diff options
Diffstat (limited to 'source3/utils')
| -rw-r--r-- | source3/utils/net.c | 5 | ||||
| -rw-r--r-- | source3/utils/net_ads.c | 141 | ||||
| -rw-r--r-- | source3/utils/net_lookup.c | 9 | ||||
| -rw-r--r-- | source3/utils/net_rpc.c | 368 | ||||
| -rw-r--r-- | source3/utils/net_rpc_join.c | 110 | ||||
| -rw-r--r-- | source3/utils/pdbedit.c | 316 | ||||
| -rw-r--r-- | source3/utils/smbcacls.c | 2 | ||||
| -rw-r--r-- | source3/utils/smbcontrol.c | 20 | ||||
| -rw-r--r-- | source3/utils/smbgroupedit.c | 4 | ||||
| -rw-r--r-- | source3/utils/smbpasswd.c | 6 | ||||
| -rw-r--r-- | source3/utils/smbtree.c | 2 | ||||
| -rw-r--r-- | source3/utils/status.c | 10 | ||||
| -rw-r--r-- | source3/utils/testparm.c | 9 |
13 files changed, 218 insertions, 784 deletions
diff --git a/source3/utils/net.c b/source3/utils/net.c index fc7094bcf7..d34ac21f39 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -234,7 +234,7 @@ BOOL net_find_server(unsigned flags, struct in_addr *server_ip, char **server_na } -BOOL net_find_dc(struct in_addr *server_ip, fstring server_name, const char *domain_name) +BOOL net_find_dc(struct in_addr *server_ip, fstring server_name, char *domain_name) { struct in_addr *ip_list; int addr_count; @@ -381,6 +381,8 @@ static struct functable net_func[] = { {"port", 'p', POPT_ARG_INT, &opt_port}, {"myname", 'n', POPT_ARG_STRING, &opt_requester_name}, {"conf", 's', POPT_ARG_STRING, &servicesf}, + {"debug", 'd', POPT_ARG_STRING, &debuglevel}, + {"debuglevel", 'd', POPT_ARG_STRING, &debuglevel}, {"server", 'S', POPT_ARG_STRING, &opt_host}, {"comment", 'C', POPT_ARG_STRING, &opt_comment}, {"maxusers", 'M', POPT_ARG_INT, &opt_maxusers}, @@ -391,7 +393,6 @@ static struct functable net_func[] = { {"force", 'f', POPT_ARG_NONE, &opt_force}, {"timeout", 't', POPT_ARG_INT, &opt_timeout}, {"machine-pass",'P', POPT_ARG_NONE, &opt_machine_pass}, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, { 0, 0, 0, 0} }; diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index ad405fe68c..fa3eac6bd3 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -32,8 +32,6 @@ int net_ads_usage(int argc, const char **argv) "\n\tjoins the local machine to a ADS realm\n"\ "\nnet ads leave"\ "\n\tremoves the local machine from a ADS realm\n"\ -"\nnet ads testjoin"\ -"\n\ttests that an exiting join is OK\n"\ "\nnet ads user"\ "\n\tlist, add, or delete users in the realm\n"\ "\nnet ads group"\ @@ -60,23 +58,18 @@ static int net_ads_info(int argc, const char **argv) { ADS_STRUCT *ads; - ads = ads_init(NULL, NULL, opt_host); - - if (ads) { - ads->auth.no_bind = 1; - } - + ads = ads_init(NULL, NULL, opt_host, NULL, NULL); ads_connect(ads); - if (!ads || !ads->config.realm) { + if (!ads) { d_printf("Didn't find the ldap server!\n"); return -1; } - d_printf("LDAP server: %s\n", inet_ntoa(ads->ldap_ip)); - d_printf("LDAP server name: %s\n", ads->config.ldap_server_name); - d_printf("Realm: %s\n", ads->config.realm); - d_printf("Bind Path: %s\n", ads->config.bind_path); + d_printf("LDAP server: %s\n", ads->ldap_server); + d_printf("LDAP server name: %s\n", ads->ldap_server_name); + d_printf("Realm: %s\n", ads->realm); + d_printf("Bind Path: %s\n", ads->bind_path); d_printf("LDAP port: %d\n", ads->ldap_port); return 0; @@ -90,7 +83,7 @@ static ADS_STRUCT *ads_startup(void) BOOL need_password = False; BOOL second_time = False; - ads = ads_init(NULL, NULL, opt_host); + ads = ads_init(NULL, NULL, opt_host, NULL, NULL); if (!opt_user_name) { opt_user_name = "administrator"; @@ -108,9 +101,9 @@ retry: } if (opt_password) - ads->auth.password = strdup(opt_password); + ads->password = strdup(opt_password); - ads->auth.user_name = strdup(opt_user_name); + ads->user_name = strdup(opt_user_name); status = ads_connect(ads); if (!ADS_ERR_OK(status)) { @@ -143,38 +136,8 @@ int net_ads_check(void) return 0; } -/* - determine the netbios workgroup name for a domain - */ -static int net_ads_workgroup(int argc, const char **argv) -{ - ADS_STRUCT *ads; - TALLOC_CTX *ctx; - char *workgroup; - - if (!(ads = ads_startup())) return -1; - - if (!(ctx = talloc_init_named("net_ads_workgroup"))) { - return -1; - } - - if (!ADS_ERR_OK(ads_workgroup_name(ads, ctx, &workgroup))) { - d_printf("Failed to find workgroup for realm '%s'\n", - ads->config.realm); - talloc_destroy(ctx); - return -1; - } - d_printf("Workgroup: %s\n", workgroup); - - talloc_destroy(ctx); - - return 0; -} - - - -static void usergrp_display(char *field, void **values, void *data_area) +static BOOL usergrp_display(char *field, void **values, void *data_area) { char **disp_fields = (char **) data_area; @@ -188,15 +151,16 @@ static void usergrp_display(char *field, void **values, void *data_area) } SAFE_FREE(disp_fields[0]); SAFE_FREE(disp_fields[1]); - return; + return True; } if (!values) /* must be new field, indicate string field */ - return; + return True; if (StrCaseCmp(field, "sAMAccountName") == 0) { disp_fields[0] = strdup((char *) values[0]); } if (StrCaseCmp(field, "description") == 0) disp_fields[1] = strdup((char *) values[0]); + return True; /* always strings here */ } static int net_ads_user_usage(int argc, const char **argv) @@ -244,8 +208,8 @@ static int ads_user_add(int argc, const char **argv) } /* try setting the password */ - asprintf(&upn, "%s@%s", argv[0], ads->config.realm); - status = krb5_set_password(ads->auth.kdc_server, upn, argv[1]); + asprintf(&upn, "%s@%s", argv[0], ads->realm); + status = krb5_set_password(ads->kdc_server, upn, argv[1]); safe_free(upn); if (ADS_ERR_OK(status)) { d_printf("User %s added\n", argv[0]); @@ -362,7 +326,7 @@ int net_ads_user(int argc, const char **argv) d_printf("\nUser name Comment"\ "\n-----------------------------\n"); - rc = ads_do_search_all_fn(ads, ads->config.bind_path, + rc = ads_do_search_all_fn(ads, ads->bind_path, LDAP_SCOPE_SUBTREE, "(objectclass=user)", opt_long_list_entries ? longattrs : @@ -469,7 +433,7 @@ int net_ads_group(int argc, const char **argv) if (opt_long_list_entries) d_printf("\nGroup name Comment"\ "\n-----------------------------\n"); - rc = ads_do_search_all_fn(ads, ads->config.bind_path, + rc = ads_do_search_all_fn(ads, ads->bind_path, LDAP_SCOPE_SUBTREE, "(objectclass=group)", opt_long_list_entries ? longattrs : @@ -530,54 +494,15 @@ static int net_ads_leave(int argc, const char **argv) rc = ads_leave_realm(ads, global_myname); if (!ADS_ERR_OK(rc)) { d_printf("Failed to delete host '%s' from the '%s' realm.\n", - global_myname, ads->config.realm); + global_myname, ads->realm); return -1; } - d_printf("Removed '%s' from realm '%s'\n", global_myname, ads->config.realm); - - return 0; -} - -static int net_ads_join_ok(void) -{ - ADS_STRUCT *ads = NULL; - extern pstring global_myname; - - if (!secrets_init()) { - DEBUG(1,("Failed to initialise secrets database\n")); - return -1; - } - - asprintf(&opt_user_name, "%s$", global_myname); - opt_password = secrets_fetch_machine_password(); + d_printf("Removed '%s' from realm '%s'\n", global_myname, ads->realm); - if (!