in a group\n"\ - "\nnet rap groupmember DELETE <group> <user> [misc. options] "\ - "[targets]\n\t Delete sepcified user from specified group\n"\ - "\nnet rap groupmember ADD <group> <user> [misc. options] [targets]"\ - "\n\t Add specified user to specified group\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - - -static int rap_groupmember_add(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - if (argc != 2) { - d_printf("\n\nGroup or user name not specified\n"); - return net_rap_groupmember_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetGroupAddUser(cli, argv[0], argv[1]); - smbcli_shutdown(cli); - return ret; -} - -static int rap_groupmember_delete(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - if (argc != 2) { - d_printf("\n\nGroup or user name not specified\n"); - return net_rap_groupmember_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetGroupDelUser(cli, argv[0], argv[1]); - smbcli_shutdown(cli); - return ret; -} - -static int rap_groupmember_list(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - if (argc == 0) { - d_printf("\n\nGroup name not specified\n"); - return net_rap_groupmember_usage(argc, argv); - } - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - ret = smbcli_NetGroupGetUsers(cli, argv[0], group_member_fn, NULL ); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_groupmember(int argc, const char **argv) -{ - struct functable func[] = { - {"ADD", rap_groupmember_add}, - {"LIST", rap_groupmember_list}, - {"DELETE", rap_groupmember_delete}, - {NULL, NULL} - }; - - return net_run_function(argc, argv, func, net_rap_groupmember_usage); -} - -int net_rap_validate_usage(int argc, const char **argv) -{ - d_printf("net rap validate <username> [password]\n"\ - "\tValidate user and password to check whether they"\ - " can access target server or domain\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - -int net_rap_validate(int argc, const char **argv) -{ - return errmsg_not_implemented(); -} - -int net_rap_service_usage(int argc, const char **argv) -{ - d_printf("net rap service [misc. options] [targets] \n"\ - "\tlists all running service daemons on target server\n"); - d_printf("\nnet rap service START <name> [service startup arguments]"\ - " [misc. options] [targets]"\ - "\n\tStart named service on remote server\n"); - d_printf("\nnet rap service STOP <name> [misc. options] [targets]\n"\ - "\n\tStop named service on remote server\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - -static int rap_service_start(int argc, const char **argv) -{ - return errmsg_not_implemented(); -} - -static int rap_service_stop(int argc, const char **argv) -{ - return errmsg_not_implemented(); -} - -int net_rap_service(int argc, const char **argv) -{ - struct functable func[] = { - {"START", rap_service_start}, - {"STOP", rap_service_stop}, - {NULL, NULL} - }; - - if (argc == 0) { - struct smbcli_state *cli; - int ret; - if (!(cli = net_make_ipc_connection(0))) - return -1; - - if (opt_long_list_entries) { - d_printf("Service name Comment\n"); - d_printf("-----------------------------\n"); - ret = smbcli_RNetServiceEnum(cli, long_group_fn, NULL); - } - ret = smbcli_RNetServiceEnum(cli, group_fn, NULL); - smbcli_shutdown(cli); - return ret; - } - - return net_run_function(argc, argv, func, net_rap_service_usage); -} - -int net_rap_password_usage(int argc, const char **argv) -{ - d_printf( - "net rap password <user> <oldpwo> <newpw> [misc. options] [target]\n"\ - "\tchanges the password for the specified user at target\n"); - - return -1; -} - - -int net_rap_password(int argc, const char **argv) -{ - struct smbcli_state *cli; - int ret; - - if (argc < 3) - return net_rap_password_usage(argc, argv); - - if (!(cli = net_make_ipc_connection(0))) - return -1; - - /* BB Add check for password lengths? */ - ret = smbcli_oem_change_password(cli, argv[0], argv[2], argv[1]); - smbcli_shutdown(cli); - return ret; -} - -int net_rap_admin_usage(int argc, const char **argv) -{ - d_printf( - "net rap admin <remote command> [cmd args [env]] [misc. options] [targets]"\ - "\n\texecutes a remote command on an os/2 target server\n"); - - return -1; -} - - -int net_rap_admin(int argc, const char **argv) -{ - return errmsg_not_implemented(); -} - -/* The help subsystem for the RAP subcommand */ - -int net_rap_usage(int argc, const char **argv) -{ - d_printf(" net rap domain \tto list domains \n"\ - " net rap file \t\tto list open files on a server \n"\ - " net rap group \tto list user groups \n"\ - " net rap groupmember \tto list users in a group \n"\ - " net rap password \tto change the password of a user\n"\ - " net rap printq \tto list the print queues on a server\n"\ - " net rap server \tto list servers in a domain\n"\ - " net rap session \tto list clients with open sessions to a server\n"\ - " net rap share \tto list shares exported by a server\n"\ - " net rap user \t\tto list users\n"\ - " net rap validate \tto check whether a user and the corresponding password are valid\n"\ - " net rap help\n"\ - "\nType \"net help <option>\" to get more information on that option\n\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - -/* - handle "net rap help *" subcommands -*/ -int net_rap_help(int argc, const char **argv) -{ - struct functable func[] = { - {"FILE", net_rap_file_usage}, - {"SHARE", net_rap_share_usage}, - {"SESSION", net_rap_session_usage}, - {"SERVER", net_rap_server_usage}, - {"DOMAIN", net_rap_domain_usage}, - {"PRINTQ", net_rap_printq_usage}, - {"USER", net_rap_user_usage}, - {"GROUP", net_rap_group_usage}, - {"VALIDATE", net_rap_validate_usage}, - {"GROUPMEMBER", net_rap_groupmember_usage}, - {"ADMIN", net_rap_admin_usage}, - {"SERVICE", net_rap_service_usage}, - {"PASSWORD", net_rap_password_usage}, - {NULL, NULL}}; - - return net_run_function(argc, argv, func, net_rap_usage); -} - -/* Entry-point for all the RAP functions. */ - -int net_rap(int argc, const char **argv) -{ - struct functable func[] = { - {"FILE", net_rap_file}, - {"SHARE", net_rap_share}, - {"SESSION", net_rap_session}, - {"SERVER", net_rap_server}, - {"DOMAIN", net_rap_domain}, - {"PRINTQ", net_rap_printq}, - {"USER", net_rap_user}, - {"GROUP", net_rap_group}, - {"VALIDATE", net_rap_validate}, - {"GROUPMEMBER", net_rap_groupmember}, - {"ADMIN", net_rap_admin}, - {"SERVICE", net_rap_service}, - {"PASSWORD", net_rap_password}, - {"HELP", net_rap_help}, - {NULL, NULL} - }; - - return net_run_function(argc, argv, func, net_rap_usage); -} - diff --git a/source4/utils/net_rpc.c b/source4/utils/net_rpc.c deleted file mode 100644 index 2d1120e882..0000000000 --- a/source4/utils/net_rpc.c +++ /dev/null @@ -1,2262 +0,0 @@ -/* - Samba Unix/Linux SMB client library - Distributed SMB/CIFS Server Management Utility - Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org) - Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -#include "includes.h" -#include "../utils/net.h" - -/** - * @file net_rpc.c - * - * @brief RPC based subcommands for the 'net' utility. - * - * This file should contain much of the functionality that used to - * be found in rpcclient, execpt that the commands should change - * less often, and the fucntionality should be sane (the user is not - * expected to know a rid/sid before they conduct an operation etc.) - * - * @todo Perhaps eventually these should be split out into a number - * of files, as this could get quite big. - **/ - - -/* A function of this type is passed to the 'run_rpc_command' wrapper */ -typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, struct smbcli_state *, TALLOC_CTX *, int, const char **); - -/** - * Many of the RPC functions need the domain sid. This function gets - * it at the start of every run - * - * @param cli A smbcli_state already connected to the remote machine - * - * @return The Domain SID of the remote machine. - **/ - -static DOM_SID *net_get_remote_domain_sid(struct smbcli_state *cli) -{ - DOM_SID *domain_sid; - POLICY_HND pol; - NTSTATUS result = NT_STATUS_OK; - uint32_t info_class = 5; - fstring domain_name; - TALLOC_CTX *mem_ctx; - - if (!(domain_sid = malloc(sizeof(DOM_SID)))){ - DEBUG(0,("net_get_remote_domain_sid: malloc returned NULL!\n")); - goto error; - } - - if (!(mem_ctx=talloc_init("net_get_remote_domain_sid"))) - { - DEBUG(0,("net_get_remote_domain_sid: talloc_init returned NULL!\n")); - goto error; - } - - - if (!smbcli_nt_session_open (cli, PI_LSARPC)) { - fprintf(stderr, "could not initialise lsa pipe\n"); - goto error; - } - - result = smbcli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &pol); - if (!NT_STATUS_IS_OK(result)) { - goto error; - } - - result = smbcli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class, - domain_name, domain_sid); - if (!NT_STATUS_IS_OK(result)) { - goto error; - } - - smbcli_lsa_close(cli, mem_ctx, &pol); - smbcli_nt_session_close(cli); - talloc_destroy(mem_ctx); - - return domain_sid; - - error: - fprintf(stderr, "could not obtain sid for domain %s\n", cli->domain); - - if (!NT_STATUS_IS_OK(result)) { - fprintf(stderr, "error: %s\n", nt_errstr(result)); - } - - exit(1); -} - -/** - * Run a single RPC command, from start to finish. - * - * @param pipe_name the pipe to connect to (usually a PIPE_ constant) - * @param conn_flag a NET_FLAG_ combination. Passed to - * net_make_ipc_connection. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * @return A shell status integer (0 for success) - */ - -static int run_rpc_command(struct smbcli_state *smbcli_arg, const int pipe_idx, int conn_flags, - rpc_command_fn fn, - int argc, const char **argv) -{ - struct smbcli_state *cli = NULL; - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - DOM_SID *domain_sid; - - /* make use of smbcli_state handed over as an argument, if possible */ - if (!smbcli_arg) - cli = net_make_ipc_connection(conn_flags); - else - cli = smbcli_arg; - - if (!cli) { - return -1; - } - - domain_sid = net_get_remote_domain_sid(cli); - - /* Create mem_ctx */ - - if (!(mem_ctx = talloc_init("run_rpc_command"))) { - DEBUG(0, ("talloc_init() failed\n")); - smbcli_shutdown(cli); - return -1; - } - - if (!smbcli_nt_session_open(cli, pipe_idx)) { - DEBUG(0, ("Could not initialise pipe\n")); - } - - nt_status = fn(domain_sid, cli, mem_ctx, argc, argv); - - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status))); - } else { - DEBUG(5, ("rpc command function succedded\n")); - } - - - if (cli->nt_pipe_fnum) - smbcli_nt_session_close(cli); - - /* close the connection only if it was opened here */ - if (!smbcli_arg) - smbcli_shutdown(cli); - - talloc_destroy(mem_ctx); - - return (!NT_STATUS_IS_OK(nt_status)); -} - - -/****************************************************************************/ - - -/** - * Force a change of the trust acccount password. - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid aquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on compleation of the function. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { - - return trust_pw_find_change_and_store_it(cli, mem_ctx, opt_target_workgroup); -} - -/** - * Force a change of the trust acccount password. - * - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ - -static int rpc_changetrustpw(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_changetrustpw_internals, - argc, argv); -} - - -/****************************************************************************/ - - -/** - * Join a domain, the old way. - * - * This uses 'machinename' as the inital password, and changes it. - * - * The password should be created with 'server manager' or eqiv first. - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid aquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on compleation of the function. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { - - fstring trust_passwd; - uint8_t orig_trust_passwd_hash[16]; - NTSTATUS result; - - fstrcpy(trust_passwd, lp_netbios_name()); - strlower(trust_passwd); - - /* - * Machine names can be 15 characters, but the max length on - * a password is 14. --jerry - */ - - trust_passwd[14] = '\0'; - - E_md4hash(trust_passwd, orig_trust_passwd_hash); - - result = trust_pw_change_and_store_it(cli, mem_ctx, orig_trust_passwd_hash); - - if (NT_STATUS_IS_OK(result)) - printf("Joined domain %s.\n",lp_workgroup()); - - return result; -} - -/** - * Join a domain, the old way. - * - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ - -static int net_rpc_join_oldstyle(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_join_oldstyle_internals, - argc, argv); -} - -/** - * Basic usage function for 'net rpc join' - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - **/ - -static int rpc_join_usage(int argc, const char **argv) -{ - d_printf("net rpc join -U <username>[%%password] [options]\n"\ - "\t to join a domain with admin username & password\n"\ - "\t\t password will be prompted if none is specified\n"); - d_printf("net rpc join [options except -U]\n"\ - "\t to join a domain created in server manager\n\n\n"); - - net_common_flags_usage(argc, argv); - return -1; -} - -/** - * 'net rpc join' entrypoint. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * Main 'net_rpc_join()' (where the admain username/password is used) is - * in net_rpc_join.c - * Assume if a -U is specified, it's the new style, otherwise it's the - * old style. If 'oldstyle' is specfied explicity, do it and don't prompt. - **/ - -int net_rpc_join(int argc, const char **argv) -{ - struct functable func[] = { - {"oldstyle", net_rpc_join_oldstyle}, - {NULL, NULL} - }; - - if (argc == 0) { - if ((net_rpc_join_oldstyle(argc, argv) == 0)) - return 0; - - return net_rpc_join_newstyle(argc, argv); - } - - return net_run_function(argc, argv, func, rpc_join_usage); -} - - - -/** - * display info about a rpc domain - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS -rpc_info_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - POLICY_HND connect_pol, domain_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - SAM_UNK_CTR ctr; - fstring sid_str; - - sid_to_string(sid_str, domain_sid); - - /* Get sam policy handle */ - result = smbcli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get domain policy handle */ - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - ZERO_STRUCT(ctr); - result = smbcli_samr_query_dom_info(cli, mem_ctx, &domain_pol, - 2, &ctr); - if (NT_STATUS_IS_OK(result)) { - TALLOC_CTX *ctx = talloc_init("rpc_info_internals"); - d_printf("Domain Name: %s\n", unistr2_tdup(ctx, &ctr.info.inf2.uni_domain)); - d_printf("Domain SID: %s\n", sid_str); - d_printf("Sequence number: %u\n", ctr.info.inf2.seq_num); - d_printf("Num users: %u\n", ctr.info.inf2.num_domain_usrs); - d_printf("Num domain groups: %u\n", ctr.info.inf2.num_domain_grps); - d_printf("Num local groups: %u\n", ctr.info.inf2.num_local_grps); - talloc_destroy(ctx); - } - - done: - return result; -} - - -/** - * 'net rpc info' entrypoint. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - **/ -int net_rpc_info(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, - rpc_info_internals, - argc, argv); -} - - -/** - * Fetch domain SID into the local secrets.tdb - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS -rpc_getsid_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - fstring sid_str; - - sid_to_string(sid_str, domain_sid); - d_printf("Storing SID %s for Domain %s in secrets.tdb\n", - sid_str, lp_workgroup()); - - if (!secrets_store_domain_sid(lp_netbios_name(), domain_sid)) { - DEBUG(0,("Can't store domain SID\n")); - return NT_STATUS_UNSUCCESSFUL; - } - - return NT_STATUS_OK; -} - - -/** - * 'net rpc getsid' entrypoint. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - **/ -int net_rpc_getsid(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, - rpc_getsid_internals, - argc, argv); -} - - -/****************************************************************************/ - -/** - * Basic usage function for 'net rpc user' - * @param argc Standard main() style argc. - * @param argv Standard main() style argv. Initial components are already - * stripped. - **/ - -static int rpc_user_usage(int argc, const char **argv) -{ - return net_help_user(argc, argv); -} - -/** - * Add a new user to a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { - - POLICY_HND connect_pol, domain_pol, user_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *acct_name; - uint16_t acb_info; - uint32_t unknown, user_rid; - - if (argc != 1) { - d_printf("User must be specified\n"); - rpc_user_usage(argc, argv); - return NT_STATUS_OK; - } - - acct_name = argv[0]; - - /* Get sam policy handle */ - - result = smbcli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get domain policy handle */ - - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Create domain user */ - - acb_info = ACB_NORMAL; - unknown = 0xe005000b; /* No idea what this is - a permission mask? */ - - result = smbcli_samr_create_dom_user(cli, mem_ctx, &domain_pol, - acct_name, acb_info, unknown, - &user_pol, &user_rid); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - done: - if (!NT_STATUS_IS_OK(result)) { - d_printf("Failed to add user %s - %s\n", acct_name, - nt_errstr(result)); - } else { - d_printf("Added user %s\n", acct_name); - } - return result; -} - -/** - * Add a new user to a remote RPC server - * - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ - -static int rpc_user_add(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_add_internals, - argc, argv); -} - -/** - * Delete a user from a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, - struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, - int argc, const char **argv) -{ - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - POLICY_HND connect_pol, domain_pol, user_pol; - - if (argc < 1) { - d_printf("User must be specified\n"); - rpc_user_usage(argc, argv); - return NT_STATUS_OK; - } - /* Get sam policy and domain handles */ - - result = smbcli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get handle on user */ - - { - uint32_t *user_rids, num_rids, *name_types; - uint32_t flags = 0x000003e8; /* Unknown */ - - result = smbcli_samr_lookup_names(cli, mem_ctx, &domain_pol, - flags, 1, &argv[0], - &num_rids, &user_rids, - &name_types); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - result = smbcli_samr_open_user(cli, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - user_rids[0], &user_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - } - - /* Delete user */ - - result = smbcli_samr_delete_dom_user(cli, mem_ctx, &user_pol); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Display results */ - - done: - return result; - -} - -/** - * Delete a user from a remote RPC server - * - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ - -static int rpc_user_delete(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_del_internals, - argc, argv); -} - -/** - * List user's groups on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS -rpc_user_info_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - POLICY_HND connect_pol, domain_pol, user_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32_t *rids, num_rids, *name_types, num_names; - uint32_t flags = 0x000003e8; /* Unknown */ - int i; - char **names; - DOM_GID *user_gids; - - if (argc < 1) { - d_printf("User must be specified\n"); - rpc_user_usage(argc, argv); - return NT_STATUS_OK; - } - /* Get sam policy handle */ - - result = smbcli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) goto done; - - /* Get domain policy handle */ - - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - if (!NT_STATUS_IS_OK(result)) goto done; - - /* Get handle on user */ - - result = smbcli_samr_lookup_names(cli, mem_ctx, &domain_pol, - flags, 1, &argv[0], - &num_rids, &rids, &name_types); - - if (!NT_STATUS_IS_OK(result)) goto done; - - result = smbcli_samr_open_user(cli, mem_ctx, &domain_pol, - MAXIMUM_ALLOWED_ACCESS, - rids[0], &user_pol); - if (!NT_STATUS_IS_OK(result)) goto done; - - result = smbcli_samr_query_usergroups(cli, mem_ctx, &user_pol, - &num_rids, &user_gids); - - /* Look up rids */ - - rids = (uint32_t *)talloc(mem_ctx, sizeof(uint32_t) * num_rids); - - for (i = 0; i < num_rids; i++) - rids[i] = user_gids[i].g_rid; - - result = smbcli_samr_lookup_rids(cli, mem_ctx, &domain_pol, - flags, num_rids, rids, - &num_names, &names, &name_types); - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Display results */ - - for (i = 0; i < num_names; i++) - printf("%s\n", names[i]); - - done: - return result; -} - -/** - * List a user's groups from a remote RPC server - * - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ - -static int rpc_user_info(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_info_internals, - argc, argv); -} - -/** - * List users on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS -rpc_user_list_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - POLICY_HND connect_pol, domain_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32_t start_idx=0, num_entries, i, loop_count = 0; - SAM_DISPINFO_CTR ctr; - SAM_DISPINFO_1 info1; - - /* Get sam policy handle */ - - result = smbcli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get domain policy handle */ - - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Query domain users */ - ZERO_STRUCT(ctr); - ZERO_STRUCT(info1); - ctr.sam.info1 = &info1; - if (opt_long_list_entries) - d_printf("\nUser name Comment"\ - "\n-----------------------------\n"); - do { - fstring user, desc; - uint32_t max_entries, max_size; - - get_query_dispinfo_params( - loop_count, &max_entries, &max_size); - - result = smbcli_samr_query_dispinfo(cli, mem_ctx, &domain_pol, - &start_idx, 1, &num_entries, - max_entries, max_size, &ctr); - loop_count++; - - for (i = 0; i < num_entries; i++) { - unistr2_to_ascii(user, &(&ctr.sam.info1->str[i])->uni_acct_name, sizeof(user)-1); - if (opt_long_list_entries) - unistr2_to_ascii(desc, &(&ctr.sam.info1->str[i])->uni_acct_desc, sizeof(desc)-1); - - if (opt_long_list_entries) - printf("%-21.21s %-50.50s\n", user, desc); - else - printf("%s\n", user); - } - } while (!NT_STATUS_IS_OK(result)); - - done: - return result; -} - -/** - * 'net rpc user' entrypoint. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - **/ - -int net_rpc_user(int argc, const char **argv) -{ - struct functable func[] = { - {"add", rpc_user_add}, - {"info", rpc_user_info}, - {"delete", rpc_user_delete}, - {NULL, NULL} - }; - - if (argc == 0) { - if (opt_long_list_entries) { - } else { - } - return run_rpc_command(NULL,PI_SAMR, 0, - rpc_user_list_internals, - argc, argv); - } - - return net_run_function(argc, argv, func, rpc_user_usage); -} - - -/****************************************************************************/ - -/** - * Basic usage function for 'net rpc group' - * @param argc Standard main() style argc. - * @param argv Standard main() style argv. Initial components are already - * stripped. - **/ - -static int rpc_group_usage(int argc, const char **argv) -{ - return net_help_group(argc, argv); -} - -/** - * List groups on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS -rpc_group_list_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - POLICY_HND connect_pol, domain_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - uint32_t start_idx=0, max_entries=250, num_entries, i; - struct acct_info *groups; - DOM_SID global_sid_Builtin; - - string_to_sid(&global_sid_Builtin, "S-1-5-32"); - - /* Get sam policy handle */ - - result = smbcli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get domain policy handle */ - - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Query domain groups */ - if (opt_long_list_entries) - d_printf("\nGroup name Comment"\ - "\n-----------------------------\n"); - do { - result = smbcli_samr_enum_dom_groups(cli, mem_ctx, &domain_pol, - &start_idx, max_entries, - &groups, &num_entries); - - for (i = 0; i < num_entries; i++) { - if (opt_long_list_entries) - printf("%-21.21s %-50.50s\n", - groups[i].acct_name, - groups[i].acct_desc); - else - printf("%-21.21s\n", groups[i].acct_name); - } - } while (!NT_STATUS_IS_OK(result)); - /* query domain aliases */ - do { - result = smbcli_samr_enum_als_groups(cli, mem_ctx, &domain_pol, - &start_idx, max_entries, - &groups, &num_entries); - - for (i = 0; i < num_entries; i++) { - if (opt_long_list_entries) - printf("%-21.21s %-50.50s\n", - groups[i].acct_name, - groups[i].acct_desc); - else - printf("%-21.21s\n", groups[i].acct_name); - } - } while (!NT_STATUS_IS_OK(result)); - smbcli_samr_close(cli, mem_ctx, &domain_pol); - /* Get builtin policy handle */ - - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - &global_sid_Builtin, &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - /* query builtin aliases */ - do { - result = smbcli_samr_enum_als_groups(cli, mem_ctx, &domain_pol, - &start_idx, max_entries, - &groups, &num_entries); - - for (i = 0; i < num_entries; i++) { - if (opt_long_list_entries) - printf("%-21.21s %-50.50s\n", - groups[i].acct_name, - groups[i].acct_desc); - else - printf("%s\n", groups[i].acct_name); - } - } while (!NT_STATUS_IS_OK(result)); - - done: - return result; -} - -/** - * 'net rpc group' entrypoint. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - **/ - -int net_rpc_group(int argc, const char **argv) -{ - struct functable func[] = { -#if 0 - {"add", rpc_group_add}, - {"delete", rpc_group_delete}, -#endif - {NULL, NULL} - }; - - if (argc == 0) { - if (opt_long_list_entries) { - } else { - } - return run_rpc_command(NULL, PI_SAMR, 0, - rpc_group_list_internals, - argc, argv); - } - - return net_run_function(argc, argv, func, rpc_group_usage); -} - -/****************************************************************************/ - -static int rpc_share_usage(int argc, const char **argv) -{ - return net_help_share(argc, argv); -} - -/** - * Add a share on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ -static NTSTATUS -rpc_share_add_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx,int argc, const char **argv) -{ - WERROR result; - char *sharename=talloc_strdup(mem_ctx, argv[0]); - char *path; - uint32_t type=0; /* only allow disk shares to be added */ - uint32_t num_users=0, perms=0; - char *password=NULL; /* don't allow a share password */ - - path = strchr(sharename, '='); - if (!path) - return NT_STATUS_UNSUCCESSFUL; - *path++ = '\0'; - - result = smbcli_srvsvc_net_share_add(cli, mem_ctx, sharename, type, - opt_comment, perms, opt_maxusers, - num_users, path, password); - return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; -} - -static int rpc_share_add(int argc, const char **argv) -{ - if ((argc < 1) || !strchr(argv[0], '=')) { - DEBUG(1,("Sharename or path not specified on add\n")); - return rpc_share_usage(argc, argv); - } - return run_rpc_command(NULL, PI_SRVSVC, 0, - rpc_share_add_internals, - argc, argv); -} - -/** - * Delete a share on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ -static NTSTATUS -rpc_share_del_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx,int argc, const char **argv) -{ - WERROR result; - - result = smbcli_srvsvc_net_share_del(cli, mem_ctx, argv[0]); - return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; -} - -/** - * Delete a share on a remote RPC server - * - * @param domain_sid The domain sid acquired from the remote server - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ -static int rpc_share_delete(int argc, const char **argv) -{ - if (argc < 1) { - DEBUG(1,("Sharename not specified on delete\n")); - return rpc_share_usage(argc, argv); - } - return run_rpc_command(NULL, PI_SRVSVC, 0, - rpc_share_del_internals, - argc, argv); -} - -/** - * Formatted print of share info - * - * @param info1 pointer to SRV_SHARE_INFO_1 to format - **/ - -static void display_share_info_1(SRV_SHARE_INFO_1 *info1) -{ - fstring netname = "", remark = ""; - - rpcstr_pull_unistr2_fstring(netname, &info1->info_1_str.uni_netname); - rpcstr_pull_unistr2_fstring(remark, &info1->info_1_str.uni_remark); - - if (opt_long_list_entries) { - d_printf("%-12.12s %-8.8s %-50.50s\n", - netname, share_type[info1->info_1.type], remark); - } else { - d_printf("%-12.12s\n", netname); - } - -} - -/** - * List shares on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS -rpc_share_list_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - SRV_SHARE_INFO_CTR ctr; - WERROR result; - ENUM_HND hnd; - uint32_t preferred_len = 0xffffffff, i; - - init_enum_hnd(&hnd, 0); - - result = smbcli_srvsvc_net_share_enum( - cli, mem_ctx, 1, &ctr, preferred_len, &hnd); - - if (!W_ERROR_IS_OK(result)) - goto done; - - /* Display results */ - - if (opt_long_list_entries) { - d_printf( - "\nEnumerating shared resources (exports) on remote server:\n\n"\ - "\nShare name Type Description\n"\ - "---------- ---- -----------\n"); - } - for (i = 0; i < ctr.num_entries; i++) - display_share_info_1(&ctr.share.info1[i]); - done: - return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; -} - -/** - * 'net rpc share' entrypoint. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - **/ - -int net_rpc_share(int argc, const char **argv) -{ - struct functable func[] = { - {"add", rpc_share_add}, - {"delete", rpc_share_delete}, - {NULL, NULL} - }; - - if (argc == 0) - return run_rpc_command(NULL, PI_SRVSVC, 0, - rpc_share_list_internals, - argc, argv); - - return net_run_function(argc, argv, func, rpc_share_usage); -} - -/****************************************************************************/ - -static int rpc_file_usage(int argc, const char **argv) -{ - return net_help_file(argc, argv); -} - -/** - * Close a file on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ -static NTSTATUS -rpc_file_close_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - WERROR result; - result = smbcli_srvsvc_net_file_close(cli, mem_ctx, atoi(argv[0])); - return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; -} - -/** - * Close a file on a remote RPC server - * - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ -static int rpc_file_close(int argc, const char **argv) -{ - if (argc < 1) { - DEBUG(1, ("No fileid given on close\n")); - return(rpc_file_usage(argc, argv)); - } - - return run_rpc_command(NULL, PI_SRVSVC, 0, - rpc_file_close_internals, - argc, argv); -} - -/** - * Formatted print of open file info - * - * @param info3 FILE_INFO_3 contents - * @param str3 strings for FILE_INFO_3 - **/ - -static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3) -{ - fstring user = "", path = ""; - - rpcstr_pull_unistr2_fstring(user, &str3->uni_user_name); - rpcstr_pull_unistr2_fstring(path, &str3->uni_path_name); - - d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n", - info3->id, user, info3->perms, info3->num_locks, path); -} - -/** - * List open files on a remote RPC server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid acquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS -rpc_file_list_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, - TALLOC_CTX *mem_ctx, int argc, const char **argv) -{ - SRV_FILE_INFO_CTR ctr; - WERROR result; - ENUM_HND hnd; - uint32_t preferred_len = 0xffffffff, i; - const char *username=NULL; - - init_enum_hnd(&hnd, 0); - - /* if argc > 0, must be user command */ - if (argc > 0) - username = smb_xstrdup(argv[0]); - - result = smbcli_srvsvc_net_file_enum( - cli, mem_ctx, 3, username, &ctr, preferred_len, &hnd); - - if (!W_ERROR_IS_OK(result)) - goto done; - - /* Display results */ - - d_printf( - "\nEnumerating open files on remote server:\n\n"\ - "\nFileId Opened by Perms Locks Path"\ - "\n------ --------- ----- ----- ---- \n"); - for (i = 0; i < ctr.num_entries; i++) - display_file_info_3(&ctr.file.info3[i].info_3, - &ctr.file.info3[i].info_3_str); - done: - return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; -} - - -/** - * List files for a user on a remote RPC server - * - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ -static int rpc_file_user(int argc, const char **argv) -{ - if (argc < 1) { - DEBUG(1, ("No username given\n")); - return(rpc_file_usage(argc, argv)); - } - - return run_rpc_command(NULL, PI_SRVSVC, 0, - rpc_file_list_internals, - argc, argv); -} - - -/** - * 'net rpc file' entrypoint. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - **/ - -int net_rpc_file(int argc, const char **argv) -{ - struct functable func[] = { - {"close", rpc_file_close}, - {"user", rpc_file_user}, -#if 0 - {"info", rpc_file_info}, -#endif - {NULL, NULL} - }; - - if (argc == 0) - return run_rpc_command(NULL, PI_SRVSVC, 0, - rpc_file_list_internals, - argc, argv); - - return net_run_function(argc, argv, func, rpc_file_usage); -} - -/****************************************************************************/ - - - -/** - * ABORT the shutdown of a remote RPC Server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passed through. - * - * @param domain_sid The domain sid aquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on compleation of the function. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) -{ - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - result = smbcli_reg_abort_shutdown(cli, mem_ctx); - - if (NT_STATUS_IS_OK(result)) - DEBUG(5,("cmd_reg_abort_shutdown: query succeeded\n")); - else - DEBUG(5,("cmd_reg_abort_shutdown: query failed\n")); - - return result; -} - - -/** - * ABORT the Shut down of a remote RPC server - * - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ - -static int rpc_shutdown_abort(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_WINREG, 0, rpc_shutdown_abort_internals, - argc, argv); -} - -/** - * Shut down a remote RPC Server - * - * All parameters are provided by the run_rpc_command function, except for - * argc, argv which are passes through. - * - * @param domain_sid The domain sid aquired from the remote server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on compleation of the function. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * @return Normal NTSTATUS return. - **/ - -static NTSTATUS rpc_shutdown_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) -{ - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - const char *msg = "This machine will be shutdown shortly"; - uint32_t timeout = 20; -#if 0 - poptContext pc; - int rc; - - struct poptOption long_options[] = { - {"message", 'm', POPT_ARG_STRING, &msg}, - {"timeout", 't', POPT_ARG_INT, &timeout}, - {"reboot", 'r', POPT_ARG_NONE, &reboot}, - {"force", 'f', POPT_ARG_NONE, &force}, - { 0, 0, 0, 0} - }; - - pc = poptGetContext(NULL, argc, (const char **) argv, long_options, - POPT_CONTEXT_KEEP_FIRST); - - rc = poptGetNextOpt(pc); - - if (rc < -1) { - /* an error occurred during option processing */ - DEBUG(0, ("%s: %s\n", - poptBadOption(pc, POPT_BADOPTION_NOALIAS), - poptStrerror(rc))); - return NT_STATUS_INVALID_PARAMETER; - } -#endif - if (opt_comment) { - msg = opt_comment; - } - if (opt_timeout) { - timeout = opt_timeout; - } - - /* create an entry */ - result = smbcli_reg_shutdown(cli, mem_ctx, msg, timeout, opt_reboot, opt_force); - - if (NT_STATUS_IS_OK(result)) - DEBUG(5,("Shutdown of remote machine succeeded\n")); - else - DEBUG(0,("Shutdown of remote machine failed!\n")); - - return result; -} - -/** - * Shut down a remote RPC server - * - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * @return A shell status integer (0 for success) - **/ - -static int rpc_shutdown(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_WINREG, 0, rpc_shutdown_internals, - argc, argv); -} - -/*************************************************************************** - NT Domain trusts code (i.e. 'net rpc trustdom' functionality) - - ***************************************************************************/ - -/** - * Add interdomain trust account to the RPC server. - * All parameters (except for argc and argv) are passed by run_rpc_command - * function. - * - * @param domain_sid The domain sid acquired from the server - * @param cli A smbcli_state connected to the server. - * @param mem_ctx Talloc context, destoyed on completion of the function. - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped - * - * @return normal NTSTATUS return code - */ - -static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct smbcli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { - - POLICY_HND connect_pol, domain_pol, user_pol; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - char *acct_name; - uint16_t acb_info; - uint32_t unknown, user_rid; - - if (argc != 1) { - d_printf("Usage: net rpc trustdom add <domain_name>\n"); - return NT_STATUS_INVALID_PARAMETER; - } - - /* - * Make valid trusting domain account (ie. uppercased and with '$' appended) - */ - - if (asprintf(&acct_name, "%s$", argv[0]) < 0) { - return NT_STATUS_NO_MEMORY; - } - - strupper(acct_name); - - /* Get samr policy handle */ - result = smbcli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, - &connect_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Get domain policy handle */ - result = smbcli_samr_open_domain(cli, mem_ctx, &connect_pol, - MAXIMUM_ALLOWED_ACCESS, - domain_sid, &domain_pol); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Create trusting domain's account */ - acb_info = ACB_DOMTRUST; - unknown = 0xe005000b; /* No idea what this is - a permission mask? - mimir: yes, most probably it is */ - - result = smbcli_samr_create_dom_user(cli, mem_ctx, &domain_pol, - acct_name, acb_info, unknown, - &user_pol, &user_rid); - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - done: - SAFE_FREE(acct_name); - return result; -} - -/** - * Create interdomain trust account for a remote domain. - * - * @param argc standard argc - * @param argv standard argv without initial components - * - * @return Integer status (0 means success) - **/ - -static int rpc_trustdom_add(int argc, const char **argv) -{ - return run_rpc_command(NULL, PI_SAMR, 0, rpc_trustdom_add_internals, - argc, argv); -} - - -/** - * Delete interdomain trust account for a remote domain. - * - * @param argc standard argc - * @param argv standard argv without initial components - * - * @return Integer status (0 means success) - **/ - -static int rpc_trustdom_del(int argc, const char **argv) -{ - d_printf("Sorry, not yet implemented.\n"); - return -1; -} - - -/** - * Establish trust relationship to a trusting domain. - * Interdomain account must already be created on remote PDC. - * - * @param argc standard argc - * @param argv standard argv without initial components - * - * @return Integer status (0 means success) - **/ - -static int rpc_trustdom_establish(int argc, const char **argv) -{ - struct smbcli_state *cli; - struct in_addr server_ip; - POLICY_HND connect_hnd; - TALLOC_CTX *mem_ctx; - NTSTATUS nt_status; - DOM_SID domain_sid; - WKS_INFO_100 wks_info; - - char* domain_name; - char* acct_name; - fstring pdc_name; - - /* - * Connect to \\server\ipc$ as 'our domain' account with password - */ - - if (argc != 1) { - d_printf("Usage: net rpc trustdom establish <domain_name>\n"); - return -1; - } - - domain_name = smb_xstrdup(argv[0]); - strupper(domain_name); - - /* account name used at first is our domain's name with '$' */ - asprintf(&acct_name, "%s$", lp_workgroup()); - strupper(acct_name); - - /* - * opt_workgroup will be used by connection functions further, - * hence it should be set to remote domain name instead of ours - */ - if (opt_workgroup) { - opt_workgroup = smb_xstrdup(domain_name); - }; - - opt_user_name = acct_name; - - /* find the domain controller */ - if (!net_find_dc(&server_ip, pdc_name, domain_name)) { - DEBUG(0, ("Coulnd find domain controller for domain %s\n", domain_name)); - return -1; - } - - /* connect to ipc$ as username/password */ - nt_status = connect_to_ipc(&cli, &server_ip, pdc_name); - if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) { - - /* Is it trusting domain account for sure ? */ - DEBUG(0, ("Couldn't verify trusting domain account. Error was %s\n", - nt_errstr(nt_status))); - return -1; - } - - /* - * Connect to \\server\ipc$ again (this time anonymously) - */ - - nt_status = connect_to_ipc_anonymous(&cli, &server_ip, (char*)pdc_name); - - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't connect to domain %s controller. Error was %s.\n", - domain_name, nt_errstr(nt_status))); - } - - /* - * Use NetServerEnum2 to make sure we're talking to a proper server - */ - - if (!smbcli_get_pdc_name(cli, domain_name, (char*)pdc_name)) { - DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\ - for domain %s\n", domain_name)); - } - - /* - * Call WksQueryInfo to check remote server's capabilities - * note: It is now used only to get unicode domain name - */ - - if (!smbcli_nt_session_open(cli, PI_WKSSVC)) { - DEBUG(0, ("Couldn't not initialise wkssvc pipe\n")); - return -1; - } - - if (!(mem_ctx = talloc_init("establishing trust relationship to domain %s", - domain_name))) { - DEBUG(0, ("talloc_init() failed\n")); - smbcli_shutdown(cli); - return -1; - } - - nt_status = smbcli_wks_query_info(cli, mem_ctx, &wks_info); - - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("WksQueryInfo call failed.\n")); - return -1; - } - - if (cli->nt_pipe_fnum) - smbcli_nt_session_close(cli); - - - /* - * Call LsaOpenPolicy and LsaQueryInfo - */ - - if (!(mem_ctx = talloc_init("rpc_trustdom_establish"))) { - DEBUG(0, ("talloc_init() failed\n")); - smbcli_shutdown(cli); - return -1; - } - - if (!smbcli_nt_session_open(cli, PI_LSARPC)) { - DEBUG(0, ("Could not initialise lsa pipe\n")); - smbcli_shutdown(cli); - return -1; - } - - nt_status = smbcli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, - &connect_hnd); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't open policy handle. Error was %s\n", - nt_errstr(nt_status))); - return -1; - } - - /* Querying info level 5 */ - - nt_status = smbcli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd, - 5 /* info level */, domain_name, - &domain_sid); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("LSA Query Info failed. Returned error was %s\n", - nt_errstr(nt_status))); - return -1; - } - - - - - /* There should be actually query info level 3 (following nt serv behaviour), - but I still don't know if it's _really_ necessary */ - - /* - * Store the password in secrets db - */ - - if (!secrets_store_trusted_domain_password(domain_name, wks_info.uni_lan_grp.buffer, - wks_info.uni_lan_grp.uni_str_len, opt_password, - domain_sid)) { - DEBUG(0, ("Storing password for trusted domain failed.\n")); - return -1; - } - - /* - * Close the pipes and clean up - */ - - nt_status = smbcli_lsa_close(cli, mem_ctx, &connect_hnd); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n", - nt_errstr(nt_status))); - return -1; - } - - if (cli->nt_pipe_fnum) - smbcli_nt_session_close(cli); - - talloc_destroy(mem_ctx); - - DEBUG(0, ("Success!