diff options
author | Andrew Tridgell <tridge@samba.org> | 2003-08-13 01:53:07 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2003-08-13 01:53:07 +0000 |
commit | cc3a6ea9920f30925a678c566b4af417da6d455b (patch) | |
tree | 60015a1a5f4b47ac3d133bdbbe32b75815595d4d /source4/rpcclient/cmd_netlogon.c | |
parent | 4d1f9d1def5bf5fea64722626028d94da49c654c (diff) | |
parent | ef2e26c91b80556af033d3335e55f5dfa6fff31d (diff) | |
download | samba-cc3a6ea9920f30925a678c566b4af417da6d455b.tar.gz samba-cc3a6ea9920f30925a678c566b4af417da6d455b.tar.bz2 samba-cc3a6ea9920f30925a678c566b4af417da6d455b.zip |
This commit was generated by cvs2svn to compensate for changes in r30,
which included commits to RCS files with non-trunk default branches.
(This used to be commit 3a69cffb062d4f1238b8cae10481c1f2ea4d3d8b)
Diffstat (limited to 'source4/rpcclient/cmd_netlogon.c')
-rw-r--r-- | source4/rpcclient/cmd_netlogon.c | 342 |
1 files changed, 342 insertions, 0 deletions
diff --git a/source4/rpcclient/cmd_netlogon.c b/source4/rpcclient/cmd_netlogon.c new file mode 100644 index 0000000000..407bff3735 --- /dev/null +++ b/source4/rpcclient/cmd_netlogon.c @@ -0,0 +1,342 @@ +/* + Unix SMB/CIFS implementation. + RPC pipe client + + Copyright (C) Tim Potter 2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "rpcclient.h" + +static NTSTATUS cmd_netlogon_logon_ctrl2(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + uint32 query_level = 1; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + if (argc > 1) { + fprintf(stderr, "Usage: %s\n", argv[0]); + return NT_STATUS_OK; + } + + result = cli_netlogon_logon_ctrl2(cli, mem_ctx, query_level); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Display results */ + + done: + return result; +} + +static NTSTATUS cmd_netlogon_logon_ctrl(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ +#if 0 + uint32 query_level = 1; +#endif + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + + if (argc > 1) { + fprintf(stderr, "Usage: %s\n", argv[0]); + return NT_STATUS_OK; + } + +#if 0 + result = cli_netlogon_logon_ctrl(cli, mem_ctx, query_level); + if (!NT_STATUS_IS_OK(result)) { + goto done; + } +#endif + + /* Display results */ + + return result; +} + +/* Display sam synchronisation information */ + +static void display_sam_sync(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas, + SAM_DELTA_CTR *deltas) +{ + fstring name; + uint32 i, j; + + for (i = 0; i < num_deltas; i++) { + switch (hdr_deltas[i].type) { + case SAM_DELTA_DOMAIN_INFO: + unistr2_to_ascii(name, + &deltas[i].domain_info.uni_dom_name, + sizeof(name) - 1); + printf("Domain: %s\n", name); + break; + case SAM_DELTA_GROUP_INFO: + unistr2_to_ascii(name, + &deltas[i].group_info.uni_grp_name, + sizeof(name) - 1); + printf("Group: %s\n", name); + break; + case SAM_DELTA_ACCOUNT_INFO: + unistr2_to_ascii(name, + &deltas[i].account_info.uni_acct_name, + sizeof(name) - 1); + printf("Account: %s\n", name); + break; + case SAM_DELTA_ALIAS_INFO: + unistr2_to_ascii(name, + &deltas[i].alias_info.uni_als_name, + sizeof(name) - 1); + printf("Alias: %s\n", name); + break; + case SAM_DELTA_ALIAS_MEM: { + SAM_ALIAS_MEM_INFO *alias = &deltas[i].als_mem_info; + + for (j = 0; j < alias->num_members; j++) { + fstring sid_str; + + sid_to_string(sid_str, &alias->sids[j].sid); + + printf("%s\n", sid_str); + } + break; + } + case SAM_DELTA_GROUP_MEM: { + SAM_GROUP_MEM_INFO *group = &deltas[i].grp_mem_info; + + for (j = 0; j < group->num_members; j++) + printf("rid 0x%x, attrib 0x%08x\n", + group->rids[j], group->attribs[j]); + break; + } + case SAM_DELTA_MODIFIED_COUNT: { + SAM_DELTA_MOD_COUNT *mc = &deltas[i].mod_count; + + printf("sam sequence update: 0x%04x\n", mc->seqnum); + break; + } + default: + printf("unknown delta type 0x%02x\n", + hdr_deltas[i].type); + break; + } + } +} + +/* Perform sam synchronisation */ + +static NTSTATUS cmd_netlogon_sam_sync(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + unsigned char trust_passwd[16]; + uint32 database_id = 0, num_deltas; + SAM_DELTA_HDR *hdr_deltas; + SAM_DELTA_CTR *deltas; + DOM_CRED ret_creds; + uint32 neg_flags = 0x000001ff; + + if (argc > 2) { + fprintf(stderr, "Usage: %s [database_id]\n", argv[0]); + return NT_STATUS_OK; + } + + if (argc == 2) + database_id = atoi(argv[1]); + + if (!secrets_init()) { + fprintf(stderr, "Unable to initialise secrets database\n"); + return result; + } + + /* Initialise session credentials */ + + if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd, + NULL)) { + fprintf(stderr, "could not fetch trust account password\n"); + goto done; + } + + result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd, &neg_flags, 2); + + if (!NT_STATUS_IS_OK(result)) { + fprintf(stderr, "Error initialising session creds\n"); + goto done; + } + + /* on first call the returnAuthenticator is empty */ + memset(&ret_creds, 0, sizeof(ret_creds)); + + /* Synchronise sam database */ + + result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, database_id, + 0, &num_deltas, &hdr_deltas, &deltas); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Display results */ + + display_sam_sync(num_deltas, hdr_deltas, deltas); + + done: + return result; +} + +/* Perform sam delta synchronisation */ + +static NTSTATUS cmd_netlogon_sam_deltas(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + unsigned char trust_passwd[16]; + uint32 database_id, num_deltas, tmp; + SAM_DELTA_HDR *hdr_deltas; + SAM_DELTA_CTR *deltas; + UINT64_S seqnum; + uint32 neg_flags = 0x000001ff; + + if (argc != 3) { + fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]); + return NT_STATUS_OK; + } + + database_id = atoi(argv[1]); + tmp = atoi(argv[2]); + + seqnum.low = tmp & 0xffff; + seqnum.high = 0; + + if (!secrets_init()) { + fprintf(stderr, "Unable to initialise secrets database\n"); + goto done; + } + + /* Initialise session credentials */ + + if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd, + NULL)) { + fprintf(stderr, "could not fetch trust account password\n"); + goto done; + } + + result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd, &neg_flags, 2); + + if (!NT_STATUS_IS_OK(result)) { + fprintf(stderr, "Error initialising session creds\n"); + goto done; + } + + /* Synchronise sam database */ + + result = cli_netlogon_sam_deltas(cli, mem_ctx, database_id, + seqnum, &num_deltas, + &hdr_deltas, &deltas); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + /* Display results */ + + display_sam_sync(num_deltas, hdr_deltas, deltas); + + done: + return result; +} + +/* Log on a domain user */ + +static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, + const char **argv) +{ + unsigned char trust_passwd[16]; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + int logon_type = NET_LOGON_TYPE; + const char *username, *password; + uint32 neg_flags = 0x000001ff; + int auth_level = 2; + + /* Check arguments */ + + if (argc < 3 || argc > 6) { + fprintf(stderr, "Usage: samlogon <username> <password> " + "[logon_type] [neg flags] [auth level (2 or 3)]\n" + "neg flags being 0x000001ff or 0x6007ffff\n"); + return NT_STATUS_OK; + } + + username = argv[1]; + password = argv[2]; + + if (argc == 4) + sscanf(argv[3], "%i", &logon_type); + + if (argc == 5) + sscanf(argv[4], "%i", &neg_flags); + + if (argc == 6) + sscanf(argv[5], "%i", &auth_level); + + /* Authenticate ourselves with the domain controller */ + + if (!secrets_init()) { + fprintf(stderr, "Unable to initialise secrets database\n"); + return result; + } + + if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd, NULL)) { + fprintf(stderr, "could not fetch trust account password\n"); + goto done; + } + + result = cli_nt_setup_creds(cli, get_sec_chan(), trust_passwd, &neg_flags, auth_level); + + if (!NT_STATUS_IS_OK(result)) { + fprintf(stderr, "Error initialising session creds\n"); + goto done; + } + + /* Perform the sam logon */ + + result = cli_netlogon_sam_logon(cli, mem_ctx, username, password, logon_type); + + if (!NT_STATUS_IS_OK(result)) + goto done; + + done: + return result; +} + +/* List of commands exported by this module */ + +struct cmd_set netlogon_commands[] = { + + { "NETLOGON" }, + + { "logonctrl2", cmd_netlogon_logon_ctrl2, PI_NETLOGON, "Logon Control 2", "" }, + { "logonctrl", cmd_netlogon_logon_ctrl, PI_NETLOGON, "Logon Control", "" }, + { "samsync", cmd_netlogon_sam_sync, PI_NETLOGON, "Sam Synchronisation", "" }, + { "samdeltas", cmd_netlogon_sam_deltas, PI_NETLOGON, "Query Sam Deltas", "" }, + { "samlogon", cmd_netlogon_sam_logon, PI_NETLOGON, "Sam Logon", "" }, + + { NULL } +}; |