diff options
-rw-r--r-- | source3/libnet/libnet_join.c | 69 | ||||
-rw-r--r-- | source3/pam_smbpass/pam_smb_acct.c | 2 | ||||
-rw-r--r-- | source3/pam_smbpass/pam_smb_passwd.c | 2 | ||||
-rw-r--r-- | source3/printing/nt_printing.c | 7 | ||||
-rw-r--r-- | source3/rpc_server/srv_wkssvc_nt.c | 25 |
5 files changed, 78 insertions, 27 deletions
diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index a189a38ea3..af7f9a6a21 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -24,6 +24,35 @@ /**************************************************************** ****************************************************************/ +#define LIBNET_JOIN_DUMP_CTX(ctx, r, f) \ + do { \ + char *str = NULL; \ + str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_JoinCtx, f, r); \ + DEBUG(1,("libnet_Join:\n%s", str)); \ + talloc_free(str); \ + } while (0) + +#define LIBNET_JOIN_IN_DUMP_CTX(ctx, r) \ + LIBNET_JOIN_DUMP_CTX(ctx, r, NDR_IN | NDR_SET_VALUES) +#define LIBNET_JOIN_OUT_DUMP_CTX(ctx, r) \ + LIBNET_JOIN_DUMP_CTX(ctx, r, NDR_OUT) + +#define LIBNET_UNJOIN_DUMP_CTX(ctx, r, f) \ + do { \ + char *str = NULL; \ + str = NDR_PRINT_FUNCTION_STRING(ctx, libnet_UnjoinCtx, f, r); \ + DEBUG(1,("libnet_Unjoin:\n%s", str)); \ + talloc_free(str); \ + } while (0) + +#define LIBNET_UNJOIN_IN_DUMP_CTX(ctx, r) \ + LIBNET_UNJOIN_DUMP_CTX(ctx, r, NDR_IN | NDR_SET_VALUES) +#define LIBNET_UNJOIN_OUT_DUMP_CTX(ctx, r) \ + LIBNET_UNJOIN_DUMP_CTX(ctx, r, NDR_OUT) + +/**************************************************************** +****************************************************************/ + static void libnet_join_set_error_string(TALLOC_CTX *mem_ctx, struct libnet_JoinCtx *r, const char *format, ...) @@ -1147,8 +1176,9 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, &info); if (!NT_STATUS_IS_OK(status)) { libnet_join_set_error_string(mem_ctx, r, - "failed to find DC: %s", - nt_errstr(status)); + "failed to find DC for domain %s", + r->in.domain_name, + get_friendly_nt_error_msg(status)); return WERR_DOMAIN_CONTROLLER_NOT_FOUND; } @@ -1182,7 +1212,7 @@ static WERROR libnet_DomainJoin(TALLOC_CTX *mem_ctx, if (!NT_STATUS_IS_OK(status)) { libnet_join_set_error_string(mem_ctx, r, "failed to join domain over rpc: %s", - nt_errstr(status)); + get_friendly_nt_error_msg(status)); if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) { return WERR_SETUP_ALREADY_JOINED; } @@ -1214,7 +1244,7 @@ WERROR libnet_Join(TALLOC_CTX *mem_ctx, WERROR werr; if (r->in.debug) { - NDR_PRINT_IN_DEBUG(libnet_JoinCtx, r); + LIBNET_JOIN_IN_DUMP_CTX(mem_ctx, r); } werr = libnet_join_pre_processing(mem_ctx, r); @@ -1234,8 +1264,10 @@ WERROR libnet_Join(TALLOC_CTX *mem_ctx, goto done; } done: + r->out.result = werr; + if (r->in.debug) { - NDR_PRINT_OUT_DEBUG(libnet_JoinCtx, r); + LIBNET_JOIN_OUT_DUMP_CTX(mem_ctx, r); } return werr; } @@ -1248,6 +1280,17 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx, { NTSTATUS status; + if (!r->in.domain_sid) { + struct dom_sid sid; + if (!secrets_fetch_domain_sid(lp_workgroup(), &sid)) { + libnet_unjoin_set_error_string(mem_ctx, r, + "Unable to fetch domain sid: are we joined?"); + return WERR_SETUP_NOT_JOINED; + } + r->in.domain_sid = sid_dup_talloc(mem_ctx, &sid); + W_ERROR_HAVE_NO_MEMORY(r->in.domain_sid); + } + if (!r->in.dc_name) { struct DS_DOMAIN_CONTROLLER_INFO *info; status = dsgetdcname(mem_ctx, @@ -1261,8 +1304,9 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx, &info); if (!NT_STATUS_IS_OK(status)) { libnet_unjoin_set_error_string(mem_ctx, r, - "failed to find DC: %s", - nt_errstr(status)); + "failed to find DC for domain %s", + r->in.domain_name, + get_friendly_nt_error_msg(status)); return WERR_DOMAIN_CONTROLLER_NOT_FOUND; } @@ -1274,8 +1318,8 @@ static WERROR libnet_DomainUnjoin(TALLOC_CTX *mem_ctx, status = libnet_join_unjoindomain_rpc(mem_ctx, r); if (!NT_STATUS_IS_OK(status)) { libnet_unjoin_set_error_string(mem_ctx, r, - "failed to unjoin domain: %s", - nt_errstr(status)); + "failed to disable machine account via rpc: %s", + get_friendly_nt_error_msg(status)); if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) { return