(ads = ads_startup())) { - return -1; - } - - ads_destroy(&ads); return 0; } -/* - check that an existing join is OK - */ -int net_ads_testjoin(int argc, const char **argv) -{ - /* Display success or failure */ - if (net_ads_join_ok() != 0) { - fprintf(stderr,"Join to domain is not valid\n"); - return -1; - } - - printf("Join is OK\n"); - return 0; -} - -/* - join a domain using ADS - */ int net_ads_join(int argc, const char **argv) { ADS_STRUCT *ads; @@ -604,7 +529,7 @@ int net_ads_join(int argc, const char **argv) if (!(ads = ads_startup())) return -1; ou_str = ads_ou_string(org_unit); - asprintf(&dn, "%s,%s", ou_str, ads->config.bind_path); + asprintf(&dn, "%s,%s", ou_str, ads->bind_path); free(ou_str); rc = ads_search_dn(ads, &res, dn, NULL); @@ -650,7 +575,7 @@ int net_ads_join(int argc, const char **argv) return -1; } - d_printf("Joined '%s' to realm '%s'\n", global_myname, ads->config.realm); + d_printf("Joined '%s' to realm '%s'\n", global_myname, ads->realm); free(password); @@ -745,7 +670,7 @@ static int net_ads_printer_publish(int argc, const char **argv) get_a_printer, because the server name might be localhost or an ip address */ prt.printerName = argv[0]; - asprintf(&servername, "%s.%s", global_myname, ads->config.realm); + asprintf(&servername, "%s.%s", global_myname, ads->realm); prt.serverName = servername; prt.shortServerName = global_myname; prt.versionNumber = "4"; @@ -849,13 +774,13 @@ static int net_ads_password(int argc, const char **argv) /* use the realm so we can eventually change passwords for users in realms other than default */ - if (!(ads = ads_init(realm, NULL, NULL))) return -1; + if (!(ads = ads_init(realm, NULL, NULL, NULL, NULL))) return -1; asprintf(&prompt, "Enter new password for %s:", argv[0]); new_password = getpass(prompt); - ret = kerberos_set_password(ads->auth.kdc_server, auth_principal, + ret = kerberos_set_password(ads->kdc_server, auth_principal, auth_password, argv[0], new_password); if (!ADS_ERR_OK(ret)) { d_printf("Password change failed :-( ...\n"); @@ -880,21 +805,11 @@ static int net_ads_change_localhost_pass(int argc, const char **argv) char *hostname; ADS_STATUS ret; - if (!secrets_init()) { - DEBUG(1,("Failed to initialise secrets database\n")); - return -1; - } - - asprintf(&opt_user_name, "%s$", global_myname); - opt_password = secrets_fetch_machine_password(); - - if (!(ads = ads_startup())) { - return -1; - } + if (!(ads = ads_init_simple())) return -1; hostname = strdup(global_myname); strlower(hostname); - asprintf(&host_principal, "%s@%s", hostname, ads->config.realm); + asprintf(&host_principal, "%s@%s", hostname, ads->realm); SAFE_FREE(hostname); d_printf("Changing password for principal: HOST/%s\n", host_principal); @@ -953,7 +868,7 @@ static int net_ads_search(int argc, const char **argv) exp = argv[0]; attrs = (argv + 1); - rc = ads_do_search_all(ads, ads->config.bind_path, + rc = ads_do_search_all(ads, ads->bind_path, LDAP_SCOPE_SUBTREE, exp, attrs, &res); if (!ADS_ERR_OK(rc)) { @@ -999,7 +914,6 @@ int net_ads(int argc, const char **argv) struct functable func[] = { {"INFO", net_ads_info}, {"JOIN", net_ads_join}, - {"TESTJOIN", net_ads_testjoin}, {"LEAVE", net_ads_leave}, {"STATUS", net_ads_status}, {"USER", net_ads_user}, @@ -1008,7 +922,6 @@ int net_ads(int argc, const char **argv) {"CHOSTPASS", net_ads_change_localhost_pass}, {"PRINTER", net_ads_printer}, {"SEARCH", net_ads_search}, - {"WORKGROUP", net_ads_workgroup}, {"HELP", net_ads_help}, {NULL, NULL} }; diff --git a/source3/utils/net_lookup.c b/source3/utils/net_lookup.c index f76b186251..a324f594a1 100644 --- a/source3/utils/net_lookup.c +++ b/source3/utils/net_lookup.c @@ -77,8 +77,7 @@ static void print_ldap_srvlist(char *srvlist) static int net_lookup_ldap(int argc, const char **argv) { #ifdef HAVE_LDAP - char *srvlist; - const char *domain; + char *srvlist, *domain; int rc, count; struct in_addr *addr; struct hostent *hostent; @@ -126,7 +125,7 @@ static int net_lookup_dc(int argc, const char **argv) { struct in_addr *ip_list; char *pdc_str = NULL; - const char *domain=opt_target_workgroup; + char *domain=opt_target_workgroup; int count, i; if (argc > 0) @@ -155,7 +154,7 @@ static int net_lookup_dc(int argc, const char **argv) static int net_lookup_master(int argc, const char **argv) { struct in_addr master_ip; - const char *domain=opt_target_workgroup; + char *domain=opt_target_workgroup; if (argc > 0) domain=argv[0]; @@ -215,8 +214,6 @@ static int net_lookup_kdc(int argc, const char **argv) DEBUG(1, ("No kerberos support\n")); return -1; } - - /* lookup hosts or IP addresses using internal samba lookup fns */ int net_lookup(int argc, const char **argv) { diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 55e8a497cc..dc50c438d4 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -117,21 +117,15 @@ static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli) * @return A shell status integer (0 for success) */ -static int run_rpc_command(struct cli_state *cli_arg, const char *pipe_name, int conn_flags, - rpc_command_fn fn, - int argc, const char **argv) +static int run_rpc_command(const char *pipe_name, int conn_flags, + rpc_command_fn fn, + int argc, const char **argv) { - struct cli_state *cli = NULL; + struct cli_state *cli = net_make_ipc_connection(conn_flags); TALLOC_CTX *mem_ctx; NTSTATUS nt_status; DOM_SID *domain_sid; - /* make use of cli_state handed over as an argument, if possible */ - if (!cli_arg) - cli = net_make_ipc_connection(conn_flags); - else - cli = cli_arg; - if (!cli) { return -1; } @@ -147,7 +141,7 @@ static int run_rpc_command(struct cli_state *cli_arg, const char *pipe_name, int } if (!cli_nt_session_open(cli, pipe_name)) { - DEBUG(0, ("Could not initialise %s pipe\n", pipe_name)); + DEBUG(0, ("Could not initialise samr pipe\n")); } nt_status = fn(domain_sid, cli, mem_ctx, argc, argv); @@ -162,10 +156,6 @@ static int run_rpc_command(struct cli_state *cli_arg, const char *pipe_name, int if (cli->nt_pipe_fnum) cli_nt_session_close(cli); - /* close the connection only if it was opened here */ - if (!cli_arg) - cli_shutdown(cli); - talloc_destroy(mem_ctx); return (!NT_STATUS_IS_OK(nt_status)); @@ -209,7 +199,7 @@ static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid, struct cl static int rpc_changetrustpw(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_changetrustpw_internals, + return run_rpc_command(PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_changetrustpw_internals, argc, argv); } @@ -254,7 +244,7 @@ static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cl trust_passwd[14] = '\0'; - E_md4hash(trust_passwd, orig_trust_passwd_hash); + E_md4hash( (uchar *)trust_passwd, orig_trust_passwd_hash); return trust_pw_change_and_store_it(cli, mem_ctx, orig_trust_passwd_hash); } @@ -271,7 +261,7 @@ static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cl static int net_rpc_join_oldstyle(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_join_oldstyle_internals, + return run_rpc_command(PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_join_oldstyle_internals, argc, argv); } @@ -381,7 +371,7 @@ rpc_info_internals(const DOM_SID *domain_sid, struct cli_state *cli, **/ int net_rpc_info(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, + return run_rpc_command(PIPE_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_info_internals, argc, argv); } @@ -487,7 +477,7 @@ static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, struct cli_sta static int rpc_user_add(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_add_internals, + return run_rpc_command(PIPE_SAMR, 0, rpc_user_add_internals, argc, argv); } @@ -588,7 +578,7 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, static int rpc_user_delete(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_del_internals, + return run_rpc_command(PIPE_SAMR, 0, rpc_user_del_internals, argc, argv); } @@ -690,7 +680,7 @@ rpc_user_info_internals(const DOM_SID *domain_sid, struct cli_state *cli, static int rpc_user_info(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_info_internals, + return run_rpc_command(PIPE_SAMR, 0, rpc_user_info_internals, argc, argv); } @@ -785,7 +775,7 @@ int net_rpc_user(int argc, const char **argv) if (opt_long_list_entries) { } else { } - return run_rpc_command(NULL,PIPE_SAMR, 0, + return run_rpc_command(PIPE_SAMR, 0, rpc_user_list_internals, argc, argv); } @@ -936,7 +926,7 @@ int net_rpc_group(int argc, const char **argv) if (opt_long_list_entries) { } else { } - return run_rpc_command(NULL, PIPE_SAMR, 0, + return run_rpc_command(PIPE_SAMR, 0, rpc_group_list_internals, argc, argv); } @@ -994,7 +984,7 @@ static int rpc_share_add(int argc, const char **argv) DEBUG(1,("Sharename or path not specified on add\n")); return rpc_share_usage(argc, argv); } - return run_rpc_command(NULL, PIPE_SRVSVC, 0, + return run_rpc_command(PIPE_SRVSVC, 0, rpc_share_add_internals, argc, argv); } @@ -1040,7 +1030,7 @@ static int rpc_share_delete(int argc, const char **argv) DEBUG(1,("Sharename not specified on delete\n")); return rpc_share_usage(argc, argv); } - return run_rpc_command(NULL, PIPE_SRVSVC, 0, + return run_rpc_command(PIPE_SRVSVC, 0, rpc_share_del_internals, argc, argv); } @@ -1130,7 +1120,7 @@ int net_rpc_share(int argc, const char **argv) }; if (argc == 0) - return run_rpc_command(NULL, PIPE_SRVSVC, 0, + return run_rpc_command(PIPE_SRVSVC, 0, rpc_share_list_internals, argc, argv); @@ -1184,7 +1174,7 @@ static int rpc_file_close(int argc, const char **argv) return(rpc_file_usage(argc, argv)); } - return run_rpc_command(NULL, PIPE_SRVSVC, 0, + return run_rpc_command(PIPE_SRVSVC, 0, rpc_file_close_internals, argc, argv); } @@ -1231,13 +1221,13 @@ rpc_file_list_internals(const DOM_SID *domain_sid, struct cli_state *cli, WERROR result; ENUM_HND hnd; uint32 preferred_len = 0xffffffff, i; - const char *username=NULL; + char *username=NULL; init_enum_hnd(&hnd, 0); /* if argc > 0, must be user command */ if (argc > 0) - username = smb_xstrdup(argv[0]); + username = argv[0]; result = cli_srvsvc_net_file_enum( cli, mem_ctx, 3, username, &ctr, preferred_len, &hnd); @@ -1275,7 +1265,7 @@ static int rpc_file_user(int argc, const char **argv) return(rpc_file_usage(argc, argv)); } - return run_rpc_command(NULL, PIPE_SRVSVC, 0, + return run_rpc_command(PIPE_SRVSVC, 0, rpc_file_list_internals, argc, argv); } @@ -1300,7 +1290,7 @@ int net_rpc_file(int argc, const char **argv) }; if (argc == 0) - return run_rpc_command(NULL, PIPE_SRVSVC, 0, + return run_rpc_command(PIPE_SRVSVC, 0, rpc_file_list_internals, argc, argv); @@ -1355,7 +1345,7 @@ static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid, struct c static int rpc_shutdown_abort(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_WINREG, 0, rpc_shutdown_abort_internals, + return run_rpc_command(PIPE_WINREG, 0, rpc_shutdown_abort_internals, argc, argv); } @@ -1445,7 +1435,7 @@ static NTSTATUS rpc_shutdown_internals(const DOM_SID *domain_sid, struct cli_sta static int rpc_shutdown(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_WINREG, 0, rpc_shutdown_internals, + return run_rpc_command(PIPE_WINREG, 0, rpc_shutdown_internals, argc, argv); } @@ -1470,7 +1460,7 @@ static int rpc_shutdown(int argc, const char **argv) */ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) { + int argc, const char **argv) { POLICY_HND connect_pol, domain_pol, user_pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; @@ -1493,14 +1483,16 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli strupper(acct_name); - /* Get samr policy handle */ - result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + /* Get sam policy handle */ + + result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, &connect_pol); if (!NT_STATUS_IS_OK(result)) { goto done; } /* Get domain policy handle */ + result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, MAXIMUM_ALLOWED_ACCESS, domain_sid, &domain_pol); @@ -1509,9 +1501,10 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli } /* Create trusting domain's account */ + acb_info = ACB_DOMTRUST; - unknown = 0xe005000b; /* No idea what this is - a permission mask? - mimir: yes, most probably it is */ + unknown = 0xe005000b; /* No idea what this is - a permission mask? + Is it needed for interdomain account also ? */ result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol, acct_name, acb_info, unknown, @@ -1536,7 +1529,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli static int rpc_trustdom_add(int argc, const char **argv) { - return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_trustdom_add_internals, + return run_rpc_command(PIPE_SAMR, 0, rpc_trustdom_add_internals, argc, argv); } @@ -1569,10 +1562,9 @@ static int rpc_trustdom_del(int argc, const char **argv) extern char *opt_user_name; extern char *opt_password; -extern char *opt_workgroup; -static int rpc_trustdom_establish(int argc, const char **argv) -{ +static int rpc_trustdom_establish(int argc, const char **argv) { + struct cli_state *cli; struct in_addr server_ip; POLICY_HND connect_hnd; @@ -1590,26 +1582,19 @@ static int rpc_trustdom_establish(int argc, const char **argv) */ if (argc != 1) { - d_printf("Usage: net rpc trustdom establish <domain_name>\n"); + d_printf("Usage: net rpc trustdom add <domain_name>\n"); return -1; } + domain_name = smb_xstrdup(argv[0]); strupper(domain_name); - /* - * opt_workgroup will be used by connection functions further, - * hence it should be set to remote domain name instead of ours - */ - if (opt_workgroup) { - SAFE_FREE(opt_workgroup); - opt_workgroup = smb_xstrdup(domain_name); - }; - asprintf(&acct_name, "%s$", lp_workgroup()); strupper(acct_name); - opt_user_name = acct_name; + opt_user_name = (char*)malloc(strlen(acct_name) + 1); + safe_strcpy(opt_user_name, acct_name, strlen(acct_name) + 1); /* find the domain controller */ if (!net_find_dc(&server_ip, pdc_name, domain_name)) { @@ -1649,7 +1634,10 @@ static int rpc_trustdom_establish(int argc, const char **argv) /* * Call WksQueryInfo to check remote server's capabilities - * note: It is now used only to get unicode domain name + * FIXME:Is really necessary ? nt serv does this, but from samba's + * point of view it doesn't seem to make the difference + * IDEA: It may be used to get info about type of pdc we're talking to + * (e.g. WinNT or Win2k) */ if (!cli_nt_session_open(cli, PIPE_WKSSVC)) { @@ -1657,8 +1645,12 @@ static int rpc_trustdom_establish(int argc, const char **argv) return -1; } - if (!