\n")); - return 0; -} - -/** - * Revoke trust relationship to the remote domain - * - * @param argc standard argc - * @param argv standard argv without initial components - * - * @return Integer status (0 means success) - **/ - -static int rpc_trustdom_revoke(int argc, const char **argv) -{ - char* domain_name; - - if (argc < 1) return -1; - - /* generate upper cased domain name */ - domain_name = smb_xstrdup(argv[0]); - strupper(domain_name); - - /* delete password of the trust */ - if (!trusted_domain_password_delete(domain_name)) { - DEBUG(0, ("Failed to revoke relationship to the trusted domain %s\n", - domain_name)); - return -1; - }; - - return 0; -} - -/** - * Usage for 'net rpc trustdom' command - * - * @param argc standard argc - * @param argv standard argv without inital components - * - * @return Integer status returned to shell - **/ - -static int rpc_trustdom_usage(int argc, const char **argv) -{ - d_printf(" net rpc trustdom add \t\t add trusting domain's account\n"); - d_printf(" net rpc trustdom del \t\t delete trusting domain's account\n"); - d_printf(" net rpc trustdom establish \t establish relationship to trusted domain\n"); - d_printf(" net rpc trustdom revoke \t abandon relationship to trusted domain\n"); - d_printf(" net rpc trustdom list \t show current interdomain trust relationships\n"); - return -1; -} - - -static NTSTATUS rpc_query_domain_sid(const DOM_SID *domain_sid, struct smbcli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) -{ - fstring str_sid; - sid_to_string(str_sid, domain_sid); - d_printf("%s\n", str_sid); - return NT_STATUS_OK; -}; - - -static int rpc_trustdom_list(int argc, const char **argv) -{ - /* common variables */ - TALLOC_CTX* mem_ctx; - struct smbcli_state *cli, *remote_cli; - NTSTATUS nt_status; - const char *domain_name = NULL; - DOM_SID queried_dom_sid; - fstring ascii_sid, padding; - int ascii_dom_name_len; - POLICY_HND connect_hnd; - - /* trusted domains listing variables */ - int enum_ctx = 0; - int num_domains, i, pad_len, col_len = 20; - DOM_SID *domain_sids; - char **trusted_dom_names; - fstring pdc_name; - - /* trusting domains listing variables */ - POLICY_HND domain_hnd; - char **trusting_dom_names; - uint32_t *trusting_dom_rids; - - /* - * Listing trusted domains (stored in secrets.tdb, if local) - */ - - mem_ctx = talloc_init("trust relationships listing"); - - /* - * set domain and pdc name to local samba server (default) - * or to remote one given in command line - */ - - if (StrCaseCmp(opt_workgroup, lp_workgroup())) { - domain_name = opt_workgroup; - opt_target_workgroup = opt_workgroup; - } else { - fstrcpy(pdc_name, lp_netbios_name()); - domain_name = talloc_strdup(mem_ctx, lp_workgroup()); - opt_target_workgroup = domain_name; - }; - - /* open \PIPE\lsarpc and open policy handle */ - if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) { - DEBUG(0, ("Couldn't connect to domain controller\n")); - return -1; - }; - - if (!smbcli_nt_session_open(cli, PI_LSARPC)) { - DEBUG(0, ("Could not initialise lsa pipe\n")); - return -1; - }; - - nt_status = smbcli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, - &connect_hnd); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't open policy handle. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - /* query info level 5 to obtain sid of a domain being queried */ - nt_status = smbcli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd, - 5 /* info level */, domain_name, &queried_dom_sid); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("LSA Query Info failed. Returned error was %s\n", - nt_errstr(nt_status))); - return -1; - } - - /* - * Keep calling LsaEnumTrustdom over opened pipe until - * the end of enumeration is reached - */ - - d_printf("Trusted domains list:\n\n"); - - do { - nt_status = smbcli_lsa_enum_trust_dom(cli, mem_ctx, &connect_hnd, &enum_ctx, - &num_domains, - &trusted_dom_names, &domain_sids); - - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - for (i = 0; i < num_domains; i++) { - /* convert sid into ascii string */ - sid_to_string(ascii_sid, &(domain_sids[i])); - - /* calculate padding space for d_printf to look nicer */ - pad_len = col_len - strlen(trusted_dom_names[i]); - padding[pad_len] = 0; - do padding[--pad_len] = ' '; while (pad_len); - - d_printf("%s%s%s\n", trusted_dom_names[i], padding, ascii_sid); - }; - - /* - * in case of no trusted domains say something rather - * than just display blank line - */ - if (!num_domains) d_printf("none\n"); - - } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES)); - - /* close this connection before doing next one */ - nt_status = smbcli_lsa_close(cli, mem_ctx, &connect_hnd); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - smbcli_nt_session_close(cli); - - /* - * Listing trusting domains (stored in passdb backend, if local) - */ - - d_printf("\nTrusting domains list:\n\n"); - - /* - * Open \PIPE\samr and get needed policy handles - */ - if (!smbcli_nt_session_open(cli, PI_SAMR)) { - DEBUG(0, ("Could not initialise samr pipe\n")); - return -1; - }; - - /* SamrConnect */ - nt_status = smbcli_samr_connect(cli, mem_ctx, SA_RIGHT_SAM_OPEN_DOMAIN, - &connect_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - /* SamrOpenDomain - we have to open domain policy handle in order to be - able to enumerate accounts*/ - nt_status = smbcli_samr_open_domain(cli, mem_ctx, &connect_hnd, - SA_RIGHT_DOMAIN_ENUM_ACCOUNTS, - &queried_dom_sid, &domain_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't open domain object. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - /* - * perform actual enumeration - */ - - enum_ctx = 0; /* reset enumeration context from last enumeration */ - do { - - nt_status = smbcli_samr_enum_dom_users(cli, mem_ctx, &domain_hnd, - &enum_ctx, ACB_DOMTRUST, 0xffff, - &trusting_dom_names, &trusting_dom_rids, - &num_domains); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n", - nt_errstr(nt_status))); - return -1; - }; - - for (i = 0; i < num_domains; i++) { - - /* - * get each single domain's sid (do we _really_ need this ?): - * 1) connect to domain's pdc - * 2) query the pdc for domain's sid - */ - - /* get rid of '$' tail */ - ascii_dom_name_len = strlen(trusting_dom_names[i]); - if (ascii_dom_name_len && ascii_dom_name_len < FSTRING_LEN) - trusting_dom_names[i][ascii_dom_name_len - 1] = '\0'; - - /* calculate padding space for d_printf to look nicer */ - pad_len = col_len - strlen(trusting_dom_names[i]); - padding[pad_len] = 0; - do padding[--pad_len] = ' '; while (pad_len); - - /* set opt_* variables to remote domain */ - strupper(trusting_dom_names[i]); - opt_workgroup = talloc_strdup(mem_ctx, trusting_dom_names[i]); - opt_target_workgroup = opt_workgroup; - - d_printf("%s%s", trusting_dom_names[i], padding); - - /* connect to remote domain controller */ - remote_cli = net_make_ipc_connection(NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS); - if (remote_cli) { - /* query for domain's sid */ - if (run_rpc_command(remote_cli, PI_LSARPC, 0, rpc_query_domain_sid, argc, argv)) - d_printf("couldn't get domain's sid\n"); - - smbcli_shutdown(remote_cli); - - } else { - d_printf("domain controller is not responding\n"); - }; - }; - - if (!num_domains) d_printf("none\n"); - - } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES)); - - /* close opened samr and domain policy handles */ - nt_status = smbcli_samr_close(cli, mem_ctx, &domain_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't properly close domain policy handle for domain %s\n", domain_name)); - }; - - nt_status = smbcli_samr_close(cli, mem_ctx, &connect_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't properly close samr policy handle for domain %s\n", domain_name)); - }; - - /* close samr pipe and connection to IPC$ */ - smbcli_nt_session_close(cli); - smbcli_shutdown(cli); - - talloc_destroy(mem_ctx); - return 0; -} - -/** - * Entrypoint for 'net rpc trustdom' code - * - * @param argc standard argc - * @param argv standard argv without initial components - * - * @return Integer status (0 means success) - */ - -static int rpc_trustdom(int argc, const char **argv) -{ - struct functable func[] = { - {"add", rpc_trustdom_add}, - {"del", rpc_trustdom_del}, - {"establish", rpc_trustdom_establish}, - {"revoke", rpc_trustdom_revoke}, - {"help", rpc_trustdom_usage}, - {"list", rpc_trustdom_list}, - {NULL, NULL} - }; - - if (argc == 0) { - rpc_trustdom_usage(argc, argv); - return -1; - } - - return (net_run_function(argc, argv, func, rpc_user_usage)); -} - -/** - * Check if a server will take rpc commands - * @param flags Type of server to connect to (PDC, DMB, localhost) - * if the host is not explicitly specified - * @return BOOL (true means rpc supported) - */ -BOOL net_rpc_check(uint_t flags) -{ - struct smbcli_state cli; - BOOL ret = False; - struct in_addr server_ip; - char *server_name = NULL; - - /* flags (i.e. server type) may depend on command */ - if (!net_find_server(flags, &server_ip, &server_name)) - return False; - - ZERO_STRUCT(cli); - if (smbcli_initialise(&cli) == False) - return False; - - if (!smbcli_connect(&cli, server_name, &server_ip)) - goto done; - if (!attempt_netbios_session_request(&cli, lp_netbios_name(), - server_name, &server_ip)) - goto done; - if (!smbcli_negprot(&cli)) - goto done; - if (cli.protocol < PROTOCOL_NT1) - goto done; - - ret = True; - done: - smbcli_shutdown(&cli); - return ret; -} - - -/****************************************************************************/ - - -/** - * Basic usage function for 'net rpc' - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - **/ - -int net_rpc_usage(int argc, const char **argv) -{ - d_printf(" net rpc info \t\t\tshow basic info about a domain \n"); - d_printf(" net rpc join \t\t\tto join a domain \n"); - d_printf(" net rpc testjoin \t\ttests that a join is valid\n"); - d_printf(" net rpc user \t\t\tto add, delete and list users\n"); - d_printf(" net rpc group \t\tto list groups\n"); - d_printf(" net rpc share \t\tto add, delete, and list shares\n"); - d_printf(" net rpc file \t\t\tto list open files\n"); - d_printf(" net rpc changetrustpw \tto change the trust account password\n"); - d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n"); - d_printf(" net rpc vampire \t\tsyncronise an NT PDC's users and groups into the local passdb\n"); - d_printf(" net rpc samdump \t\tdiplay an NT PDC's users, groups and other data\n"); - d_printf(" net rpc trustdom \t\tto create trusting domain's account\n" - "\t\t\t\t\tor establish trust\n"); - d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n"); - d_printf(" net rpc shutdown \t\tto shutdown a remote server\n"); - d_printf("\n"); - d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */ - d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n"); - d_printf("\t-f or --force\trequest the remote server force its shutdown\n"); - d_printf("\t-t or --timeout=<timeout>\tnumber of seconds before shutdown\n"); - d_printf("\t-c or --comment=<message>\ttext message to display on impending shutdown\n"); - return -1; -} - - -/** - * Help function for 'net rpc'. Calls command specific help if requested - * or displays usage of net rpc - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - **/ - -int net_rpc_help(int argc, const char **argv) -{ - struct functable func[] = { - {"join", rpc_join_usage}, - {"user", rpc_user_usage}, - {"group", rpc_group_usage}, - {"share", rpc_share_usage}, - /*{"changetrustpw", rpc_changetrustpw_usage}, */ - {"trustdom", rpc_trustdom_usage}, - /*{"abortshutdown", rpc_shutdown_abort_usage},*/ - /*{"shutdown", rpc_shutdown_usage}, */ - {NULL, NULL} - }; - - if (argc == 0) { - net_rpc_usage(argc, argv); - return -1; - } - - return (net_run_function(argc, argv, func, rpc_user_usage)); -} - - -/** - * 'net rpc' entrypoint. - * @param argc Standard main() style argc - * @param argv Standard main() style argv. Initial components are already - * stripped - **/ - -int net_rpc(int argc, const char **argv) -{ - struct functable func[] = { - {"info", net_rpc_info}, - {"join", net_rpc_join}, - {"testjoin", net_rpc_testjoin}, - {"user", net_rpc_user}, - {"group", net_rpc_group}, - {"share", net_rpc_share}, - {"file", net_rpc_file}, - {"changetrustpw", rpc_changetrustpw}, - {"trustdom", rpc_trustdom}, - {"abortshutdown", rpc_shutdown_abort}, - {"shutdown", rpc_shutdown}, - {"samdump", rpc_samdump}, - {"vampire", rpc_vampire}, - {"getsid", net_rpc_getsid}, - {"help", net_rpc_help}, - {NULL, NULL} - }; - return net_run_function(argc, argv, func, net_rpc_usage); -} diff --git a/source4/utils/net_rpc_join.c b/source4/utils/net_rpc_join.c deleted file mode 100644 index 9f915550af..0000000000 --- a/source4/utils/net_rpc_join.c +++ /dev/null @@ -1,354 +0,0 @@ -/* - Samba Unix/Linux SMB client library - Distributed SMB/CIFS Server Management Utility - Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org) - Copyright (C) Tim Potter 2001 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -#include "includes.h" -#include "../utils/net.h" - -/* Macro for checking RPC error codes to make things more readable */ - -#define CHECK_RPC_ERR(rpc, msg) \ - if (!NT_STATUS_IS_OK(result = rpc)) { \ - DEBUG(0, (msg ": %s\n", nt_errstr(result))); \ - goto done; \ - } - -#define CHECK_RPC_ERR_DEBUG(rpc, debug_args) \ - if (!NT_STATUS_IS_OK(result = rpc)) { \ - DEBUG(0, debug_args); \ - goto done; \ - } - - -/** - * confirm that a domain join is still valid - * - * @return A shell status integer (0 for success) - * - **/ -int net_rpc_join_ok(const char *domain) -{ - struct smbcli_state *cli; - uint8_t stored_md4_trust_password[16]; - int retval = 1; - uint32_t channel; - NTSTATUS result; - uint32_t neg_flags = 0x000001ff; - - /* Connect to remote machine */ - if (!(cli = net_make_ipc_connection(NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC))) { - return 1; - } - - if (!smbcli_nt_session_open(cli, PI_NETLOGON)) { - DEBUG(0,("Error connecting to NETLOGON pipe\n")); - goto done; - } - - if (!secrets_fetch_trust_account_password(domain, - stored_md4_trust_password, NULL)) { - DEBUG(0,("Could not reterive domain trust secret")); - goto done; - } - - if (lp_server_role() == ROLE_DOMAIN_BDC || - lp_server_role() == ROLE_DOMAIN_PDC) { - channel = SEC_CHAN_BDC; - } else { - channel = SEC_CHAN_WKSTA; - } - - CHECK_RPC_ERR(smbcli_nt_setup_creds(cli, - channel, - stored_md4_trust_password, &neg_flags, 2), - "error in domain join verification"); - - retval = 0; /* Success! */ - -done: - /* Close down pipe - this will clean up open policy handles */ - if (cli->nt_pipe_fnum) - smbcli_nt_session_close(cli); - - smbcli_shutdown(cli); - - return retval; -} - -/** - * Join a domain using the administrator username and password - * - * @param argc Standard main() style argc - * @param argc Standard main() style argv. Initial components are already - * stripped. Currently not used. - * @return A shell status integer (0 for success) - * - **/ - -int net_rpc_join_newstyle(int argc, const char **argv) -{ - - /* libsmb variables */ - - struct smbcli_state *cli; - TALLOC_CTX *mem_ctx; - uint32_t acb_info; - - /* rpc variables */ - - POLICY_HND lsa_pol, sam_pol, domain_pol, user_pol; - DOM_SID domain_sid; - uint32_t user_rid; - - /* Password stuff */ - - char *clear_trust_password = NULL; - fstring ucs2_trust_password; - int ucs2_pw_len; - uint8_t pwbuf[516], sess_key[16]; - SAM_USERINFO_CTR ctr; - SAM_USER_INFO_24 p24; - SAM_USER_INFO_10 p10; - - /* Misc */ - - NTSTATUS result; - int retval = 1; - fstring domain; - uint32_t num_rids, *name_types, *user_rids; - uint32_t flags = 0x3e8; - char *acct_name; - const char *const_acct_name; - - /* Connect to remote machine */ - - if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) - return 1; - - if (!(mem_ctx = talloc_init("net_rpc_join_newstyle"))) { - DEBUG(0, ("Could not initialise talloc context\n")); - goto done; - } - - /* Fetch domain sid */ - - if (!smbcli_nt_session_open(cli, PI_LSARPC)) { - DEBUG(0, ("Error connecting to SAM pipe\n")); - goto done; - } - - - CHECK_RPC_ERR(smbcli_lsa_open_policy(cli, mem_ctx, True, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &lsa_pol), - "error opening lsa policy handle"); - - CHECK_RPC_ERR(smbcli_lsa_query_info_policy(cli, mem_ctx, &lsa_pol, - 5, domain, &domain_sid), - "error querying info policy"); - - smbcli_lsa_close(cli, mem_ctx, &lsa_pol); - - smbcli_nt_session_close(cli); /* Done with this pipe */ - - /* Create domain user */ - if (!smbcli_nt_session_open(cli, PI_SAMR)) { - DEBUG(0, ("Error connecting to SAM pipe\n")); - goto done; - } - - CHECK_RPC_ERR(smbcli_samr_connect(cli, mem_ctx, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &sam_pol), - "could not connect to SAM database"); - - - CHECK_RPC_ERR(smbcli_samr_open_domain(cli, mem_ctx, &sam_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, - &domain_sid, &domain_pol), - "could not open domain"); - - /* Create domain user */ - acct_name = talloc_asprintf(mem_ctx, "%s$", lp_netbios_name()); - strlower(acct_name); - const_acct_name = acct_name; - - acb_info = ((lp_server_role() == ROLE_DOMAIN_BDC) || lp_server_role() == ROLE_DOMAIN_PDC) ? ACB_SVRTRUST : ACB_WSTRUST; - - result = smbcli_samr_create_dom_user(cli, mem_ctx, &domain_pol, - acct_name, acb_info, - 0xe005000b, &user_pol, - &user_rid); - - if (!NT_STATUS_IS_OK(result) && - !NT_STATUS_EQUAL(result, NT_STATUS_USER_EXISTS)) { - d_printf("Create of workstation account failed\n"); - - /* If NT_STATUS_ACCESS_DENIED then we have a valid - username/password combo but the user does not have - administrator access. */ - - if (NT_STATUS_V(result) == NT_STATUS_V(NT_STATUS_ACCESS_DENIED)) - d_printf("User specified does not have administrator privileges\n"); - - goto done; - } - - /* We *must* do this.... don't ask... */ - - if (NT_STATUS_IS_OK(result)) - smbcli_samr_close(cli, mem_ctx, &user_pol); - - CHECK_RPC_ERR_DEBUG(smbcli_samr_lookup_names(cli, mem_ctx, - &domain_pol, flags, - 1, &const_acct_name, - &num_rids, - &user_rids, &name_types), - ("error looking up rid for user %s: %s\n", - acct_name, nt_errstr(result))); - - if (name_types[0] != SID_NAME_USER) { - DEBUG(0, ("%s is not a user account\n", acct_name)); - goto done; - } - - user_rid = user_rids[0]; - - /* Open handle on user */ - - CHECK_RPC_ERR_DEBUG( - smbcli_samr_open_user(cli, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, - user_rid, &user_pol), - ("could not re-open existing user %s: %s\n", - acct_name, nt_errstr(result))); - - /* Create a random machine account password */ - - { - char *str; - str = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); - clear_trust_password = strdup(str); - } - - ucs2_pw_len = push_ucs2(NULL, ucs2_trust_password, - clear_trust_password, - sizeof(ucs2_trust_password), 0); - - encode_pw_buffer((char *)pwbuf, ucs2_trust_password, - ucs2_pw_len); - - /* Set password on machine account */ - - ZERO_STRUCT(ctr); - ZERO_STRUCT(p24); - - init_sam_user_info24(&p24, (char *)pwbuf,24); - - ctr.switch_value = 24; - ctr.info.id24 = &p24; - - CHECK_RPC_ERR(smbcli_samr_set_userinfo(cli, mem_ctx, &user_pol, 24, - cli->user_session_key, &ctr), - "error setting trust account password"); - - /* Why do we have to try to (re-)set the ACB to be the same as what - we passed in the samr_create_dom_user() call? When a NT - workstation is joined to a domain by an administrator the - acb_info is set to 0x80. For a normal user with "Add - workstations to the domain" rights the acb_info is 0x84. I'm - not sure whether it is supposed to make a difference or not. NT - seems to cope with either value so don't bomb out if the set - userinfo2 level 0x10 fails. -tpot */ - - ZERO_STRUCT(ctr); - ctr.switch_value = 0x10; - ctr.info.id10 = &p10; - - init_sam_user_info10(&p10, acb_info); - - /* Ignoring the return value is necessary for joining a domain - as a normal user with "Add workstation to domain" privilege. */ - - result = smbcli_samr_set_userinfo2(cli, mem_ctx, &user_pol, 0x10, - sess_key, &ctr); - - /* Now store the secret in the secrets database */ - - strupper(domain); - - if (!secrets_store_domain_sid(domain, &domain_sid)) { - DEBUG(0, ("error storing domain sid for %s\n", domain)); - goto done; - } - - if (!secrets_store_machine_password(clear_trust_password)) { - DEBUG(0, ("error storing plaintext domain secrets for %s\n", domain)); - } - - /* Now check the whole process from top-to-bottom */ - smbcli_samr_close(cli, mem_ctx, &user_pol); - smbcli_nt_session_close(cli); /* Done with this pipe */ - - retval = net_rpc_join_ok(domain); - -done: - /* Close down pipe - this will clean up open policy handles */ - - if (cli->nt_pipe_fnum) - smbcli_nt_session_close(cli); - - /* Display success or failure */ - - if (retval != 0) { - trust_password_delete(domain); - fprintf(stderr,"Unable to join domain %s.\n",domain); - } else { - printf("Joined domain %s.