summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/utils/net_ads.c726
-rw-r--r--source3/utils/net_proto.h2
2 files changed, 512 insertions, 216 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index db2021ff7b..a71ba5b1d2 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -27,42 +27,6 @@
#ifdef HAVE_ADS
-int net_ads_help(struct net_context *c, int argc, const char **argv)
-{
- d_printf("join [createupn[=principal]] [createcomputer=<org_unit>]\n");
- d_printf(" Join the local machine to a ADS realm\n");
- d_printf("leave\n");
- d_printf(" Remove the local machine from a ADS realm\n");
- d_printf("testjoin\n");
- d_printf(" Validates the machine account in the domain\n");
- d_printf("user\n");
- d_printf(" List, add, or delete users in the realm\n");
- d_printf("group\n");
- d_printf(" List, add, or delete groups in the realm\n");
- d_printf("info\n");
- d_printf(" Displays details regarding a specific AD server\n");
- d_printf("status\n");
- d_printf(" Display details regarding the machine's account in AD\n");
- d_printf("lookup\n");
- d_printf(" Performs CLDAP query of AD domain controllers\n");
- d_printf("password <username@realm> <password> -Uadmin_username@realm%%admin_pass\n");
- d_printf(" Change a user's password using an admin account\n");
- d_printf(" (note: use realm in UPPERCASE, prompts if password is obmitted)\n");
- d_printf("changetrustpw\n");
- d_printf(" Change the trust account password of this machine in the AD tree\n");
- d_printf("printer [info | publish | remove] <printername> <servername>\n");
- d_printf(" Lookup, add, or remove directory entry for a printer\n");
- d_printf("{search,dn,sid}\n");
- d_printf(" Issue LDAP search queries using a general filter, by DN, or by SID\n");
- d_printf("keytab\n");
- d_printf(" Manage a local keytab file based on the machine account in AD\n");
- d_printf("dns\n");
- d_printf(" Issue a dynamic DNS update request the server's hostname\n");
- d_printf(" (using the machine credentials)\n");
-
- return -1;
-}
-
/* when we do not have sufficient input parameters to contact a remote domain
* we always fall back to our own realm - Guenther*/
@@ -161,6 +125,13 @@ static int net_ads_lookup(struct net_context *c, int argc, const char **argv)
{
ADS_STRUCT *ads;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads lookup\n"
+ " Find the ADS DC using CLDAP lookup.\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup_nobind(c, false, &ads))) {
d_fprintf(stderr, "Didn't find the cldap server!\n");
return -1;
@@ -181,6 +152,14 @@ static int net_ads_info(struct net_context *c, int argc, const char **argv)
ADS_STRUCT *ads;
char addr[INET6_ADDRSTRLEN];
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads info\n"
+ " Display information about an Active Directory "
+ "server.\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup_nobind(c, false, &ads))) {
d_fprintf(stderr, "Didn't find the ldap server!\n");
return -1;
@@ -384,6 +363,13 @@ static int net_ads_workgroup(struct net_context *c, int argc, const char **argv)
char addr[INET6_ADDRSTRLEN];
struct nbt_cldap_netlogon_5 reply;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads workgroup\n"
+ " Print the workgroup name\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup_nobind(c, false, &ads))) {
d_fprintf(stderr, "Didn't find the cldap server!\n");
return -1;
@@ -451,7 +437,8 @@ static int ads_user_add(struct net_context *c, int argc, const char **argv)
int rc = -1;
char *ou_str = NULL;
- if (argc < 1) return net_ads_user_usage(c, argc, argv);
+ if (argc < 1 || c->display_usage)
+ return net_ads_user_usage(c, argc, argv);