(mem_ctx = talloc_init_named("establishing trust relationship to domain %s", - domain_name))) { + /* TODO: convert this call from rpc_client/cli_wkssvc.c + to cli_wks_query_info() in libsmb/cli_wkssvc.c + UPDATE: already done :) + */ + + if (!(mem_ctx = talloc_init())) { DEBUG(0, ("talloc_init() failed\n")); cli_shutdown(cli); return -1; @@ -1687,12 +1679,10 @@ static int rpc_trustdom_establish(int argc, const char **argv) if (!cli_nt_session_open(cli, PIPE_LSARPC)) { DEBUG(0, ("Could not initialise lsa pipe\n")); - cli_shutdown(cli); - return -1; } nt_status = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, - &connect_hnd); + &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", nt_errstr(nt_status))); @@ -1702,8 +1692,7 @@ static int rpc_trustdom_establish(int argc, const char **argv) /* Querying info level 5 */ nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd, - 5 /* info level */, domain_name, - &domain_sid); + 5 /* info level */, domain_name, &domain_sid); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("LSA Query Info failed. Returned error was %s\n", nt_errstr(nt_status))); @@ -1711,8 +1700,6 @@ static int rpc_trustdom_establish(int argc, const char **argv) } - - /* There should be actually query info level 3 (following nt serv behaviour), but I still don't know if it's _really_ necessary */ @@ -1756,8 +1743,8 @@ static int rpc_trustdom_establish(int argc, const char **argv) * @return Integer status (0 means success) **/ -static int rpc_trustdom_revoke(int argc, const char **argv) -{ +static int rpc_trustdom_revoke(int argc, const char **argv) { + char* domain_name; if (argc < 1) return -1; @@ -1785,8 +1772,7 @@ static int rpc_trustdom_revoke(int argc, const char **argv) * @return Integer status returned to shell **/ -static int rpc_trustdom_usage(int argc, const char **argv) -{ +static int rpc_trustdom_usage(int argc, const char **argv) { d_printf(" net rpc trustdom add \t\t add trusting domain's account\n"); d_printf(" net rpc trustdom del \t\t delete trusting domain's account\n"); d_printf(" net rpc trustdom establish \t establish relationship to trusted domain\n"); @@ -1796,249 +1782,6 @@ static int rpc_trustdom_usage(int argc, const char **argv) } -static NTSTATUS rpc_query_domain_sid(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx, - int argc, const char **argv) -{ - fstring str_sid; - sid_to_string(str_sid, domain_sid); - d_printf("%s\n", str_sid); - return NT_STATUS_OK; -}; - - -extern char* opt_workgroup; -extern char* opt_target_worgroup; -extern char* opt_host; -extern char* opt_password; - -static int rpc_trustdom_list(int argc, const char **argv) -{ - /* common variables */ - TALLOC_CTX* mem_ctx; - struct cli_state *cli, *remote_cli; - NTSTATUS nt_status; - char *domain_name = NULL; - DOM_SID queried_dom_sid; - fstring ascii_sid, padding; - int ascii_dom_name_len; - POLICY_HND connect_hnd; - - /* trusted domains listing variables */ - int enum_ctx = 0; - int num_domains, i, pad_len, col_len = 20; - DOM_SID *domain_sids; - char **trusted_dom_names; - fstring pdc_name; - - /* trusting domains listing variables */ - POLICY_HND domain_hnd; - char **trusting_dom_names; - uint32 *trusting_dom_rids; - - /* - * Listing trusted domains (stored in secrets.tdb, if local) - */ - - mem_ctx = talloc_init_named("trust relationships listing"); - - /* - * set domain and pdc name to local samba server (default) - * or to remote one given in command line - */ - strupper(opt_workgroup); - if (strcmp(opt_workgroup, lp_workgroup())) { - domain_name = opt_workgroup; - if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup); - opt_target_workgroup = opt_workgroup; - } else { - safe_strcpy(pdc_name, global_myname, FSTRING_LEN); - domain_name = talloc_strdup(mem_ctx, lp_workgroup()); - if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup); - opt_target_workgroup = domain_name; - }; - - /* open \PIPE\lsarpc and open policy handle */ - if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) { - DEBUG(0, ("Couldn't connect to domain controller\n")); - return -1; - }; - - if (!cli_nt_session_open(cli, PIPE_LSARPC)) { - DEBUG(0, ("Could not initialise lsa pipe\n")); - return -1; - }; - - nt_status = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE, - &connect_hnd); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't open policy handle. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - /* query info level 5 to obtain sid of a domain being queried */ - nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd, - 5 /* info level */, domain_name, &queried_dom_sid); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("LSA Query Info failed. Returned error was %s\n", - nt_errstr(nt_status))); - return -1; - } - - /* - * Keep calling LsaEnumTrustdom over opened pipe until - * the end of enumeration is reached - */ - - d_printf("Trusted domains list:\n\n"); - - do { - nt_status = cli_lsa_enum_trust_dom(cli, mem_ctx, &connect_hnd, &enum_ctx, - &num_domains, - &trusted_dom_names, &domain_sids); - - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - for (i = 0; i < num_domains; i++) { - /* convert sid into ascii string */ - sid_to_string(ascii_sid, &(domain_sids[i])); - - /* calculate padding space for d_printf to look nicer */ - pad_len = col_len - strlen(trusted_dom_names[i]); - padding[pad_len] = 0; - do padding[--pad_len] = ' '; while (pad_len); - - d_printf("%s%s%s\n", trusted_dom_names[i], padding, ascii_sid); - }; - - } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES)); - - /* close this connection before doing next one */ - nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - cli_nt_session_close(cli); - - /* - * Listing trusting domains (stored in passdb backend, if local) - */ - - d_printf("\nTrusting domains list:\n\n"); - - /* - * Open \PIPE\samr and get needed policy handles - */ - if (!cli_nt_session_open(cli, PIPE_SAMR)) { - DEBUG(0, ("Could