WERR_SETUP_NOT_JOINED; } @@ -1319,6 +1363,7 @@ static WERROR libnet_unjoin_pre_processing(TALLOC_CTX *mem_ctx, return WERR_OK; } + /**************************************************************** ****************************************************************/ @@ -1328,7 +1373,7 @@ WERROR libnet_Unjoin(TALLOC_CTX *mem_ctx, WERROR werr; if (r->in.debug) { - NDR_PRINT_IN_DEBUG(libnet_UnjoinCtx, r); + LIBNET_UNJOIN_IN_DUMP_CTX(mem_ctx, r); } werr = libnet_unjoin_pre_processing(mem_ctx, r); @@ -1349,8 +1394,10 @@ WERROR libnet_Unjoin(TALLOC_CTX *mem_ctx, } done: + r->out.result = werr; + if (r->in.debug) { - NDR_PRINT_OUT_DEBUG(libnet_UnjoinCtx, r); + LIBNET_UNJOIN_OUT_DUMP_CTX(mem_ctx, r); } return werr; diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c index 59ed4eee8b..b9bcb31091 100644 --- a/source3/pam_smbpass/pam_smb_acct.c +++ b/source3/pam_smbpass/pam_smb_acct.c @@ -78,7 +78,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, } if (geteuid() != 0) { - _log_err(pamh, LOG_DEBUG, "Cannot access samba password database, not running as root."); + _log_err( LOG_DEBUG, "Cannot access samba password database, not running as root."); return PAM_AUTHINFO_UNAVAIL; } diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c index de5310761f..326a0b59e7 100644 --- a/source3/pam_smbpass/pam_smb_passwd.c +++ b/source3/pam_smbpass/pam_smb_passwd.c @@ -130,7 +130,7 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags, } if (geteuid() != 0) { - _log_err(pamh, LOG_DEBUG, "Cannot access samba password database, not running as root."); + _log_err( LOG_DEBUG, "Cannot access samba password database, not running as root."); return PAM_AUTHINFO_UNAVAIL; } diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index bba55c0e4a..d5803b711b 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -3315,8 +3315,13 @@ static WERROR nt_printer_publish_ads(ADS_STRUCT *ads, /* publish it */ ads_rc = ads_mod_printer_entry(ads, prt_dn, ctx, &mods); - if (ads_rc.err.rc == LDAP_NO_SUCH_OBJECT) + if (ads_rc.err.rc == LDAP_NO_SUCH_OBJECT) { + int i; + for (i=0; mods[i] != 0; i++) + ; + mods[i] = (LDAPMod *)-1; ads_rc = ads_add_printer_entry(ads, prt_dn, ctx, &mods); + } if (!ADS_ERR_OK(ads_rc)) DEBUG(3, ("error publishing %s: %s\n", printer->info_2->sharename, ads_errstr(ads_rc))); diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index 849ec9c4eb..de2e33732d 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -287,7 +287,7 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, struct wkssvc_NetrJoinDomain2 *r { #if 0 struct libnet_JoinCtx *j = NULL; - char *pwd = NULL; + char *cleartext_pwd = NULL; char *admin_domain = NULL; char *admin_account = NULL; WERROR werr; @@ -308,12 +308,7 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, struct wkssvc_NetrJoinDomain2 *r werr = decode_wkssvc_join_password_buffer(p->mem_ctx, r->in.encrypted_password, &p->session_key, - &pwd); - if (!W_ERROR_IS_OK(werr)) { - return werr; - } - - werr = libnet_init_JoinCtx(p->mem_ctx, &j); + &cleartext_pwd); if (!W_ERROR_IS_OK(werr)) { return werr; } @@ -323,7 +318,7 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, struct wkssvc_NetrJoinDomain2 *r &admin_domain, &admin_account); - status = DsGetDcName(p->mem_ctx, + status = dsgetdcname(p->mem_ctx, NULL, r->in.domain_name, NULL, @@ -336,14 +331,18 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p, struct wkssvc_NetrJoinDomain2 *r return ntstatus_to_werror(status); } - j->in.server_name = info->domain_controller_name; + werr = libnet_init_JoinCtx(p->mem_ctx, &j); + if (!W_ERROR_IS_OK(werr)) { + return werr; + } + + j->in.dc_name = info->domain_controller_name; j->in.domain_name = r->in.domain_name; j->in.account_ou = r->in.account_ou; j->in.join_flags = r->in.join_flags; - - j->in.admin_account = admin_account; - j->in.password = pwd; - j->in.modify_config = true; + j->in.admin_account = admin_account; + j->in.admin_password = cleartext_pwd; + j->in.modify_config = true; become_root(); werr = libnet_Join(p->mem_ctx, j); |