if (!ADS_ERR_OK(ads_startup(c, false, &ads))) {
return -1;
@@ -530,7 +517,7 @@ static int ads_user_info(struct net_context *c, int argc, const char **argv)
char **grouplist;
char *escaped_user;
- if (argc < 1) {
+ if (argc < 1 || c->display_usage) {
return net_ads_user_usage(c, argc, argv);
}
@@ -616,11 +603,32 @@ static int ads_user_delete(struct net_context *c, int argc, const char **argv)
int net_ads_user(struct net_context *c, int argc, const char **argv)
{
- struct functable func[] = {
- {"ADD", ads_user_add},
- {"INFO", ads_user_info},
- {"DELETE", ads_user_delete},
- {NULL, NULL}
+ struct functable3 func[] = {
+ {
+ "add",
+ ads_user_add,
+ NET_TRANSPORT_ADS,
+ "Add an AD user",
+ "net ads user add\n"
+ " Add an AD user"
+ },
+ {
+ "info",
+ ads_user_info,
+ NET_TRANSPORT_ADS,
+ "Display information about an AD user",
+ "net ads user info\n"
+ " Display information about an AD user"
+ },
+ {
+ "delete",
+ ads_user_delete,
+ NET_TRANSPORT_ADS,
+ "Delete an AD user",
+ "net ads user delete\n"
+ " Delete an AD user"
+ },
+ {NULL, NULL, 0, NULL, NULL}
};
ADS_STRUCT *ads;
ADS_STATUS rc;
@@ -629,12 +637,20 @@ int net_ads_user(struct net_context *c, int argc, const char **argv)
char *disp_fields[2] = {NULL, NULL};
if (argc == 0) {
+ if (c->display_usage) {
+ d_printf("Usage:\n");
+ d_printf("net ads user\n"
+ " List AD users\n");
+ net_display_usage_from_functable(func);
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup(c, false, &ads))) {
return -1;
}
if (c->opt_long_list_entries)
- d_printf("\nUser name Comment"\
+ d_printf("\nUser name Comment"
"\n-----------------------------\n");
rc = ads_do_search_all_fn(ads, ads->config.bind_path,
@@ -647,7 +663,7 @@ int net_ads_user(struct net_context *c, int argc, const char **argv)
return ADS_ERR_OK(rc) ? 0 : -1;
}
- return net_run_function(c, argc, argv, func, net_ads_user_usage);
+ return net_run_function3(c, argc, argv, "net ads user", func);
}
static int net_ads_group_usage(struct net_context *c, int argc, const char **argv)
@@ -663,7 +679,7 @@ static int ads_group_add(struct net_context *c, int argc, const char **argv)
int rc = -1;
char *ou_str = NULL;
- if (argc < 1) {
+ if (argc < 1 || c->display_usage) {
return net_ads_group_usage(c, argc, argv);
}
@@ -714,7 +730,7 @@ static int ads_group_delete(struct net_context *c, int argc, const char **argv)
LDAPMessage *res = NULL;
char *groupdn;
- if (argc < 1) {
+ if (argc < 1 || c->display_usage) {
return net_ads_group_usage(c, argc, argv);
}
@@ -746,10 +762,24 @@ static int ads_group_delete(struct net_context *c, int argc, const char **argv)
int net_ads_group(struct net_context *c, int argc, const char **argv)
{
- struct functable func[] = {
- {"ADD", ads_group_add},
- {"DELETE", ads_group_delete},
- {NULL, NULL}
+ struct functable3 func[] = {
+ {
+ "add",
+ ads_group_add,
+ NET_TRANSPORT_ADS,
+ "Add an AD group",
+ "net ads group add\n"
+ " Add an AD group"
+ },
+ {
+ "delete",
+ ads_group_delete,
+ NET_TRANSPORT_ADS,
+ "Delete an AD group",
+ "net ads group delete\n"
+ " Delete an AD group"
+ },
+ {NULL, NULL, 0, NULL, NULL}
};
ADS_STRUCT *ads;
ADS_STATUS rc;
@@ -758,12 +788,20 @@ int net_ads_group(struct net_context *c, int argc, const char **argv)
char *disp_fields[2] = {NULL, NULL};
if (argc == 0) {
+ if (c->display_usage) {
+ d_printf("Usage:\n");
+ d_printf("net ads group\n"
+ " List AD groups\n");
+ net_display_usage_from_functable(func);
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup(c, false, &ads))) {
return -1;
}
if (c->opt_long_list_entries)
- d_printf("\nGroup name Comment"\
+ d_printf("\nGroup name Comment"
"\n-----------------------------\n");