not initialise samr pipe\n")); - return -1; - }; - - /* SamrConnect */ - nt_status = cli_samr_connect(cli, mem_ctx, SAMR_ACCESS_OPEN_DOMAIN, - &connect_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - /* SamrOpenDomain - we have to open domain policy handle in order to be - able to enumerate accounts*/ - nt_status = cli_samr_open_domain(cli, mem_ctx, &connect_hnd, - DOMAIN_ACCESS_ENUM_ACCOUNTS, - &queried_dom_sid, &domain_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't open domain object. Error was %s\n", - nt_errstr(nt_status))); - return -1; - }; - - /* - * perform actual enumeration - */ - - enum_ctx = 0; /* reset enumeration context from last enumeration */ - do { - - nt_status = cli_samr_enum_dom_users(cli, mem_ctx, &domain_hnd, - &enum_ctx, ACB_DOMTRUST, 0xffff, - &trusting_dom_names, &trusting_dom_rids, - &num_domains); - if (NT_STATUS_IS_ERR(nt_status)) { - DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n", - nt_errstr(nt_status))); - return -1; - }; - - for (i = 0; i < num_domains; i++) { - - /* - * get each single domain's sid (do we _really_ need this ?): - * 1) connect to domain's pdc - * 2) query the pdc for domain's sid - */ - - /* get rid of '$' tail */ - ascii_dom_name_len = strlen(trusting_dom_names[i]); - if (ascii_dom_name_len && ascii_dom_name_len < FSTRING_LEN) - trusting_dom_names[i][ascii_dom_name_len - 1] = '\0'; - - /* calculate padding space for d_printf to look nicer */ - pad_len = col_len - strlen(trusting_dom_names[i]); - padding[pad_len] = 0; - do padding[--pad_len] = ' '; while (pad_len); - - /* set opt_* variables to remote domain */ - strupper(trusting_dom_names[i]); - opt_workgroup = talloc_strdup(mem_ctx, trusting_dom_names[i]); - if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup); - opt_target_workgroup = opt_workgroup; - - d_printf("%s%s", trusting_dom_names[i], padding); - - /* connect to remote domain controller */ - remote_cli = net_make_ipc_connection(NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS); - if (remote_cli) { - /* query for domain's sid */ - if (run_rpc_command(remote_cli, PIPE_LSARPC, 0, rpc_query_domain_sid, argc, argv)) - d_printf("couldn't get domain's sid\n"); - - cli_shutdown(remote_cli); - - } else { - d_printf("domain controller is not responding\n"); - }; - }; - - } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES)); - - /* close opened samr and domain policy handles */ - nt_status = cli_samr_close(cli, mem_ctx, &domain_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't properly close domain policy handle for domain %s\n", domain_name)); - }; - - nt_status = cli_samr_close(cli, mem_ctx, &connect_hnd); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("Couldn't properly close samr policy handle for domain %s\n", domain_name)); - }; - - /* close samr pipe and connection to IPC$ */ - cli_nt_session_close(cli); - cli_shutdown(cli); - - talloc_destroy(mem_ctx); - return 0; -} - /** * Entrypoint for 'net rpc trustdom' code * @@ -2056,7 +1799,6 @@ static int rpc_trustdom(int argc, const char **argv) {"establish", rpc_trustdom_establish}, {"revoke", rpc_trustdom_revoke}, {"help", rpc_trustdom_usage}, - {"list", rpc_trustdom_list}, {NULL, NULL} }; @@ -2120,7 +1862,6 @@ int net_rpc_usage(int argc, const char **argv) { d_printf(" net rpc info \t\t\tshow basic info about a domain \n"); d_printf(" net rpc join \t\t\tto join a domain \n"); - d_printf(" net rpc testjoin \t\t\ttests that a join is valid\n"); d_printf(" net rpc user \t\t\tto add, delete and list users\n"); d_printf(" net rpc group \t\tto list groups\n"); d_printf(" net rpc share \t\tto add, delete, and list shares\n"); @@ -2183,7 +1924,6 @@ int net_rpc(int argc, const char **argv) struct functable func[] = { {"info", net_rpc_info}, {"join", net_rpc_join}, - {"testjoin", net_rpc_testjoin}, {"user", net_rpc_user}, {"group", net_rpc_group}, {"share", net_rpc_share}, diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index c8be93c39c..cc1a203ca1 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -35,61 +35,6 @@ goto done; \ } - -/** - * confirm that a domain join is still valid - * - * @return A shell status integer (0 for success) - * - **/ -int net_rpc_join_ok(const char *domain) -{ - struct cli_state *cli; - uchar stored_md4_trust_password[16]; - int retval = 1; - uint32 channel; - NTSTATUS result; - - /* Connect to remote machine */ - if (!(cli = net_make_ipc_connection(NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC))) { - return 1; - } - - if (!cli_nt_session_open(cli, PIPE_NETLOGON)) { - DEBUG(0,("Error connecting to NETLOGON pipe\n")); - goto done; - } - - if (!secrets_fetch_trust_account_password(domain, - stored_md4_trust_password, NULL)) { - DEBUG(0,("Could not reterive domain trust secret")); - goto done; - } - - if (lp_server_role() == ROLE_DOMAIN_BDC || - lp_server_role() == ROLE_DOMAIN_PDC) { - channel = SEC_CHAN_BDC; - } else { - channel = SEC_CHAN_WKSTA; - } - - CHECK_RPC_ERR(cli_nt_setup_creds(cli, - channel, - stored_md4_trust_password), - "error in domain join verification"); - - retval = 0; /* Success! */ - -done: - /* Close down pipe - this will clean up open policy handles */ - if (cli->nt_pipe_fnum) - cli_nt_session_close(cli); - - cli_shutdown(cli); - - return retval; -} - /** * Join a domain using the administrator username and password * @@ -122,6 +67,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) char *clear_trust_password = NULL; fstring ucs2_trust_password; int ucs2_pw_len; + uchar stored_md4_trust_password[16]; uchar pwbuf[516], sess_key[16]; SAM_USERINFO_CTR ctr; SAM_USER_INFO_24 p24; @@ -134,9 +80,8 @@ int net_rpc_join_newstyle(int argc, const char **argv) fstring domain; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; - char *acct_name; - const char *const_acct_name; - + const char *acct_name; + /* Connect to remote machine */ if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) @@ -188,7 +133,6 @@ int net_rpc_join_newstyle(int argc, const char **argv) /* Create domain user */ acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname); strlower(acct_name); - const_acct_name = acct_name; acb_info = ((lp_server_role() == ROLE_DOMAIN_BDC) || lp_server_role() == ROLE_DOMAIN_PDC) ? ACB_SVRTRUST : ACB_WSTRUST; @@ -218,8 +162,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) CHECK_RPC_ERR_DEBUG(cli_samr_lookup_names(cli, mem_ctx, &domain_pol, flags, - 1, &const_acct_name, - &num_rids, + 1, &acct_name, &num_rids, &user_rids, &name_types), ("error looking up rid for user %s: %s\n", acct_name, nt_errstr(result))); @@ -310,10 +253,28 @@ int net_rpc_join_newstyle(int argc, const char **argv) } /* Now check the whole process from top-to-bottom */ + cli_samr_close(cli, mem_ctx, &user_pol); + cli_nt_session_close(cli); /* Done with this pipe */ - retval = net_rpc_join_ok(domain); + if (!cli_nt_session_open(cli, PIPE_NETLOGON)) { + DEBUG(0, ("Error connecting to NETLOGON pipe\n")); + goto done; + } + + if (!secrets_fetch_trust_account_password(domain, + stored_md4_trust_password, NULL)) { + DEBUG(0, ("Could not reterive secrets we just stored!")); + goto done; + } + + CHECK_RPC_ERR(new_cli_nt_setup_creds(cli, + (acb_info & ACB_SVRTRUST) ? SEC_CHAN_BDC : SEC_CHAN_WKSTA, + stored_md4_trust_password), + "error in domain join verification"); + + retval = 0; /* Success! */ done: /* Close down pipe - this will clean up open policy handles */ @@ -336,28 +297,3 @@ done: return retval; } - - -/** - * check that a join is OK - * - * @return A shell status integer (0 for success) - * - **/ -int net_rpc_testjoin(int argc, const char **argv) -{ - char *domain = lp_workgroup(); - - domain = smb_xstrdup(domain); - - /* Display success or failure */ - if (net_rpc_join_ok(domain) != 0) { - fprintf(stderr,"Join to domain '%s' is not valid\n",domain); - free(domain); - return -1; - } - - printf("Join to '%s' is OK\n",domain); - free(domain); - return 0; -} diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 51dbbb98c0..b30ab6f38e 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -23,35 +23,6 @@ #include "includes.h" -#define BIT_CONFIGFILE 0x00000001 -#define BIT_DEBUGLEVEL 0x00000002 -#define BIT_BACKEND 0x00000004 -#define BIT_VERBOSE 0x00000008 -#define BIT_SPSTYLE 0x00000010 -#define BIT_RESERV_1 0x00000020 -#define BIT_RESERV_2 0x00000040 -#define BIT_RESERV_3 0x00000080 -#define BIT_FULLNAME 0x00000100 -#define BIT_HOMEDIR 0x00000200 -#define BIT_HDIRDRIVE 0x00000400 -#define BIT_LOGSCRIPT 0x00000800 -#define BIT_PROFILE 0x00001000 -#define BIT_MACHINE 0x00002000 -#define BIT_RESERV_4 0x00004000 -#define BIT_USER 0x00008000 -#define BIT_LIST 0x00010000 -#define BIT_MODIFY 0x00020000 -#define BIT_CREATE 0x00040000 -#define BIT_DELETE 0x00080000 -#define BIT_ACCPOLICY 0x00100000 -#define BIT_ACCPOLVAL 0x00200000 -#define BIT_RESERV_6 0x00400000 -#define BIT_RESERV_7 0x00800000 -#define BIT_IMPORT 0x01000000 -#define BIT_EXPORT 0x02000000 - -#define MASK_ALWAYS_GOOD 0x0000001F -#define MASK_USER_GOOD 0x00001F00 extern pstring global_myname; extern BOOL AllowDebugChange; @@ -59,21 +30,27 @@ extern BOOL AllowDebugChange; Add all currently available users to another db ********************************************************/ -static int export_database (struct pdb_context *in, struct pdb_context *out) { +int export_database (struct pdb_context *in, char *db){ + struct pdb_context *context; SAM_ACCOUNT *user = NULL; - if (!in->pdb_setsampwent(in, 0)) { + if (!NT_STATUS_IS_OK(make_pdb_context_string(&context, db))){ + fprintf(stderr, "Can't initialize %s.\n", db); + return 1; + } + + if (!in->pdb_setsampwent(in, 0)){ fprintf(stderr, "Can't sampwent!\n"); return 1; } - if (!NT_STATUS_IS_OK(pdb_init_sam(&user))) { + if (!NT_STATUS_IS_OK(pdb_init_sam(&user))){ fprintf(stderr, "Can't initialize new SAM_ACCOUNT!\n"); return 1; } - while (in->pdb_getsampwent(in, user)) { - out->pdb_add_sam_account(out, user); + while (in->pdb_getsampwent(in,user)){ + context->pdb_add_sam_account(context,user); if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); return 1; @@ -114,7 +91,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst sid_string_static(pdb_get_group_sid(sam_pwent))); printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); - printf ("HomeDir Drive: %s\n", pdb_get_dir_drive(sam_pwent)); + printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); printf ("Domain: %s\n", pdb_get_domain(sam_pwent)); @@ -278,7 +255,7 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; - char *password1, *password2, *staticpass; + char *password1, *password2; ZERO_STRUCT(sam_pwent); @@ -293,27 +270,15 @@ static int new_user (struct pdb_context *in, char *username, char *fullname, cha } } - staticpass = getpass("new password:"); - password1 = strdup(staticpass); - memset(staticpass, 0, strlen(staticpass)); - staticpass = getpass("retype new password:"); - password2 = strdup(staticpass); - memset(staticpass, 0, strlen(staticpass)); + password1 = getpass("new password:"); + password2 = getpass("retype new password:"); if (strcmp (password1, password2)) { - fprintf (stderr, "Passwords does not match!\n"); - memset(password1, 0, strlen(password1)); - SAFE_FREE(password1); - memset(password2, 0, strlen(password2)); - SAFE_FREE(password2); - pdb_free_sam (&sam_pwent); - return -1; + fprintf (stderr, "Passwords does not match!\n"); + pdb_free_sam (&sam_pwent); + return -1; } pdb_set_plaintext_passwd(sam_pwent, password1); - memset(password1, 0, strlen(password1)); - SAFE_FREE(password1); - memset(password2, 0, strlen(password2)); - SAFE_FREE(password2); if (fullname) pdb_set_fullname(sam_pwent, fullname); @@ -419,7 +384,7 @@ static int delete_machine_entry (struct pdb_context *in, char *machinename) } if (!in->pdb_getsampwnam(in, samaccount, name)) { - fprintf (stderr, "machine %s does not exist in the passdb\n", name); + fprintf (stderr, "user %s does not exist in the passdb\n", name); return -1; } @@ -435,230 +400,129 @@ int main (int argc, char **argv) static BOOL list_users = False; static BOOL verbose = False; static BOOL spstyle = False; + static BOOL setparms = False; static BOOL machine = False; static BOOL add_user = False; static BOOL delete_user = False; - static BOOL modify_user = False; - uint32 setparms, checkparms; + static BOOL import = False; int opt; static char *full_name = NULL; static char *user_name = NULL; static char *home_dir = NULL; static char *home_drive = NULL; - static char *backend = NULL; static char *backend_in = NULL; static char *backend_out = NULL; static char *logon_script = NULL; static char *profile_path = NULL; static char *config_file = dyn_CONFIGFILE; static char *new_debuglevel = NULL; - static char *account_policy = NULL; - static long int account_policy_value = 0; - BOOL account_policy_value_set = False; - struct pdb_context *bin; - struct pdb_context *bout; - struct pdb_context *bdef; + struct pdb_context *in; poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP - {"list", 'l', POPT_ARG_NONE, &list_users, 0, "list all users", NULL}, - {"verbose", 'v', POPT_ARG_NONE, &verbose, 0, "be verbose", NULL }, - {"smbpasswd-style", 'w',POPT_ARG_NONE, &spstyle, 0, "give output in smbpasswd style", NULL}, - {"user", 'u', POPT_ARG_STRING, &user_name, 0, "use username", "USER" }, - {"fullname", 'f', POPT_ARG_STRING, &full_name, 0, "set full name", NULL}, - {"homedir", 'h', POPT_ARG_STRING, &home_dir, 0, "set home directory", NULL}, - {"drive", 'd', POPT_ARG_STRING, &home_drive, 0, "set home drive", NULL}, - {"script", 's', POPT_ARG_STRING, &logon_script, 0, "set logon script", NULL}, - {"profile", 'p', POPT_ARG_STRING, &profile_path, 0, "set profile path", NULL}, - {"create", 