\n",domain); - } - - smbcli_shutdown(cli); - - SAFE_FREE(clear_trust_password); - - return retval; -} - - -/** - * check that a join is OK - * - * @return A shell status integer (0 for success) - * - **/ -int net_rpc_testjoin(int argc, const char **argv) -{ - char *domain = smb_xstrdup(lp_workgroup()); - - /* Display success or failure */ - if (net_rpc_join_ok(domain) != 0) { - fprintf(stderr,"Join to domain '%s' is not valid\n",domain); - free(domain); - return -1; - } - - printf("Join to '%s' is OK\n",domain); - free(domain); - return 0; -} diff --git a/source4/utils/net_rpc_samsync.c b/source4/utils/net_rpc_samsync.c deleted file mode 100644 index 1b0cbc6c76..0000000000 --- a/source4/utils/net_rpc_samsync.c +++ /dev/null @@ -1,725 +0,0 @@ -/* - Unix SMB/CIFS implementation. - dump the remote SAM using rpc samsync operations - - Copyright (C) Andrew Tridgell 2002 - Copyright (C) Tim Potter 2001,2002 - Modified by Volker Lendecke 2002 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "../utils/net.h" - -extern DOM_SID global_sid_Builtin; - -static void display_group_mem_info(uint32_t rid, SAM_GROUP_MEM_INFO *g) -{ - int i; - d_printf("Group mem %u: ", rid); - for (i=0;i<g->num_members;i++) { - d_printf("%u ", g->rids[i]); - } - d_printf("\n"); -} - -static void display_alias_info(uint32_t rid, SAM_ALIAS_INFO *a) -{ - d_printf("Alias '%s' ", unistr2_static(&a->uni_als_name)); - d_printf("desc='%s' rid=%u\n", unistr2_static(&a->uni_als_desc), a->als_rid); -} - -static void display_alias_mem(uint32_t rid, SAM_ALIAS_MEM_INFO *a) -{ - int i; - d_printf("Alias rid %u: ", rid); - for (i=0;i<a->num_members;i++) { - d_printf("%s ", sid_string_static(&a->sids[i].sid)); - } - d_printf("\n"); -} - -static void display_account_info(uint32_t rid, SAM_ACCOUNT_INFO *a) -{ - fstring hex_nt_passwd, hex_lm_passwd; - uint8_t lm_passwd[16], nt_passwd[16]; - static uint8_t zero_buf[16]; - - /* Decode hashes from password hash (if they are not NULL) */ - - if (memcmp(a->pass.buf_lm_pwd, zero_buf, 16) != 0) { - sam_pwd_hash(a->user_rid, a->pass.buf_lm_pwd, lm_passwd, 0); - smbpasswd_sethexpwd(hex_lm_passwd, lm_passwd, a->acb_info); - } else { - smbpasswd_sethexpwd(hex_lm_passwd, NULL, 0); - } - - if (memcmp(a->pass.buf_nt_pwd, zero_buf, 16) != 0) { - sam_pwd_hash(a->user_rid, a->pass.buf_nt_pwd, nt_passwd, 0); - smbpasswd_sethexpwd(hex_nt_passwd, nt_passwd, a->acb_info); - } else { - smbpasswd_sethexpwd(hex_nt_passwd, NULL, 0); - } - - printf("%s:%d:%s:%s:%s:LCT-0\n", unistr2_static(&a->uni_acct_name), - a->user_rid, hex_lm_passwd, hex_nt_passwd, - smbpasswd_encode_acb_info(a->acb_info)); -} - -static void display_domain_info(SAM_DOMAIN_INFO *a) -{ - d_printf("Domain name: %s\n", unistr2_static(&a->uni_dom_name)); -} - -static void display_group_info(uint32_t rid, SAM_GROUP_INFO *a) -{ - d_printf("Group '%s' ", unistr2_static(&a->uni_grp_name)); - d_printf("desc='%s', rid=%u\n", unistr2_static(&a->uni_grp_desc), rid); -} - -static void display_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta) -{ - switch (hdr_delta->type) { - case SAM_DELTA_ACCOUNT_INFO: - display_account_info(hdr_delta->target_rid, &delta->account_info); - break; - case SAM_DELTA_GROUP_MEM: - display_group_mem_info(hdr_delta->target_rid, &delta->grp_mem_info); - break; - case SAM_DELTA_ALIAS_INFO: - display_alias_info(hdr_delta->target_rid, &delta->alias_info); - break; - case SAM_DELTA_ALIAS_MEM: - display_alias_mem(hdr_delta->target_rid, &delta->als_mem_info); - break; - case SAM_DELTA_DOMAIN_INFO: - display_domain_info(&delta->domain_info); - break; - case SAM_DELTA_GROUP_INFO: - display_group_info(hdr_delta->target_rid, &delta->group_info); - break; - default: - d_printf("Unknown delta record type %d\n", hdr_delta->type); - break; - } -} - - -static void dump_database(struct smbcli_state *cli, uint_t db_type, DOM_CRED *ret_creds) -{ - uint_t sync_context = 0; - NTSTATUS result; - int i; - TALLOC_CTX *mem_ctx; - SAM_DELTA_HDR *hdr_deltas; - SAM_DELTA_CTR *deltas; - uint32_t num_deltas; - - if (!(mem_ctx = talloc_init("dump_database"))) { - return; - } - - d_printf("Dumping database %u\n", db_type); - - do { - result = smbcli_netlogon_sam_sync(cli, mem_ctx, ret_creds, db_type, - sync_context, - &num_deltas, &hdr_deltas, &deltas); - clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), ret_creds); - for (i = 0; i < num_deltas; i++) { - display_sam_entry(&hdr_deltas[i], &deltas[i]); - } - sync_context += 1; - } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - - talloc_destroy(mem_ctx); -} - -/* dump sam database via samsync rpc calls */ -int rpc_samdump(int argc, const char **argv) -{ - NTSTATUS result; - struct smbcli_state *cli = NULL; - uint8_t trust_password[16]; - DOM_CRED ret_creds; - uint32_t neg_flags = 0x000001ff; - - - ZERO_STRUCT(ret_creds); - - /* Connect to remote machine */ - if (!(cli = net_make_ipc_connection(NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC))) { - return 1; - } - - if (!smbcli_nt_session_open(cli, PI_NETLOGON)) { - DEBUG(0,("Error connecting to NETLOGON pipe\n")); - goto fail; - } - - if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_password, NULL)) { - d_printf("Could not retrieve domain trust secret\n"); - goto fail; - } - - result = smbcli_nt_setup_creds(cli, SEC_CHAN_BDC, trust_password, &neg_flags, 2); - if (!NT_STATUS_IS_OK(result)) { - d_printf("Failed to setup BDC creds\n"); - goto fail; - } - - dump_database(cli, SAM_DATABASE_DOMAIN, &ret_creds); - dump_database(cli, SAM_DATABASE_BUILTIN, &ret_creds); - dump_database(cli, SAM_DATABASE_PRIVS, &ret_creds); - - smbcli_nt_session_close(cli); - - return 0; - -fail: - if (cli) { - smbcli_nt_session_close(cli); - } - return -1; -} - -/* Convert a SAM_ACCOUNT_DELTA to a SAM_ACCOUNT. */ - -static NTSTATUS -sam_account_from_delta(SAM_ACCOUNT *account, SAM_ACCOUNT_INFO *delta) -{ - fstring s; - uint8_t lm_passwd[16], nt_passwd[16]; - static uint8_t zero_buf[16]; - - /* Username, fullname, home dir, dir drive, logon script, acct - desc, workstations, profile. */ - - unistr2_to_ascii(s, &delta->uni_acct_name, sizeof(s) - 1); - pdb_set_nt_username(account, s, PDB_CHANGED); - - /* Unix username is the same - for sainity */ - pdb_set_username(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_full_name, sizeof(s) - 1); - pdb_set_fullname(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_home_dir, sizeof(s) - 1); - pdb_set_homedir(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_dir_drive, sizeof(s) - 1); - pdb_set_dir_drive(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_logon_script, sizeof(s) - 1); - pdb_set_logon_script(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_acct_desc, sizeof(s) - 1); - pdb_set_acct_desc(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_workstations, sizeof(s) - 1); - pdb_set_workstations(account, s, PDB_CHANGED); - - unistr2_to_ascii(s, &delta->uni_profile, sizeof(s) - 1); - pdb_set_profile_path(account, s, PDB_CHANGED); - - /* User and group sid */ - - pdb_set_user_sid_from_rid(account, delta->user_rid, PDB_CHANGED); - pdb_set_group_sid_from_rid(account, delta->group_rid, PDB_CHANGED); - - /* Logon and password information */ - - pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), PDB_CHANGED); - pdb_set_logoff_time(account, nt_time_to_unix(&delta->logoff_time), - PDB_CHANGED); - pdb_set_logon_divs(account, delta->logon_divs, PDB_CHANGED); - - /* TODO: logon hours */ - /* TODO: bad password count */ - /* TODO: logon count */ - - pdb_set_pass_last_set_time( - account, nt_time_to_unix(&delta->pwd_last_set_time), PDB_CHANGED); - - pdb_set_kickoff_time(account, get_time_t_max(), PDB_CHANGED); - - /* Decode hashes from password hash - Note that win2000 may send us all zeros for the hashes if it doesn't - think this channel is secure enough - don't set the passwords at all - in that case - */ - if (memcmp(delta->pass.buf_lm_pwd, zero_buf, 16) != 0) { - sam_pwd_hash(delta->user_rid, delta->pass.buf_lm_pwd, lm_passwd, 0); - pdb_set_lanman_passwd(account, lm_passwd, PDB_CHANGED); - } - - if (memcmp(delta->pass.buf_nt_pwd, zero_buf, 16) != 0) { - sam_pwd_hash(delta->user_rid, delta->pass.buf_nt_pwd, nt_passwd, 0); - pdb_set_nt_passwd(account, nt_passwd, PDB_CHANGED); - } - - /* TODO: account expiry time */ - - pdb_set_acct_ctrl(account, delta->acb_info, PDB_CHANGED); - return NT_STATUS_OK; -} - -static NTSTATUS -fetch_account_info(uint32_t rid, SAM_ACCOUNT_INFO *delta) -{ - NTSTATUS nt_ret; - fstring account; - pstring add_script; - SAM_ACCOUNT *sam_account=NULL; - GROUP_MAP map; - struct group *grp; - DOM_SID sid; - BOOL try_add = False; - - fstrcpy(account, unistr2_static(&delta->uni_acct_name)); - d_printf("Creating account: %s\n", account); - - if (!NT_STATUS_IS_OK(nt_ret = pdb_init_sam(&sam_account))) - return nt_ret; - - if (!pdb_getsampwnam(sam_account, account)) { - /* Create appropriate user */ - if (delta->acb_info & ACB_NORMAL) { - pstrcpy(add_script, lp_adduser_script()); - } else if ( (delta->acb_info & ACB_WSTRUST) || - (delta->acb_info & ACB_SVRTRUST) ) { - pstrcpy(add_script, lp_addmachine_script()); - } else { - DEBUG(1, ("Unknown user type: %s\n", - smbpasswd_encode_acb_info(delta->acb_info))); - pdb_free_sam(&sam_account); - return NT_STATUS_NO_SUCH_USER; - } - if (*add_script) { - int add_ret; - all_string_sub(add_script, "%u", account, - sizeof(account)); - add_ret = smbrun(add_script,NULL); - DEBUG(1,("fetch_account: Running the command `%s' " - "gave %d\n", add_script, add_ret)); - } - - try_add = True; - } - - sam_account_from_delta(sam_account, delta); - - if (try_add) { - if (!pdb_add_sam_account(sam_account)) { - DEBUG(1, ("SAM Account for %s failed to be added to the passdb!\n", - account)); - } - } else { - if (!pdb_update_sam_account(sam_account)) { - DEBUG(1, ("SAM Account for %s failed to be updated in the passdb!\n", - account)); - } - } - - sid = *pdb_get_group_sid(sam_account); - - if (!pdb_getgrsid(&map, sid, False)) { - DEBUG(0, ("Primary group of %s has no mapping!\n", - pdb_get_username(sam_account))); - pdb_free_sam(&sam_account); - return NT_STATUS_NO_SUCH_GROUP; - } - - if (!(grp = getgrgid(map.gid))) { - DEBUG(0, ("Could not find unix group %d for user %s (group SID=%s)\n", - map.gid, pdb_get_username(sam_account), sid_string_static(&sid))); - pdb_free_sam(&sam_account); - return NT_STATUS_NO_SUCH_GROUP; - } - - smb_set_primary_group(grp->gr_name, pdb_get_username(sam_account)); - - pdb_free_sam(&sam_account); - return NT_STATUS_OK; -} - -static NTSTATUS -fetch_group_info(uint32_t rid, SAM_GROUP_INFO *delta) -{ - fstring name; - fstring comment; - struct group *grp = NULL; - DOM_SID group_sid; - fstring sid_string; - GROUP_MAP map; - BOOL insert = True; - - unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name)-1); - unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment)-1); - - /* add the group to the mapping table */ - sid_copy(&group_sid, get_global_sam_sid()); - sid_append_rid(&group_sid, rid); - sid_to_string(sid_string, &group_sid); - - if (pdb_getgrsid(&map, group_sid, False)) { - grp = getgrgid(map.gid); - insert = False; - } - - if (grp == NULL) - { - gid_t gid; - - /* No group found from mapping, find it from its name. */ - if ((grp = getgrnam(name)) == NULL) { - /* No appropriate group found, create one */ - d_printf("Creating unix group: '%s'\n", name); - if (smb_create_group(name, &gid) != 0) - return NT_STATUS_ACCESS_DENIED; - if ((grp = getgrgid(gid)) == NULL) - return NT_STATUS_ACCESS_DENIED; - } - } - - map.gid = grp->gr_gid; - map.sid = group_sid; - map.sid_name_use = SID_NAME_DOM_GRP; - fstrcpy(map.nt_name, name); - fstrcpy(map.comment, comment); - - map.priv_set.count = 0; - map.priv_set.set = NULL; - - if (insert) - pdb_add_group_mapping_entry(&map); - else - pdb_update_group_mapping_entry(&map); - - return NT_STATUS_OK; -} - -static NTSTATUS -fetch_group_mem_info(uint32_t rid, SAM_GROUP_MEM_INFO *delta) -{ - int i; - TALLOC_CTX *t = NULL; - char **nt_members = NULL; - char **unix_members; - DOM_SID group_sid; - GROUP_MAP map; - struct group *grp; - - if (delta->num_members == 0) { - return NT_STATUS_OK; - } - - sid_copy(&group_sid, get_global_sam_sid()); - sid_append_rid(&group_sid, rid); - - if (!get_domain_group_from_sid(group_sid, &map, False)) { - DEBUG(0, ("Could not find global group %d\n", rid)); - return NT_STATUS_NO_SUCH_GROUP; - } - - if (!