rc = ads_do_search_all_fn(ads, ads->config.bind_path,
LDAP_SCOPE_SUBTREE,
@@ -775,7 +813,7 @@ int net_ads_group(struct net_context *c, int argc, const char **argv)
ads_destroy(&ads);
return ADS_ERR_OK(rc) ? 0 : -1;
}
- return net_run_function(c, argc, argv, func, net_ads_group_usage);
+ return net_run_function3(c, argc, argv, "net ads group", func);
}
static int net_ads_status(struct net_context *c, int argc, const char **argv)
@@ -784,6 +822,13 @@ static int net_ads_status(struct net_context *c, int argc, const char **argv)
ADS_STATUS rc;
LDAPMessage *res;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads status\n"
+ " Display machine account details\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
return -1;
}
@@ -819,6 +864,13 @@ static int net_ads_leave(struct net_context *c, int argc, const char **argv)
struct libnet_UnjoinCtx *r = NULL;
WERROR werr;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads leave\n"
+ " Leave an AD domain\n");
+ return 0;
+ }
+
if (!*lp_realm()) {
d_fprintf(stderr, "No realm set, are we joined ?\n");
return -1;
@@ -911,6 +963,13 @@ int net_ads_testjoin(struct net_context *c, int argc, const char **argv)
NTSTATUS status;
use_in_memory_ccache();
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads testjoin\n"
+ " Test if the existing join is ok\n");
+ return 0;
+ }
+
/* Display success or failure */
status = net_ads_join_ok(c);
if (!NT_STATUS_IS_OK(status)) {
@@ -1117,6 +1176,9 @@ int net_ads_join(struct net_context *c, int argc, const char **argv)
const char *os_version = NULL;
bool modify_config = lp_config_backend_is_registry();
+ if (c->display_usage)
+ return net_ads_join_usage(c, argc, argv);
+
if (!modify_config) {
werr = check_ads_config();
@@ -1263,23 +1325,6 @@ fail:
/*******************************************************************
********************************************************************/
-static int net_ads_dns_usage(struct net_context *c, int argc, const char **argv)
-{
-#if defined(WITH_DNS_UPDATES)
- d_printf("net ads dns <command>\n");
- d_printf("Valid commands:\n");
- d_printf(" register Issue a dynamic DNS update request for our hostname\n");
-
- return 0;
-#else
- d_fprintf(stderr, "DNS update support not enabled at compile time!\n");
- return -1;
-#endif
-}
-
-/*******************************************************************
- ********************************************************************/
-
static int net_ads_dns_register(struct net_context *c, int argc, const char **argv)
{
#if defined(WITH_DNS_UPDATES)
@@ -1291,8 +1336,10 @@ static int net_ads_dns_register(struct net_context *c, int argc, const char **ar
talloc_enable_leak_report();
#endif
- if (argc > 0) {
- d_fprintf(stderr, "net ads dns register\n");
+ if (argc > 0 || c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads dns register\n"
+ " Register hostname with DNS\n");
return -1;
}
@@ -1340,9 +1387,12 @@ static int net_ads_dns_gethostbyname(struct net_context *c, int argc, const char
talloc_enable_leak_report();
#endif
- if (argc != 2) {
- d_fprintf(stderr, "net ads dns gethostbyname <server> "
- "<name>\n");
+ if (argc != 2 || c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads dns gethostbyname <server> <name>\n"
+ " Look up hostname from the AD\n"
+ " server\tName server to use\n"
+ " name\tName to look up\n");
return -1;
}
@@ -1355,13 +1405,27 @@ static int net_ads_dns_gethostbyname(struct net_context *c, int argc, const char
static int net_ads_dns(struct net_context *c, int argc, const char *argv[])
{
- struct functable func[] = {
- {"REGISTER", net_ads_dns_register},