'a', POPT_ARG_NONE, &add_user, 0, "create user", NULL}, - {"modify", 'r', POPT_ARG_NONE, &modify_user, 0, "modify user", NULL}, - {"machine", 'm', POPT_ARG_NONE, &machine, 0, "account is a machine account", NULL}, - {"delete", 'x', POPT_ARG_NONE, &delete_user, 0, "delete user", NULL}, - {"backend", 'b', POPT_ARG_STRING, &backend, 0, "use different passdb backend as default backend", NULL}, - {"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL}, - {"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL}, - {"debuglevel", 'D', POPT_ARG_STRING, &new_debuglevel, 0,"set debuglevel",NULL}, - {"configfile", 'c', POPT_ARG_STRING, &config_file, 0,"use different configuration file",NULL}, - {"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL}, - {"value", 'V', POPT_ARG_LONG, &account_policy_value, 'V',"set the account policy to this value", NULL}, + {"list", 'l',POPT_ARG_VAL, &list_users, 1, "list all users", NULL}, + {"verbose", 'v',POPT_ARG_VAL, &verbose, 1, "be verbose", NULL }, + {"smbpasswd-style", 'w',POPT_ARG_VAL, &spstyle, 1, "give output in smbpasswd style", NULL}, + {"user", 'u',POPT_ARG_STRING,&user_name, 0, "use username", "USER" }, + {"fullname", 'f',POPT_ARG_STRING,&full_name, 0, "set full name", NULL}, + {"homedir", 'h',POPT_ARG_STRING,&home_dir, 0, "set home directory", NULL}, + {"drive", 'd',POPT_ARG_STRING,&home_drive, 0, "set home drive", NULL}, + {"script", 's',POPT_ARG_STRING,&logon_script, 0, "set logon script", NULL}, + {"profile", 'p',POPT_ARG_STRING,&profile_path, 0, "set profile path", NULL}, + {"create", 'a',POPT_ARG_VAL,&add_user, 1, "create user", NULL}, + {"machine", 'm',POPT_ARG_VAL,&machine, 1,"account is a machine account",NULL}, + {"delete", 'x',POPT_ARG_VAL,&delete_user,1,"delete user",NULL}, + {"import", 'i',POPT_ARG_STRING,&backend_in,0,"use different passdb backend",NULL}, + {"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL}, + {"debuglevel",'D', POPT_ARG_STRING, &new_debuglevel,0,"set debuglevel",NULL}, + {"configfile",'c',POPT_ARG_STRING, &config_file,0,"use different configuration file",NULL}, {0,0,0,0} }; - + setup_logging("pdbedit", True); - + pc = poptGetContext(NULL, argc, (const char **) argv, long_options, - POPT_CONTEXT_KEEP_FIRST); - - while((opt = poptGetNextOpt(pc)) != -1) { - switch (opt) { - case 'V': - account_policy_value_set = True; - break; - } - } - - if (new_debuglevel) { + POPT_CONTEXT_KEEP_FIRST); + + while((opt = poptGetNextOpt(pc)) != -1); + + if (new_debuglevel){ debug_parse_levels(new_debuglevel); AllowDebugChange = False; } - + if (!lp_load(config_file,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", config_file); + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + config_file); exit(1); } - setparms = (config_file ? BIT_CONFIGFILE : 0) + - (new_debuglevel ? BIT_DEBUGLEVEL : 0) + - (backend ? BIT_BACKEND : 0) + - (verbose ? BIT_VERBOSE : 0) + - (spstyle ? BIT_SPSTYLE : 0) + - (full_name ? BIT_FULLNAME : 0) + - (home_dir ? BIT_HOMEDIR : 0) + - (home_drive ? BIT_HDIRDRIVE : 0) + - (logon_script ? BIT_LOGSCRIPT : 0) + - (profile_path ? BIT_PROFILE : 0) + - (machine ? BIT_MACHINE : 0) + - (user_name ? BIT_USER : 0) + - (list_users ? BIT_LIST : 0) + - (modify_user ? BIT_MODIFY : 0) + - (add_user ? BIT_CREATE : 0) + - (delete_user ? BIT_DELETE : 0) + - (account_policy ? BIT_ACCPOLICY : 0) + - (account_policy_value_set ? BIT_ACCPOLVAL : 0) + - (backend_in ? BIT_IMPORT : 0) + - (backend_out ? BIT_EXPORT : 0); - - if (setparms & BIT_BACKEND) { - if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) { + + setparms = (full_name || home_dir || home_drive || logon_script || profile_path); + + if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) > 1) { + fprintf (stderr, "Incompatible options on command line!\n"); + exit(1); + } + + if (!backend_in) { + if (!NT_STATUS_IS_OK(make_pdb_context_list(&in, lp_passdb_backend()))){ fprintf(stderr, "Can't initialize passdb backend.\n"); return 1; } } else { - if (!NT_STATUS_IS_OK(make_pdb_context_list(&bdef, lp_passdb_backend()))) { + if (!NT_STATUS_IS_OK(make_pdb_context_string(&in, backend_in))){ fprintf(stderr, "Can't initialize passdb backend.\n"); return 1; } } - - /* the lowest bit options are always accepted */ - checkparms = setparms & ~MASK_ALWAYS_GOOD; - - /* accoun tpolicy operations */ - if ((checkparms & BIT_ACCPOLICY) && !(checkparms & ~(BIT_ACCPOLICY + BIT_ACCPOLVAL))) { - uint32 value; - int field = account_policy_name_to_fieldnum(account_policy); - if (field == 0) { - fprintf(stderr, "No account policy by that name\n"); - exit(1); - } - if (!account_policy_get(field, &value)) { - fprintf(stderr, "valid account policy, but unable to fetch value!\n"); - exit(1); - } - if (account_policy_value_set) { - printf("account policy value for %s was %u\n", account_policy, value); - if (!account_policy_set(field, account_policy_value)) { - fprintf(stderr, "valid account policy, but unable to set value!\n"); - exit(1); - } - printf("account policy value for %s is now %lu\n", account_policy, account_policy_value); - exit(0); - } else { - printf("account policy value for %s is %u\n", account_policy, value); - exit(0); - } - } - /* import and export operations */ - if (((checkparms & BIT_IMPORT) || (checkparms & BIT_EXPORT)) - && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT))) { - if (backend_in) { - if (!NT_STATUS_IS_OK(make_pdb_context_string(&bin, backend_in))) { - fprintf(stderr, "Can't initialize passdb backend.\n"); - return 1; - } - } else { - bin = bdef; - } - if (backend_out) { - if (!NT_STATUS_IS_OK(make_pdb_context_string(&bout, backend_out))) { - fprintf(stderr, "Can't initialize %s.\n", backend_out); - return 1; - } - } else { - bout = bdef; + if (add_user) { + if (!user_name) { + fprintf (stderr, "Username not specified! (use -u option)\n"); + return -1; } - return export_database(bin, bout); + if (machine) + return new_machine (in, user_name); + else + return new_user (in, user_name, full_name, home_dir, + home_drive, logon_script, + profile_path); } - /* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */ - /* fake up BIT_LIST if only BIT_USER is defined */ - if ((checkparms & BIT_USER) && !(checkparms & ~BIT_USER)) { - checkparms += BIT_LIST; - } - - /* modify flag is optional to maintain backwards compatibility */ - /* fake up BIT_MODIFY if BIT_USER and at least one of MASK_USER_GOOD is defined */ - if (!((checkparms & ~MASK_USER_GOOD) & ~BIT_USER) && (checkparms & MASK_USER_GOOD)) { - checkparms += BIT_MODIFY; - } - - /* list users operations */ - if (checkparms & BIT_LIST) { - if (!(checkparms & ~BIT_LIST)) { - return print_users_list (bdef, verbose, spstyle); - } - if (!(checkparms & ~(BIT_USER + BIT_LIST))) { - return print_user_info (bdef, user_name, verbose, spstyle); - } - } - - /* mask out users options */ - checkparms &= ~MASK_USER_GOOD; - - /* account operation */ - if ((checkparms & BIT_CREATE) || (checkparms & BIT_MODIFY) || (checkparms & BIT_DELETE)) { - /* check use of -u option */ - if (!