summaryrefslogtreecommitdiff
path: root/source3/utils/net_rpc.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2003-04-16 10:20:14 +0000
committerAndrew Bartlett <abartlet@samba.org>2003-04-16 10:20:14 +0000
commit2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7 (patch)
tree70203479d0f7bebcbb80e7af48f560715162171a /source3/utils/net_rpc.c
parentf9cde25fa492e071960e0857f5075222119a0d1c (diff)
downloadsamba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.tar.gz
samba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.tar.bz2
samba-2cb0b91ed19c0fbbc3bfb1b5a35c6af2acf5b5d7.zip
Store the type of 'sec channel' that we establish to the DC. If we are a
workstation, we have to use the workstation type, if we have a BDC account, we must use the BDC type - even if we are pretending to be a workstation at the moment. Also actually store and retreive the last change time, so we can do periodic password changes again (for RPC at least). And finally, a couple of minor fixes to 'net'. Andrew Bartlett (This used to be commit 6e6b7b79edae3efd0197651e9a8ce6775c001cf2)
Diffstat (limited to 'source3/utils/net_rpc.c')
-rw-r--r--source3/utils/net_rpc.c83
1 files changed, 61 insertions, 22 deletions
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index a35cdd0b5b..9ae50aaf0d 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -235,8 +235,9 @@ int net_rpc_changetrustpw(int argc, const char **argv)
* @return Normal NTSTATUS return.
**/
-static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
- int argc, const char **argv) {
+static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, const char **argv) {
fstring trust_passwd;
unsigned char orig_trust_passwd_hash[16];
@@ -254,10 +255,22 @@ static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cl
E_md4hash(trust_passwd, orig_trust_passwd_hash);
- result = trust_pw_change_and_store_it(cli, mem_ctx, orig_trust_passwd_hash);
+ result = trust_pw_change_and_store_it(cli, mem_ctx, opt_target_workgroup,
+ orig_trust_passwd_hash,
+ SEC_CHAN_WKSTA);
+
+ /* SEC_CHAN_WKSTA specified specifically, as you cannot use this
+ to join a BDC to the domain (MS won't allow it, and is *really*
+ insecure) */
if (NT_STATUS_IS_OK(result))
- printf("Joined domain %s.\n",lp_workgroup());
+ printf("Joined domain %s.\n",opt_target_workgroup);
+
+
+ if (!secrets_store_domain_sid(opt_target_workgroup, domain_sid)) {
+ DEBUG(0, ("error storing domain sid for %s\n", opt_target_workgroup));
+ result = NT_STATUS_UNSUCCESSFUL;
+ }
return result;
}
@@ -274,7 +287,38 @@ static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cl
static int net_rpc_join_oldstyle(int argc, const char **argv)
{
- return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_join_oldstyle_internals,
+ uint32 sec_channel_type;
+ /* check what type of join */
+ if (argc >= 0) {
+ sec_channel_type = get_sec_channel_type(argv[0]);
+ } else {
+ sec_channel_type = get_sec_channel_type(NULL);
+ }
+
+ if (sec_channel_type != SEC_CHAN_WKSTA)
+ return 1;
+
+ return run_rpc_command(NULL, PI_NETLOGON,
+ NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
+ rpc_join_oldstyle_internals,
+ argc, argv);
+}
+
+/**
+ * Join a domain, the old way.
+ *
+ * @param argc Standard main() style argc
+ * @param argc Standard main() style argv. Initial components are already
+ * stripped
+ *
+ * @return A shell status integer (0 for success)
+ **/
+
+static int net_rpc_oldjoin(int argc, const char **argv)
+{
+ return run_rpc_command(NULL, PI_NETLOGON,
+ NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
+ rpc_join_oldstyle_internals,
argc, argv);
}
@@ -287,11 +331,13 @@ static int net_rpc_join_oldstyle(int argc, const char **argv)
static int rpc_join_usage(int argc, const char **argv)
{
- d_printf("net rpc join -U <username>[%%password] [options]\n"\
+ d_printf("net rpc join -U <username>[%%password] <type>[options]\n"\
"\t to join a domain with admin username & password\n"\
- "\t\t password will be prompted if none is specified\n");
- d_printf("net rpc join [options except -U]\n"\
- "\t to join a domain created in server manager\n\n\n");
+ "\t\t password will be prompted if needed and none is specified\n"\
+ "\t <type> can be (default MEMBER)\n"\
+ "\t\t BDC - Join as a BDC\n"\
+ "\t\t PDC - Join as a PDC\n"\
+ "\t\t MEMBER - Join as a MEMBER server\n");
net_common_flags_usage(argc, argv);
return -1;
@@ -311,19 +357,10 @@ static int rpc_join_usage(int argc, const char **argv)
int net_rpc_join(int argc, const char **argv)
{
- struct functable func[] = {
- {"oldstyle", net_rpc_join_oldstyle},
- {NULL, NULL}
- };
-
- if (argc == 0) {
- if ((net_rpc_join_oldstyle(argc, argv) == 0))
- return 0;
-
- return net_rpc_join_newstyle(argc, argv);
- }
-
- return net_run_function(argc, argv, func, rpc_join_usage);
+ if ((net_rpc_join_oldstyle(argc, argv) == 0))
+ return 0;
+
+ return net_rpc_join_newstyle(argc, argv);
}
@@ -2179,6 +2216,7 @@ int net_rpc_usage(int argc, const char **argv)
{
d_printf(" net rpc info \t\t\tshow basic info about a domain \n");
d_printf(" net rpc join \t\t\tto join a domain \n");
+ d_printf(" net rpc oldjoin \t\t\tto join a domain created in server manager\n\n\n");
d_printf(" net rpc testjoin \t\ttests that a join is valid\n");
d_printf(" net rpc user \t\t\tto add, delete and list users\n");
d_printf(" net rpc group \t\tto list groups\n");
@@ -2245,6 +2283,7 @@ int net_rpc(int argc, const char **argv)
struct functable func[] = {
{"info", net_rpc_info},
{"join", net_rpc_join},
+ {"oldjoin", net_rpc_oldjoin},
{"testjoin", net_rpc_testjoin},
{"user", net_rpc_user},
{"group", net_rpc_group},