- {"GETHOSTBYNAME", net_ads_dns_gethostbyname},
- {NULL, NULL}
+ struct functable3 func[] = {
+ {
+ "register",
+ net_ads_dns_register,
+ NET_TRANSPORT_ADS,
+ "Add host dns entry to AD",
+ "net ads dns register\n"
+ " Add host dns entry to AD"
+ },
+ {
+ "gethostbyname",
+ net_ads_dns_gethostbyname,
+ NET_TRANSPORT_ADS,
+ "Look up host",
+ "net ads dns gethostbyname\n"
+ " Look up host"
+ },
+ {NULL, NULL, 0, NULL, NULL}
};
- return net_run_function(c, argc, argv, func, net_ads_dns_usage);
+ return net_run_function3(c, argc, argv, "net ads dns", func);
}
/*******************************************************************
@@ -1393,6 +1457,13 @@ static int net_ads_printer_search(struct net_context *c, int argc, const char **
ADS_STATUS rc;
LDAPMessage *res = NULL;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads printer search\n"
+ " List printers in the AD\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup(c, false, &ads))) {
return -1;
}
@@ -1426,6 +1497,15 @@ static int net_ads_printer_info(struct net_context *c, int argc, const char **ar
const char *servername, *printername;
LDAPMessage *res = NULL;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads printer info [printername [servername]]\n"
+ " Display printer info from AD\n"
+ " printername\tPrinter name or wildcard\n"
+ " servername\tName of the print server\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup(c, false, &ads))) {
return -1;
}
@@ -1481,14 +1561,19 @@ static int net_ads_printer_publish(struct net_context *c, int argc, const char *
char *srv_cn_escaped = NULL, *printername_escaped = NULL;
LDAPMessage *res = NULL;
- if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
+ if (argc < 1 || c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads printer publish <printername> [servername]\n"
+ " Publish printer in AD\n"
+ " printername\tName of the printer\n"
+ " servername\tName of the print server\n");
talloc_destroy(mem_ctx);
return -1;
}
- if (argc < 1) {
+ if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
talloc_destroy(mem_ctx);
- return net_ads_printer_usage(c, argc, argv);
+ return -1;
}
printername = argv[0];
@@ -1593,12 +1678,17 @@ static int net_ads_printer_remove(struct net_context *c, int argc, const char **
char *prt_dn;
LDAPMessage *res = NULL;
- if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
+ if (argc < 1 || c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads printer remove <printername> [servername]\n"
+ " Remove a printer from the AD\n"
+ " printername\tName of the printer\n"
+ " servername\tName of the print server\n");
return -1;
}
- if (argc < 1) {
- return net_ads_printer_usage(c, argc, argv);
+ if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
+ return -1;
}
if (argc > 1) {
@@ -1640,15 +1730,43 @@ static int net_ads_printer_remove(struct net_context *c, int argc, const char **
static int net_ads_printer(struct net_context *c, int argc, const char **argv)
{
- struct functable func[] = {
- {"SEARCH", net_ads_printer_search},
- {"INFO", net_ads_printer_info},
- {"PUBLISH", net_ads_printer_publish},
- {"REMOVE", net_ads_printer_remove},
- {NULL, NULL}
+ struct functable3 func[] = {
+ {
+ "search",
+ net_ads_printer_search,
+ NET_TRANSPORT_ADS,
+ "Search for a printer",
+ "net ads printer search\n"
+ " Search for a printer"
+ },
+ {
+ "info",
+ net_ads_printer_info,
+ NET_TRANSPORT_ADS,
+ "Display printer information",
+ "net ads printer info\n"
+ " Display printer information"
+ },
+ {
+ "publish",
+ net_ads_printer_publish,
+ NET_TRANSPORT_ADS,
+ "Publish a printer",
+ "net ads printer publish\n"
+ " Publish a printer"
+ },
+ {
+ "remove",