(checkparms & BIT_USER)) { + if (delete_user) { + if (!user_name) { fprintf (stderr, "Username not specified! (use -u option)\n"); return -1; } + if (machine) + return delete_machine_entry (in, user_name); + else + return delete_user_entry (in, user_name); + } - /* account creation operations */ - if (!(checkparms & ~(BIT_CREATE + BIT_USER + BIT_MACHINE))) { - if (checkparms & BIT_MACHINE) { - return new_machine (bdef, user_name); - } else { - return new_user (bdef, user_name, full_name, home_dir, - home_drive, logon_script, - profile_path); - } - } - - /* account deletion operations */ - if (!(checkparms & ~(BIT_DELETE + BIT_USER + BIT_MACHINE))) { - if (checkparms & BIT_MACHINE) { - return delete_machine_entry (bdef, user_name); - } else { - return delete_user_entry (bdef, user_name); - } - } - - /* account modification operations */ - if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) { - return set_user_info (bdef, user_name, full_name, + if (user_name) { + if (setparms) + return set_user_info (in, user_name, full_name, home_dir, home_drive, logon_script, profile_path); - } + else + return print_user_info (in, user_name, verbose, + spstyle); } - if (setparms >= 0x20) { - fprintf (stderr, "Incompatible or insufficient options on command line!\n"); - } + if (list_users) + return print_users_list (in, verbose, spstyle); + + if (backend_out) + return export_database(in, backend_out); + poptPrintHelp(pc, stderr, 0); return 1; } + + diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 4f9df90fa2..b6a13180a3 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -29,7 +29,7 @@ static pstring owner_username; static fstring server; static int got_pass; static int test_args; -static TALLOC_CTX *ctx; +TALLOC_CTX *ctx; #define CREATE_ACCESS_READ READ_CONTROL_ACCESS #define CREATE_ACCESS_WRITE (WRITE_DAC_ACCESS | WRITE_OWNER_ACCESS) diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index 2d78b21dcc..65519e8888 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -223,23 +223,6 @@ static void register_all(void) message_register(MSG_POOL_USAGE, pool_usage_cb); } -/* This guy is here so we can link printing/notify.c to the smbcontrol - binary without having to pull in tons of other crap. */ - -TDB_CONTEXT *conn_tdb_ctx(void) -{ - static TDB_CONTEXT *tdb; - - if (tdb) - return tdb; - - tdb = tdb_open_log(lock_path("connections.tdb"), 0, TDB_DEFAULT, O_RDONLY, 0); - - if (!tdb) - DEBUG(3, ("Failed to open connections database in send_spoolss_notify2_msg\n")); - - return tdb; -} /**************************************************************************** do command @@ -369,9 +352,6 @@ static BOOL do_command(char *dest, char *msg_name, int iparams, char **params) fprintf(stderr, "Must specify subcommand:\n"); fprintf(stderr, "\tqueuepause <printername>\n"); fprintf(stderr, "\tqueueresume <printername>\n"); - fprintf(stderr, "\tjobpause <printername> <unix jobid>\n"); - fprintf(stderr, "\tjobresume <printername> <unix jobid>\n"); - fprintf(stderr, "\tjobdelete <printername> <unix jobid>\n"); return False; } diff --git a/source3/utils/smbgroupedit.c b/source3/utils/smbgroupedit.c index 4358e6f08c..3fdc07c2d5 100644 --- a/source3/utils/smbgroupedit.c +++ b/source3/utils/smbgroupedit.c @@ -22,7 +22,7 @@ #include "includes.h" extern pstring global_myname; -extern fstring global_myworkgroup; +extern pstring global_myworkgroup; /* * Next two lines needed for SunOS and don't @@ -45,13 +45,11 @@ static void usage(void) printf(" -a group create new group\n"); printf(" -n group NT group name\n"); printf(" -p privilege only local\n"); - printf(" -d description group description\n"); printf(" -v list groups\n"); printf(" -l long list (include details)\n"); printf(" -s short list (default)\n"); printf(" -c SID change group\n"); printf(" -u unix group\n"); - printf(" -d description group description\n"); printf(" -x group delete this group\n"); printf("\n"); printf(" -t[b|d|l] type: builtin, domain, local \n"); diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 98993676c9..70bf551edb 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -92,7 +92,7 @@ static int process_options(int argc, char **argv, int local_flags) user_name[0] = '\0'; - while ((ch = getopt(argc, argv, "c:axdehminjr:sw:R:D:U:L")) != EOF) { + while ((ch = getopt(argc, argv, "c:axdehmnjr:sw:R:D:U:L")) != EOF) { switch(ch) { case 'L': local_flags |= LOCAL_AM_ROOT; @@ -416,11 +416,9 @@ static int process_root(int local_flags) exit(1); } } - - /* prepare uppercased and '$' terminated username */ slprintf(buf, sizeof(buf) - 1, "%s$", user_name); fstrcpy(user_name, buf); - + } else { if (remote_machine != NULL) { diff --git a/source3/utils/smbtree.c b/source3/utils/smbtree.c index b733f8112f..bcb460ee0b 100644 --- a/source3/utils/smbtree.c +++ b/source3/utils/smbtree.c @@ -32,7 +32,7 @@ struct user_auth_info { /* How low can we go? */ enum tree_level {LEV_WORKGROUP, LEV_SERVER, LEV_SHARE}; -static enum tree_level level = LEV_SHARE; +enum tree_level level = LEV_SHARE; static void usage(void) { diff --git a/source3/utils/status.c b/source3/utils/status.c index 0b0c591cb1..b1e8bb9d8e 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -37,6 +37,14 @@ extern BOOL AllowDebugChange; +struct session_record{ + pid_t pid; + uid_t uid; + char machine[31]; + time_t start; + struct session_record *next; +} *srecs; + static pstring Ucrit_username = ""; /* added by OH */ static pid_t Ucrit_pid[100]; /* Ugly !!! */ /* added by OH */ static int Ucrit_MaxPid=0; /* added by OH */ @@ -551,7 +559,7 @@ static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, vo {"brief", 'b', POPT_ARG_NONE, &brief}, {"profile", 'P', POPT_ARG_NONE, &profile_only}, {"byterange", 'B', POPT_ARG_NONE, &show_brl}, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, + {"debug", 'd', POPT_ARG_STRING, &new_debuglevel}, { 0, 0, 0, 0} }; diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index 3086019467..1d48249a75 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -175,6 +175,7 @@ int main(int argc, char *argv[]) { extern char *optarg; extern int optind; + extern fstring local_machine; const char *config_file = dyn_CONFIGFILE; int s; static BOOL silent_mode = False; @@ -182,7 +183,7 @@ int main(int argc, char *argv[]) int opt; poptContext pc; static char *term_code = ""; - static char *new_local_machine = NULL; + static char *new_local_machine = local_machine; const char *cname; const char *caddr; @@ -206,10 +207,8 @@ int main(int argc, char *argv[]) cname = poptGetArg(pc); caddr = poptGetArg(pc); - - if (new_local_machine) { - set_local_machine_name(new_local_machine); - } + + fstrcpy(local_machine,new_local_machine); dbf = x_stdout; DEBUGLEVEL = 2; |