diff options
| -rw-r--r-- | source3/Makefile.in | 1 | ||||
| -rw-r--r-- | source3/include/proto.h | 5 | ||||
| -rw-r--r-- | source3/rpc_client/cli_netlogon.c | 74 | ||||
| -rw-r--r-- | source3/rpc_client/cli_netlogon_sync.c | 108 | ||||
| -rw-r--r-- | source3/rpcclient/cmd_netlogon.c | 18 |
5 files changed, 127 insertions, 79 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index 55ae4d795d..6c83d73525 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -149,6 +149,7 @@ RPC_PARSE_OBJ = rpc_parse/parse_lsa.o rpc_parse/parse_misc.o \ RPC_CLIENT_OBJ = \ rpc_client/cli_login.o \ rpc_client/cli_netlogon.o \ + rpc_client/cli_netlogon_sync.o \ rpc_client/cli_reg.o \ rpc_client/cli_pipe.o \ rpc_client/cli_lsarpc.o \ diff --git a/source3/include/proto.h b/source3/include/proto.h index 7f4ec9cc7e..8b18a0487b 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1768,10 +1768,13 @@ BOOL cli_net_sam_logoff(struct cli_state *cli, uint16 nt_pipe_fnum, NET_ID_INFO_ BOOL cli_net_sam_sync(struct cli_state *cli, uint16 nt_pipe_fnum, uint32 database_id, uint32 *num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas); BOOL change_trust_account_password(char *domain, char *remote_machine_list, uint16 sec_chan); -BOOL do_sam_sync(struct cli_state *cli, +BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16], SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS], SAM_DELTA_CTR deltas [MAX_SAM_DELTAS], uint32 *num_deltas); + +/*The following definitions come from rpc_client/cli_netlogon_sync.c */ + BOOL synchronise_passdb(void); /*The following definitions come from rpc_client/cli_pipe.c */ diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index 6f0d7e1c3a..6b7db8ff6e 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -715,22 +715,19 @@ domain %s.\n", timestring(), domain)); return False; } -BOOL do_sam_sync(struct cli_state *cli, +BOOL do_sam_sync(struct cli_state *cli, uchar trust_passwd[16], SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS], SAM_DELTA_CTR deltas [MAX_SAM_DELTAS], uint32 *num_deltas) { uint16 nt_pipe_fnum; BOOL res = True; - unsigned char trust_passwd[16]; *num_deltas = 0; DEBUG(2,("Attempting SAM sync with PDC, domain: %s name: %s\n", cli->domain, global_myname)); - res = res ? trust_get_passwd(trust_passwd, cli->domain, global_myname) : False; - /* open NETLOGON session. negotiate credentials */ res = res ? cli_nt_session_open(cli, PIPE_NETLOGON, &nt_pipe_fnum) : False; @@ -755,72 +752,3 @@ BOOL do_sam_sync(struct cli_state *cli, return True; } -BOOL synchronise_passdb(void) -{ - struct cli_state cli; - SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS]; - SAM_DELTA_CTR deltas[MAX_SAM_DELTAS]; - uint32 num; - - SAM_ACCOUNT_INFO *acc; - struct smb_passwd pwd; - fstring nt_name; - unsigned char smb_passwd[16]; - unsigned char smb_nt_passwd[16]; - - char *mode; - BOOL success; - BOOL ret; - int i; - - if (!cli_connect_serverlist(&cli, lp_passwordserver())) - { - return False; - } - - pstrcpy(cli.domain, lp_workgroup()); - - ret = do_sam_sync(&cli, hdr_deltas, deltas, &num); - - if (ret) - { - for (i = 0; i < num; i++) - { - /* Currently only interested in accounts */ - if (hdr_deltas[i].type != 5) - { - continue; - } - - acc = &deltas[i].account_info; - pwdb_init_smb(&pwd); - - pwd.user_rid = acc->user_rid; - unistr2_to_ascii(nt_name, &(acc->uni_acct_name), sizeof(fstring)-1); - pwd.nt_name = nt_name; - pwd.acct_ctrl = acc->acb_info; - pwd.pass_last_set_time = nt_time_to_unix(&(acc->pwd_last_set_time)); - - sam_pwd_hash(acc->user_rid, smb_passwd, acc->pass.buf_lm_pwd, 0); - sam_pwd_hash(acc->user_rid, smb_nt_passwd, acc->pass.buf_nt_pwd, 0); - pwd.smb_passwd = smb_passwd; - pwd.smb_nt_passwd = smb_nt_passwd; - - mode = "modify"; - success = mod_smbpwd_entry(&pwd, True); - - if (!success) - { - mode = "add"; - success = add_smbpwd_entry(&pwd); - } - - DEBUG(0, ("Attempted to %s account for %s: %s\n", mode, - nt_name, success ? "OK" : "FAILED")); - } - } - - cli_ulogoff(&cli); - cli_shutdown(&cli); - return ret; -} diff --git a/source3/rpc_client/cli_netlogon_sync.c b/source3/rpc_client/cli_netlogon_sync.c new file mode 100644 index 0000000000..c3e2bcb219 --- /dev/null +++ b/source3/rpc_client/cli_netlogon_sync.c @@ -0,0 +1,108 @@ +/* + * Unix SMB/Netbios implementation. + * Version 1.9. + * RPC Pipe client / server routines + * Copyright (C) Andrew Tridgell 1992-1999, + * Copyright (C) Luke Kenneth Casson Leighton 1996-1999, + * Copyright (C) Matthew Chapman 1999, + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +#ifdef SYSLOG +#undef SYSLOG +#endif + +#include "includes.h" + +extern int DEBUGLEVEL; +extern pstring global_myname; + +BOOL synchronise_passdb(void) +{ + struct cli_state cli; + SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS]; + SAM_DELTA_CTR deltas[MAX_SAM_DELTAS]; + uint32 num; + + SAM_ACCOUNT_INFO *acc; + struct smb_passwd pwd; + fstring nt_name; + unsigned char smb_passwd[16]; + unsigned char smb_nt_passwd[16]; + uchar trust_passwd[16]; + + char *mode; + BOOL success; + BOOL ret; + int i; + + if (!cli_connect_serverlist(&cli, lp_passwordserver())) + { + return False; + } + + pstrcpy(cli.domain, lp_workgroup()); + + if (!trust_get_passwd(trust_passwd, cli.domain, global_myname)) + { + return False; + } + + ret = do_sam_sync(&cli, trust_passwd, hdr_deltas, deltas, &num); + + if (ret) + { + for (i = 0; i < num; i++) + { + /* Currently only interested in accounts */ + if (hdr_deltas[i].type != 5) + { + continue; + } + + acc = &deltas[i].account_info; + pwdb_init_smb(&pwd); + + pwd.user_rid = acc->user_rid; + unistr2_to_ascii(nt_name, &(acc->uni_acct_name), sizeof(fstring)-1); + pwd.nt_name = nt_name; + pwd.acct_ctrl = acc->acb_info; + pwd.pass_last_set_time = nt_time_to_unix(&(acc->pwd_last_set_time)); + + sam_pwd_hash(acc->user_rid, smb_passwd, acc->pass.buf_lm_pwd, 0); + sam_pwd_hash(acc->user_rid, smb_nt_passwd, acc->pass.buf_nt_pwd, 0); + pwd.smb_passwd = smb_passwd; + pwd.smb_nt_passwd = smb_nt_passwd; + + mode = "modify"; + success = mod_smbpwd_entry(&pwd, True); + + if (!success) + { + mode = "add"; + success = add_smbpwd_entry(&pwd); + } + + DEBUG(0, ("Attempted to %s account for %s: %s\n", mode, + nt_name, success ? "OK" : "FAILED")); + } + } + + cli_ulogoff(&cli); + cli_shutdown(&cli); + return ret; +} diff --git a/source3/rpcclient/cmd_netlogon.c b/source3/rpcclient/cmd_netlogon.c index 1d99b99f9c..f536a0f52f 100644 --- a/source3/rpcclient/cmd_netlogon.c +++ b/source3/rpcclient/cmd_netlogon.c @@ -65,7 +65,7 @@ void cmd_netlogon_login_test(struct client_info *info) fstrcpy(nt_user_name, smb_cli->user_name); if (nt_user_name[0] == 0) { - fprintf(out_hnd,"ntlogin: must specify username with anonymous connection\n"); + report(out_hnd,"ntlogin: must specify username with anonymous connection\n"); return; } } @@ -130,7 +130,7 @@ void cmd_netlogon_login_test(struct client_info *info) /* close the session */ cli_nt_session_close(smb_cli, nt_pipe_fnum); - fprintf(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n", + report(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n", nt_user_name, BOOLSTR(res)); } @@ -148,7 +148,7 @@ void cmd_netlogon_domain_test(struct client_info *info) if (!next_token(NULL, nt_trust_dom, NULL, sizeof(nt_trust_dom))) { - fprintf(out_hnd,"domtest: must specify domain name\n"); + report(out_hnd,"domtest: must specify domain name\n"); return; } @@ -170,7 +170,7 @@ void cmd_netlogon_domain_test(struct client_info *info) /* close the session */ cli_nt_session_close(smb_cli, nt_pipe_fnum); - fprintf(out_hnd,"cmd_nt_login: credentials (%s) test succeeded: %s\n", + report(out_hnd,"cmd_nt_login: credentials (%s) test succeeded: %s\n", nt_trust_dom, BOOLSTR(res)); } @@ -182,8 +182,16 @@ void cmd_sam_sync(struct client_info *info) SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS]; SAM_DELTA_CTR deltas[MAX_SAM_DELTAS]; uint32 num; + uchar trust_passwd[16]; + extern pstring global_myname; - if (do_sam_sync(smb_cli, hdr_deltas, deltas, &num)) + if (!trust_get_passwd(trust_passwd, smb_cli->domain, global_myname)) + { + report(out_hnd, "cmd_sam_sync: no trust account password\n"); + return; + } + + if (do_sam_sync(smb_cli, trust_passwd, hdr_deltas, deltas, &num)) { display_sam_sync(out_hnd, ACTION_HEADER , hdr_deltas, deltas, num); display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas, deltas, num); |