+ net_ads_printer_remove,
+ NET_TRANSPORT_ADS,
+ "Delete a printer",
+ "net ads printer remove\n"
+ " Delete a printer"
+ },
+ {NULL, NULL, 0, NULL, NULL}
};
- return net_run_function(c, argc, argv, func, net_ads_printer_usage);
+ return net_run_function3(c, argc, argv, "net ads printer", func);
}
@@ -1663,6 +1781,14 @@ static int net_ads_password(struct net_context *c, int argc, const char **argv)
const char *user;
ADS_STATUS ret;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads password <username>\n"
+ " Change password for user\n"
+ " username\tName of user to change password for\n");
+ return 0;
+ }
+
if (c->opt_user_name == NULL || c->opt_password == NULL) {
d_fprintf(stderr, "You must supply an administrator username/password\n");
return -1;
@@ -1731,6 +1857,13 @@ int net_ads_changetrustpw(struct net_context *c, int argc, const char **argv)
fstring my_name;
ADS_STATUS ret;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads changetrustpw\n"
+ " Change the machine account's trust password\n");
+ return 0;
+ }
+
if (!secrets_init()) {
DEBUG(1,("Failed to initialise secrets database\n"));
return -1;
@@ -1779,10 +1912,10 @@ int net_ads_changetrustpw(struct net_context *c, int argc, const char **argv)
static int net_ads_search_usage(struct net_context *c, int argc, const char **argv)
{
d_printf(
- "\nnet ads search <expression> <attributes...>\n"\
- "\nperform a raw LDAP search on a ADS server and dump the results\n"\
- "The expression is a standard LDAP search expression, and the\n"\
- "attributes are a list of LDAP fields to show in the results\n\n"\
+ "\nnet ads search <expression> <attributes...>\n"
+ "\nperform a raw LDAP search on a ADS server and dump the results\n"
+ "The expression is a standard LDAP search expression, and the\n"
+ "attributes are a list of LDAP fields to show in the results\n\n"
"Example: net ads search '(objectCategory=group)' sAMAccountName\n\n"
);
net_common_flags_usage(c, argc, argv);
@@ -1801,7 +1934,7 @@ static int net_ads_search(struct net_context *c, int argc, const char **argv)
const char **attrs;
LDAPMessage *res = NULL;
- if (argc < 1) {
+ if (argc < 1 || c->display_usage) {
return net_ads_search_usage(c, argc, argv);
}
@@ -1839,10 +1972,10 @@ static int net_ads_search(struct net_context *c, int argc, const char **argv)
static int net_ads_dn_usage(struct net_context *c, int argc, const char **argv)
{
d_printf(
- "\nnet ads dn <dn> <attributes...>\n"\
- "\nperform a raw LDAP search on a ADS server and dump the results\n"\
- "The DN standard LDAP DN, and the attributes are a list of LDAP fields \n"\
- "to show in the results\n\n"\
+ "\nnet ads dn <dn> <attributes...>\n"
+ "\nperform a raw LDAP search on a ADS server and dump the results\n"
+ "The DN standard LDAP DN, and the attributes are a list of LDAP fields \n"
+ "to show in the results\n\n"
"Example: net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' sAMAccountName\n\n"
"Note: the DN must be provided properly escaped. See RFC 4514 for details\n\n"
);
@@ -1862,7 +1995,7 @@ static int net_ads_dn(struct net_context *c, int argc, const char **argv)
const char **attrs;
LDAPMessage *res = NULL;
- if (argc < 1) {
+ if (argc < 1 || c->display_usage) {
return net_ads_dn_usage(c, argc, argv);
}
@@ -1899,10 +2032,10 @@ static int net_ads_dn(struct net_context *c, int argc, const char **argv)
static int net_ads_sid_usage(struct net_context *c, int argc, const char **argv)
{
d_printf(
- "\nnet ads sid <sid> <attributes...>\n"\
- "\nperform a raw LDAP search on a ADS server and dump the results\n"\
- "The SID is in string format, and the attributes are a list of LDAP fields \n"\
