summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/libads/ldap.c91
-rw-r--r--source3/utils/net_ads.c53
2 files changed, 115 insertions, 29 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index c3d80a09ec..812c44e7d7 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -286,6 +286,32 @@ static int ads_add_machine_acct(ADS_STRUCT *ads, const char *hostname)
}
/*
+ dump a binary result from ldap
+*/
+static void dump_binary(const char *field, struct berval **values)
+{
+ int i, j;
+ for (i=0; values[i]; i++) {
+ printf("%s: ", field);
+ for (j=0; j<values[i]->bv_len; j++) {
+ printf("%02X", (unsigned char)values[i]->bv_val[j]);
+ }
+ printf("\n");
+ }
+}
+
+/*
+ dump a string result from ldap
+*/
+static void dump_string(const char *field, struct berval **values)
+{
+ int i;
+ for (i=0; values[i]; i++) {
+ printf("%s: %s\n", field, values[i]->bv_val);
+ }
+}
+
+/*
dump a record from LDAP on stdout
used for debugging
*/
@@ -295,6 +321,14 @@ void ads_dump(ADS_STRUCT *ads, void *res)
LDAPMessage *msg;
BerElement *b;
char *this_dn;
+ struct {
+ char *name;
+ void (*handler)(const char *, struct berval **);
+ } handlers[] = {
+ {"objectGUID", dump_binary},
+ {"objectSid", dump_binary},
+ {NULL, NULL}
+ };
for (msg = ldap_first_entry(ads->ld, (LDAPMessage *)res);
msg; msg = ldap_next_entry(ads->ld, msg)) {
@@ -307,12 +341,21 @@ void ads_dump(ADS_STRUCT *ads, void *res)
for (field = ldap_first_attribute(ads->ld, msg, &b);
field;
field = ldap_next_attribute(ads->ld, msg, b)) {
- char **values, **p;
- values = ldap_get_values(ads->ld, msg, field);
- for (p = values; *p; p++) {
- printf("%s: %s\n", field, *p);
+ struct berval **values;
+ int i;
+
+ values = ldap_get_values_len(ads->ld, msg, field);
+
+ for (i=0; handlers[i].name; i++) {
+ if (StrCaseCmp(handlers[i].name, field) == 0) {
+ handlers[i].handler(field, values);
+ break;
+ }
+ }
+ if (!handlers[i].name) {
+ dump_string(field, values);
}
- ldap_value_free(values);
+ ldap_value_free_len(values);
ldap_memfree(field);
}
@@ -337,26 +380,33 @@ int ads_join_realm(ADS_STRUCT *ads, const char *hostname)
{
int rc;
LDAPMessage *res;
+ char *host;
+
+ /* hostname must be lowercase */
+ host = strdup(hostname);
+ strlower(host);
- rc = ads_find_machine_acct(ads, (void **)&res, hostname);
+ rc = ads_find_machine_acct(ads, (void **)&res, host);
if (rc == LDAP_SUCCESS && ads_count_replies(ads, res) == 1) {
- DEBUG(0, ("Host account for %s already exists\n", hostname));
+ DEBUG(0, ("Host account for %s already exists\n", host));
return LDAP_SUCCESS;
}
- rc = ads_add_machine_acct(ads, hostname);
+ rc = ads_add_machine_acct(ads, host);
if (rc != LDAP_SUCCESS) {
DEBUG(0, ("ads_add_machine_acct: %s\n", ads_errstr(rc)));
return rc;
}
- rc = ads_find_machine_acct(ads, (void **)&res, hostname);
+ rc = ads_find_machine_acct(ads, (void **)&res, host);
if (rc != LDAP_SUCCESS || ads_count_replies(ads, res) != 1) {
DEBUG(0, ("Host account test failed\n"));
/* hmmm, we need NTSTATUS */
return -1;
}
+ free(host);
+
return LDAP_SUCCESS;
}
@@ -367,11 +417,15 @@ int ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
{
int rc;
void *res;
- char *hostnameDN;
+ char *hostnameDN, *host;
+
+ /* hostname must be lowercase */
+ host = strdup(hostname);
+ strlower(host);
- rc = ads_find_machine_acct(ads, &res, hostname);
+ rc = ads_find_machine_acct(ads, &res, host);
if (rc != LDAP_SUCCESS || ads_count_replies(ads, res) != 1) {
- DEBUG(0, ("Host account for %s does not exist.\n", hostname));
+ DEBUG(0, ("Host account for %s does not exist.\n", host));
return -1;
}
