summaryrefslogtreecommitdiff
path: root/source3/utils
diff options
context:
space:
mode:
Diffstat (limited to 'source3/utils')
-rw-r--r--source3/utils/net_proto.h9
-rw-r--r--source3/utils/net_rpc.c9
-rw-r--r--source3/utils/net_rpc_samsync.c77
3 files changed, 93 insertions, 2 deletions
diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h
index a370d3d6b2..10b1e4709a 100644
--- a/source3/utils/net_proto.h
+++ b/source3/utils/net_proto.h
@@ -368,6 +368,15 @@ NTSTATUS rpc_vampire_ldif_internals(struct net_context *c,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv);
+NTSTATUS rpc_vampire_keytab_internals(struct net_context *c,
+ const DOM_SID *domain_sid,
+ const char *domain_name,
+ struct cli_state *cli,
+ struct rpc_pipe_client *pipe_hnd,
+ TALLOC_CTX *mem_ctx,
+ int argc,
+ const char **argv);
+int rpc_vampire_keytab(struct net_context *c, int argc, const char **argv);
/* The following definitions come from utils/net_rpc_service.c */
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 6a7c638e2a..19566bdf09 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -6818,6 +6818,15 @@ static int rpc_vampire(struct net_context *c, int argc, const char **argv)
"net rpc vampire ldif\n"
" Dump remote SAM database to LDIF file or stdout"
},
+ {
+ "keytab",
+ rpc_vampire_keytab,
+ NET_TRANSPORT_RPC,
+ "Dump remote SAM database to Kerberos Keytab",
+ "net rpc vampire keytab\n"
+ " Dump remote SAM database to Kerberos keytab file"
+ },
+
{NULL, NULL, 0, NULL, NULL}
};
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index c941338b32..e4aa343d06 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -73,11 +73,13 @@ NTSTATUS rpc_samdump_internals(struct net_context *c,
int rpc_vampire_usage(struct net_context *c, int argc, const char **argv)
{
- d_printf("net rpc vampire [ldif [<ldif-filename>] [options]\n"
+ d_printf("net rpc vampire ([ldif [<ldif-filename>] | [keytab] [<keytab-filename]) [options]\n"
"\t to pull accounts from a remote PDC where we are a BDC\n"
"\t\t no args puts accounts in local passdb from smb.conf\n"
"\t\t ldif - put accounts in ldif format (file defaults to "
- "/tmp/tmp.ldif\n");
+ "/tmp/tmp.ldif)\n"
+ "\t\t keytab - put account passwords in krb5 keytab (defaults "
+ "to system keytab)\n");
net_common_flags_usage(c, argc, argv);
return -1;
@@ -226,3 +228,74 @@ int rpc_vampire_ldif(struct net_context *c, int argc, const char **argv)
return run_rpc_command(c, NULL, PI_NETLOGON, 0, rpc_vampire_ldif_internals,
argc, argv);
}
+
+
+NTSTATUS rpc_vampire_keytab_internals(struct net_context *c,
+ const DOM_SID *domain_sid,
+ const char *domain_name,
+ struct cli_state *cli,
+ struct rpc_pipe_client *pipe_hnd,
+ TALLOC_CTX *mem_ctx,
+ int argc,
+ const char **argv)
+{
+ NTSTATUS status;
+ struct samsync_context *ctx = NULL;
+
+ status = libnet_samsync_init_context(mem_ctx,
+ domain_sid,
+ &ctx);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if (argc >= 1) {
+ ctx->output_filename = argv[0];
+ }
+
+ ctx->mode = NET_SAMSYNC_MODE_FETCH_KEYTAB;
+ ctx->cli = pipe_hnd;
+ ctx->delta_fn = fetch_sam_entries_keytab;
+ ctx->domain_name = domain_name;
+ ctx->username = c->opt_user_name;
+ ctx->password = c->opt_password;
+
+ /* fetch domain */
+ status = libnet_samsync(SAM_DATABASE_DOMAIN, ctx);
+
+ if (!NT_STATUS_IS_OK(status) && ctx->error_message) {
+ d_fprintf(stderr, "%s\n", ctx->error_message);
+ goto out;
+ }
+
+ if (ctx->result_message) {
+ d_fprintf(stdout, "%s\n", ctx->result_message);
+ }
+
+ out:
+ TALLOC_FREE(ctx);
+
+ return status;
+}
+
+/**
+ * Basic function for 'net rpc vampire keytab'
+ *
+ * @param c A net_context structure
+ * @param argc Standard main() style argc
+ * @param argc Standard main() style argv. Initial components are already
+ * stripped
+ **/
+
+int rpc_vampire_keytab(struct net_context *c, int argc, const char **argv)
+{
+ if (c->display_usage) {
+ d_printf("Usage\n"
+ "net rpc vampire keytab\n"
+ " Dump remote SAM database to Kerberos keytab file\n");
+ return 0;
+ }
+
+ return run_rpc_command(c, NULL, PI_NETLOGON, 0, rpc_vampire_keytab_internals,
+ argc, argv);
+}