(grp = getgrgid(map.gid))) { - DEBUG(0, ("Could not find unix group %d\n", map.gid)); - return NT_STATUS_NO_SUCH_GROUP; - } - - d_printf("Group members of %s: ", grp->gr_name); - - if (!(t = talloc_init("fetch_group_mem_info"))) { - DEBUG(0, ("could not talloc_init\n")); - return NT_STATUS_NO_MEMORY; - } - - nt_members = talloc_zero(t, sizeof(char *) * delta->num_members); - - for (i=0; i<delta->num_members; i++) { - NTSTATUS nt_status; - SAM_ACCOUNT *member = NULL; - DOM_SID member_sid; - - if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_talloc(t, &member))) { - talloc_destroy(t); - return nt_status; - } - - sid_copy(&member_sid, get_global_sam_sid()); - sid_append_rid(&member_sid, delta->rids[i]); - - if (!pdb_getsampwsid(member, &member_sid)) { - DEBUG(1, ("Found bogus group member: %d (member_sid=%s group=%s)\n", - delta->rids[i], sid_string_static(&member_sid), grp->gr_name)); - pdb_free_sam(&member); - continue; - } - - if (pdb_get_group_rid(member) == rid) { - d_printf("%s(primary),", pdb_get_username(member)); - pdb_free_sam(&member); - continue; - } - - d_printf("%s,", pdb_get_username(member)); - nt_members[i] = talloc_strdup(t, pdb_get_username(member)); - pdb_free_sam(&member); - } - - d_printf("\n"); - - unix_members = grp->gr_mem; - - while (*unix_members) { - BOOL is_nt_member = False; - for (i=0; i<delta->num_members; i++) { - if (nt_members[i] == NULL) { - /* This was a primary group */ - continue; - } - - if (strcmp(*unix_members, nt_members[i]) == 0) { - is_nt_member = True; - break; - } - } - if (!is_nt_member) { - /* We look at a unix group member that is not - an nt group member. So, remove it. NT is - boss here. */ - smb_delete_user_group(grp->gr_name, *unix_members); - } - unix_members += 1; - } - - for (i=0; i<delta->num_members; i++) { - BOOL is_unix_member = False; - - if (nt_members[i] == NULL) { - /* This was the primary group */ - continue; - } - - unix_members = grp->gr_mem; - - while (*unix_members) { - if (strcmp(*unix_members, nt_members[i]) == 0) { - is_unix_member = True; - break; - } - unix_members += 1; - } - - if (!is_unix_member) { - /* We look at a nt group member that is not a - unix group member currently. So, add the nt - group member. */ - smb_add_user_group(grp->gr_name, nt_members[i]); - } - } - - talloc_destroy(t); - return NT_STATUS_OK; -} - -static NTSTATUS fetch_alias_info(uint32_t rid, SAM_ALIAS_INFO *delta, - DOM_SID dom_sid) -{ - fstring name; - fstring comment; - struct group *grp = NULL; - DOM_SID alias_sid; - fstring sid_string; - GROUP_MAP map; - BOOL insert = True; - - unistr2_to_ascii(name, &delta->uni_als_name, sizeof(name)-1); - unistr2_to_ascii(comment, &delta->uni_als_desc, sizeof(comment)-1); - - /* Find out whether the group is already mapped */ - sid_copy(&alias_sid, &dom_sid); - sid_append_rid(&alias_sid, rid); - sid_to_string(sid_string, &alias_sid); - - if (pdb_getgrsid(&map, alias_sid, False)) { - grp = getgrgid(map.gid); - insert = False; - } - - if (grp == NULL) { - gid_t gid; - - /* No group found from mapping, find it from its name. */ - if ((grp = getgrnam(name)) == NULL) { - /* No appropriate group found, create one */ - d_printf("Creating unix group: '%s'\n", name); - if (smb_create_group(name, &gid) != 0) - return NT_STATUS_ACCESS_DENIED; - if ((grp = getgrgid(gid)) == NULL) - return NT_STATUS_ACCESS_DENIED; - } - } - - map.gid = grp->gr_gid; - map.sid = alias_sid; - - if (sid_equal(&dom_sid, &global_sid_Builtin)) - map.sid_name_use = SID_NAME_WKN_GRP; - else - map.sid_name_use = SID_NAME_ALIAS; - - fstrcpy(map.nt_name, name); - fstrcpy(map.comment, comment); - - map.priv_set.count = 0; - map.priv_set.set = NULL; - - if (insert) - pdb_add_group_mapping_entry(&map); - else - pdb_update_group_mapping_entry(&map); - - return NT_STATUS_OK; -} - -static NTSTATUS -fetch_alias_mem(uint32_t rid, SAM_ALIAS_MEM_INFO *delta, DOM_SID dom_sid) -{ - - return NT_STATUS_OK; -} - -static void -fetch_sam_entry(SAM_DELTA_HDR *hdr_delta, SAM_DELTA_CTR *delta, - DOM_SID dom_sid) -{ - switch(hdr_delta->type) { - case SAM_DELTA_ACCOUNT_INFO: - fetch_account_info(hdr_delta->target_rid, - &delta->account_info); - break; - case SAM_DELTA_GROUP_INFO: - fetch_group_info(hdr_delta->target_rid, - &delta->group_info); - break; - case SAM_DELTA_GROUP_MEM: - fetch_group_mem_info(hdr_delta->target_rid, - &delta->grp_mem_info); - break; - case SAM_DELTA_ALIAS_INFO: - fetch_alias_info(hdr_delta->target_rid, - &delta->alias_info, dom_sid); - break; - case SAM_DELTA_ALIAS_MEM: - fetch_alias_mem(hdr_delta->target_rid, - &delta->als_mem_info, dom_sid); - break; - default: - d_printf("Unknown delta record type %d\n", hdr_delta->type); - break; - } -} - -static void -fetch_database(struct smbcli_state *cli, uint_t db_type, DOM_CRED *ret_creds, - DOM_SID dom_sid) -{ - uint_t sync_context = 0; - NTSTATUS result; - int i; - TALLOC_CTX *mem_ctx; - SAM_DELTA_HDR *hdr_deltas; - SAM_DELTA_CTR *deltas; - uint32_t num_deltas; - - if (!(mem_ctx = talloc_init("fetch_database"))) { - return; - } - - d_printf("Fetching database %u\n", db_type); - - do { - result = smbcli_netlogon_sam_sync(cli, mem_ctx, ret_creds, - db_type, sync_context, - &num_deltas, - &hdr_deltas, &deltas); - clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), - ret_creds); - for (i = 0; i < num_deltas; i++) { - fetch_sam_entry(&hdr_deltas[i], &deltas[i], dom_sid); - } - sync_context += 1; - } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)); - - talloc_destroy(mem_ctx); -} - -/* dump sam database via samsync rpc calls */ -int rpc_vampire(int argc, const char **argv) -{ - NTSTATUS result; - struct smbcli_state *cli = NULL; - uint8_t trust_password[16]; - DOM_CRED ret_creds; - uint32_t neg_flags = 0x000001ff; - DOM_SID dom_sid; - - ZERO_STRUCT(ret_creds); - - /* Connect to remote machine */ - if (!(cli = net_make_ipc_connection(NET_FLAGS_ANONYMOUS | - NET_FLAGS_PDC))) { - return 1; - } - - if (!smbcli_nt_session_open(cli, PI_NETLOGON)) { - DEBUG(0,("Error connecting to NETLOGON pipe\n")); - goto fail; - } - - if (!secrets_fetch_trust_account_password(lp_workgroup(), - trust_password, NULL)) { - d_printf("Could not retrieve domain trust secret\n"); - goto fail; - } - - result = smbcli_nt_setup_creds(cli, SEC_CHAN_BDC, trust_password, - &neg_flags, 2); - if (!NT_STATUS_IS_OK(result)) { - d_printf("Failed to setup BDC creds\n"); - goto fail; - } - - dom_sid = *get_global_sam_sid(); - fetch_database(cli, SAM_DATABASE_DOMAIN, &ret_creds, dom_sid); - - sid_copy(&dom_sid, &global_sid_Builtin); - fetch_database(cli, SAM_DATABASE_BUILTIN, &ret_creds, dom_sid); - - /* Currently we crash on PRIVS somewhere in unmarshalling */ - /* Dump_database(cli, SAM_DATABASE_PRIVS, &ret_creds); */ - - smbcli_nt_session_close(cli); - - return 0; - -fail: - if (cli) { - smbcli_nt_session_close(cli); - } - return -1; -} diff --git a/source4/utils/net_time.c b/source4/utils/net_time.c deleted file mode 100644 index f7220c9424..0000000000 --- a/source4/utils/net_time.c +++ /dev/null @@ -1,180 +0,0 @@ -/* - Samba Unix/Linux SMB client library - net time command - Copyright (C) 2001 Andrew Tridgell (tridge@samba.org) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -#include "includes.h" -#include "../utils/net.h" - - -/* - return the time on a server. This does not require any authentication -*/ -static time_t smbcli_servertime(const char *host, struct in_addr *ip, int *zone) -{ - struct nmb_name calling, called; - time_t ret = 0; - struct smbcli_state *cli = NULL; - - cli = smbcli_initialise(NULL); - if (!cli) goto done; - - if (!smbcli_connect(cli, host, ip)) { - fprintf(stderr,"Can't contact server\n"); - goto done; - } - - make_nmb_name(&calling, lp_netbios_name(), 0x0); - if (host) { - make_nmb_name(&called, host, 0x20); - } else { - make_nmb_name(&called, "*SMBSERVER", 0x20); - } - - if (!smbcli_session_request(cli, &calling, &called)) { - fprintf(stderr,"Session request failed\n"); - goto done; - } - if (!smbcli_negprot(cli)) { - fprintf(stderr,"Protocol negotiation failed\n"); - goto done; - } - - ret = cli->servertime; - if (zone) *zone = cli->serverzone; - -done: - if (cli) smbcli_shutdown(cli); - return ret; -} - -/* find the servers time on the opt_host host */ -static time_t nettime(int *zone) -{ - return smbcli_servertime(opt_host, opt_have_ip? &opt_dest_ip : NULL, zone); -} - -/* return a time as a string ready to be passed to /bin/date */ -static char *systime(time_t t) -{ - static char s[100]; - struct tm *tm; - - tm = localtime(&t); - - snprintf(s, sizeof(s), "%02d%02d%02d%02d%04d.%02d", - tm->tm_mon+1, tm->tm_mday, tm->tm_hour, - tm->tm_min, tm->tm_year + 1900, tm->tm_sec); - return s; -} - -int net_time_usage(int argc, const char **argv) -{ - d_printf( -"net time\n\tdisplays time on a server\n\n"\ -"net time system\n\tdisplays time on a server in a format ready for /bin/date\n\n"\ -"net time set\n\truns /bin/date with the time from the server\n\n"\ -"net time zone\n\tdisplays the timezone in hours from GMT on the remote computer\n\n"\ -"\n"); - net_common_flags_usage(argc, argv); - return -1; -} - -/* try to set the system clock using /bin/date */ -static int net_time_set(int argc, const char **argv) -{ - time_t t = nettime(NULL); - char *cmd; - - if (t == 0) return -1; - - /* yes, I know this is cheesy. Use "net time system" if you want to - roll your own. I'm putting this in as it works on a large number - of systems and the user has a choice in whether its used or not */ - asprintf(&cmd, "/bin/date %s", systime(t)); - system(cmd); - free(cmd); - - return 0; -} - -/* display the time on a remote box in a format ready for /bin/date */ -static int net_time_system(int argc, const char **argv) -{ - time_t t = nettime(NULL); - - if (t == 0) return -1; - - printf("%s\n", systime(t)); - - return 0; -} - -/* display the time on a remote box in a format ready for /bin/date */ -static int net_time_zone(int argc, const char **argv) -{ - int zone = 0; - int hours, mins; - char zsign; - time_t t; - - t = nettime(&zone); - - if (t == 0) return -1; - - zsign = (zone > 0) ? '-' : '+'; - if (zone < 0) zone = -zone; - - zone /= 60; - hours = zone / 60; - mins = zone % 60; - - printf("%c%02d%02d\n", zsign, hours, mins); - - return 0; -} - -/* display or set the time on a host */ -int net_time(int argc, const char **argv) -{ - time_t t; - struct functable func[] = { - {"SYSTEM", net_time_system}, - {"SET", net_time_set}, - {"ZONE", net_time_zone}, - {NULL, NULL} - }; - - if (!opt_host && !opt_have_ip && - !find_master_ip(opt_target_workgroup, &opt_dest_ip)) { - d_printf("Could not locate a time server. Try "\ - "specifying a target host.\n"); - net_time_usage(argc,argv); - return -1; - } - - if (argc != 0) { - return net_run_function(argc, argv, func, net_time_usage); - } - - /* default - print the time */ - t = smbcli_servertime(opt_host, opt_have_ip? &opt_dest_ip : NULL, NULL); - if (t == 0) return -1; - - d_printf("%s", ctime(&t)); - return 0; -} |