- "to show in the results\n\n"\
+ "\nnet ads sid <sid> <attributes...>\n"
+ "\nperform a raw LDAP search on a ADS server and dump the results\n"
+ "The SID is in string format, and the attributes are a list of LDAP fields \n"
+ "to show in the results\n\n"
"Example: net ads sid 'S-1-5-32' distinguishedName\n\n"
);
net_common_flags_usage(c, argc, argv);
@@ -1922,7 +2055,7 @@ static int net_ads_sid(struct net_context *c, int argc, const char **argv)
LDAPMessage *res = NULL;
DOM_SID sid;
- if (argc < 1) {
+ if (argc < 1 || c->display_usage) {
return net_ads_sid_usage(c, argc, argv);
}
@@ -1957,34 +2090,18 @@ static int net_ads_sid(struct net_context *c, int argc, const char **argv)
return 0;
}
-
-static int net_ads_keytab_usage(struct net_context *c, int argc, const char **argv)
-{
- d_printf(
- "net ads keytab <COMMAND>\n"\
-"<COMMAND> can be either:\n"\
-" ADD Adds new service principal\n"\
-" CREATE Creates a fresh keytab\n"\
-" FLUSH Flushes out all keytab entries\n"\
-" HELP Prints this help message\n"\
-" LIST List the keytab\n"\
-"The ADD and LIST command will take arguments, the other commands\n"\
-"will not take any arguments. The arguments given to ADD\n"\
-"should be a list of principals to add. For example, \n"\
-" net ads keytab add srv1 srv2\n"\
-"will add principals for the services srv1 and srv2 to the\n"\
-"system's keytab.\n"\
-"The LIST command takes a keytabname.\n"\
-"\n"
- );
- return -1;
-}
-
static int net_ads_keytab_flush(struct net_context *c, int argc, const char **argv)
{
int ret;
ADS_STRUCT *ads;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads keytab flush\n"
+ " Delete the whole keytab\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
return -1;
}
@@ -1999,6 +2116,15 @@ static int net_ads_keytab_add(struct net_context *c, int argc, const char **argv
int ret = 0;
ADS_STRUCT *ads;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads keytab add <principal> [principal ...]\n"
+ " Add principals to local keytab\n"
+ " principal\tKerberos principal to add to "
+ "keytab\n");
+ return 0;
+ }
+
d_printf("Processing principals to add...\n");
if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
return -1;
@@ -2015,6 +2141,13 @@ static int net_ads_keytab_create(struct net_context *c, int argc, const char **a
ADS_STRUCT *ads;
int ret;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads keytab create\n"
+ " Create new default keytab\n");
+ return 0;
+ }
+
if (!ADS_ERR_OK(ads_startup(c, true, &ads))) {
return -1;
}
@@ -2027,6 +2160,14 @@ static int net_ads_keytab_list(struct net_context *c, int argc, const char **arg
{
const char *keytab = NULL;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads keytab list [keytab]\n"
+ " List a local keytab\n"
+ " keytab\tKeytab to list\n");
+ return 0;
+ }
+
if (argc >= 1) {
keytab = argv[0];
}
@@ -2037,13 +2178,40 @@ static int net_ads_keytab_list(struct net_context *c, int argc, const char **arg
int net_ads_keytab(struct net_context *c, int argc, const char **argv)
{
- struct functable func[] = {
- {"ADD", net_ads_keytab_add},
- {"CREATE", net_ads_keytab_create},
- {"FLUSH", net_ads_keytab_flush},
- {"HELP", net_ads_keytab_usage},
- {"LIST", net_ads_keytab_list},
- {NULL, NULL}
+ struct functable3 func[] = {
+ {
+ "add",
+ net_ads_keytab_add,
+ NET_TRANSPORT_ADS,
+ "Add a service principal",
+ "net ads keytab add\n"
+ " Add a service principal"
+ },
+ {
+ "create",
+ net_ads_keytab_create,
+ NET_TRANSPORT_ADS,
+ "Create a fresh keytab",
+ "net ads keytab create\n"
+ " Create a fresh keytab"
+ },
+ {
+ "flush",
+ net_ads_keytab_flush,
+ NET_TRANSPORT_ADS,