@@ -383,13 +437,15 @@ int ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
return rc;
}
- rc = ads_find_machine_acct(ads, &res, hostname);
+ rc = ads_find_machine_acct(ads, &res, host);
if (rc == LDAP_SUCCESS && ads_count_replies(ads, res) == 1 ) {
DEBUG(0, ("Failed to remove host account.\n"));
/*hmmm, we need NTSTATUS */
return -1;
}
-
+
+ free(host);
+
return LDAP_SUCCESS;
}
@@ -398,7 +454,12 @@ NTSTATUS ads_set_machine_password(ADS_STRUCT *ads,
const char *hostname,
const char *password)
{
- return krb5_set_password(ads->kdc_server, hostname, ads->realm, password);
+ NTSTATUS ret;
+ char *host = strdup(hostname);
+ strlower(host);
+ ret = krb5_set_password(ads->kdc_server, host, ads->realm, password);
+ free(host);
+ return ret;
}
#endif
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index 038608503b..d7b508bf89 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -76,15 +76,43 @@ int net_ads_usage(void)
return -1;
}
-static int net_ads_leave(int argc, const char **argv)
+
+static int net_ads_status(int argc, const char **argv)
{
- char *hostname;
ADS_STRUCT *ads;
int rc;
extern pstring global_myname;
+ void *res;
+
+ ads = ads_init(NULL, NULL, NULL);
+
+ rc = ads_connect(ads);
+ if (rc) {
+ d_printf("ads_connect: %s\n", ads_errstr(rc));
+ return -1;
+ }
- hostname = strdup(global_myname);
- strlower(hostname);
+ rc = ads_find_machine_acct(ads, &res, global_myname);
+ if (rc) {
+ d_printf("ads_find_machine_acct: %s\n", ads_errstr(rc));
+ return -1;
+ }
+
+ if (ads_count_replies(ads, res) == 0) {
+ d_printf("No machine account for '%s' found\n", global_myname);
+ return -1;
+ }
+
+ ads_dump(ads, res);
+
+ return 0;
+}
+
+static int net_ads_leave(int argc, const char **argv)
+{
+ ADS_STRUCT *ads;
+ int rc;
+ extern pstring global_myname;
if (!secrets_init()) {
DEBUG(1,("Failed to initialise secrets database\n"));
@@ -99,30 +127,26 @@ static int net_ads_leave(int argc, const char **argv)
return -1;
}
- rc = ads_leave_realm(ads, hostname);
+ rc = ads_leave_realm(ads, global_myname);
if (rc) {
d_printf("Failed to delete host '%s' from the '%s' realm.\n",
- hostname, ads->realm);
+ global_myname, ads->realm);
return -1;
}
- d_printf("Removed '%s' from realm '%s'\n", hostname, ads->realm);
+ d_printf("Removed '%s' from realm '%s'\n", global_myname, ads->realm);
return 0;
}
static int net_ads_join(int argc, const char **argv)
{
- char *hostname;
ADS_STRUCT *ads;
int rc;
char *password;
extern pstring global_myname;
NTSTATUS status;
- hostname = strdup(global_myname);
- strlower(hostname);
-
if (!secrets_init()) {
DEBUG(1,("Failed to initialise secrets database\n"));
return -1;
@@ -138,13 +162,13 @@ static int net_ads_join(int argc, const char **argv)
return -1;
}
- rc = ads_join_realm(ads, hostname);
+ rc = ads_join_realm(ads, global_myname);
if (rc) {
d_printf("ads_join_realm: %s\n", ads_errstr(rc));
return -1;
}
- status = ads_set_machine_password(ads, hostname, password);
+ status = ads_set_machine_password(ads, global_myname, password);
if (!NT_STATUS_IS_OK(status)) {
d_printf("ads_set_machine_password: %s\n", get_nt_error_msg(status));
return -1;
@@ -155,7 +179,7 @@ static int net_ads_join(int argc, const char **argv)
return -1;
}
- d_printf("Joined '%s' to realm '%s'\n", hostname, ads->realm);
+ d_printf("Joined '%s' to realm '%s'\n", global_myname, ads->realm);
return 0;
}
@@ -165,6 +189,7 @@ int net_ads(int argc, const char **argv)
struct functable func[] = {
{"JOIN", net_ads_join},
{"LEAVE", net_ads_leave},
+ {"STATUS", net_ads_status},
{NULL, NULL}
};
generated by cgit (git 2.34.1) at 2024-07-16 02:09:39 +0000