+ "Remove all keytab entries",
+ "net ads keytab flush\n"
+ " Remove all keytab entries"
+ },
+ {
+ "list",
+ net_ads_keytab_list,
+ NET_TRANSPORT_ADS,
+ "List a keytab",
+ "net ads keytab list\n"
+ " List a keytab"
+ },
+ {NULL, NULL, 0, NULL, NULL}
};
if (!lp_use_kerberos_keytab()) {
@@ -2051,26 +2219,21 @@ int net_ads_keytab(struct net_context *c, int argc, const char **argv)
use keytab functions.\n");
}
- return net_run_function(c, argc, argv, func, net_ads_keytab_usage);
+ return net_run_function3(c, argc, argv, "net ads keytab", func);
}
-static int net_ads_kerberos_usage(struct net_context *c, int argc, const char **argv)
+static int net_ads_kerberos_renew(struct net_context *c, int argc, const char **argv)
{
- d_printf(
- "net ads kerberos <COMMAND>\n"\
- "<COMMAND> can be either:\n"\
- " RENEW Renew TGT from existing credential cache\n"\
- " PAC Dumps the Kerberos PAC\n"\
- " KINIT Retrieve Ticket Granting Ticket (TGT)\n"\
- "\n"
- );
+ int ret = -1;
- return -1;
-}
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads kerberos renew\n"
+ " Renew TGT from existing credential cache\n");
+ return 0;
+ }
-static int net_ads_kerberos_renew(struct net_context *c, int argc, const char **argv)
-{
- int ret = smb_krb5_renew_ticket(NULL, NULL, NULL, NULL);
+ ret = smb_krb5_renew_ticket(NULL, NULL, NULL, NULL);
if (ret) {
d_printf("failed to renew kerberos ticket: %s\n",
error_message(ret));
@@ -2086,6 +2249,13 @@ static int net_ads_kerberos_pac(struct net_context *c, int argc, const char **ar
NTSTATUS status;
int ret = -1;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads kerberos pac\n"
+ " Dump the Kerberos PAC\n");
+ return 0;
+ }
+
mem_ctx = talloc_init("net_ads_kerberos_pac");
if (!mem_ctx) {
goto out;
@@ -2129,6 +2299,13 @@ static int net_ads_kerberos_kinit(struct net_context *c, int argc, const char **
int ret = -1;
NTSTATUS status;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net ads kerberos kinit\n"
+ " Get Ticket Granting Ticket (TGT) for the user\n");
+ return 0;
+ }
+
mem_ctx = talloc_init("net_ads_kerberos_kinit");
if (!mem_ctx) {
goto out;
@@ -2156,65 +2333,196 @@ static int net_ads_kerberos_kinit(struct net_context *c, int argc, const char **
int net_ads_kerberos(struct net_context *c, int argc, const char **argv)
{
- struct functable func[] = {
- {"KINIT", net_ads_kerberos_kinit},
- {"RENEW", net_ads_kerberos_renew},
- {"PAC", net_ads_kerberos_pac},
- {"HELP", net_ads_kerberos_usage},
- {NULL, NULL}
+ struct functable3 func[] = {
+ {
+ "kinit",
+ net_ads_kerberos_kinit,
+ NET_TRANSPORT_ADS,
+ "Retrieve Ticket Granting Ticket (TGT)",
+ "net ads kerberos kinit\n"
+ " Receive Ticket Granting Ticket (TGT)"
+ },
+ {
+ "renew",
+ net_ads_kerberos_renew,
+ NET_TRANSPORT_ADS,
+ "Renew Ticket Granting Ticket from credential cache"
+ "net ads kerberos renew\n"
+ " Renew Ticket Granting Ticket from credential cache"
+ },
+ {
+ "pac",
+ net_ads_kerberos_pac,
+ NET_TRANSPORT_ADS,
+ "Dump Kerberos PAC",
+ "net ads kerberos pac\n"
+ " Dump Kerberos PAC"
+ },
+ {NULL, NULL, 0, NULL, NULL}
};
- return net_run_function(c, argc, argv, func, net_ads_kerberos_usage);
-}
-
-
-int net_ads_usage(struct net_context *c, int argc, const char **argv)
-{
- struct functable func[] = {
- {"USER", net_ads_user_usage},
- {"GROUP", net_ads_group_usage},
- {"PRINTER", net_ads_printer_usage},
- {"SEARCH", net_ads_search_usage},
- {"INFO", net_ads_info},
- {"JOIN", net_ads_join_usage},
- {"DNS", net_ads_dns_usage},
- {"LEAVE", net_ads_leave},
- {"STATUS", net_ads_status},
- {"PASSWORD", net_ads_password},
- {"CHANGETRUSTPW", net_ads_changetrustpw},
- {NULL, NULL}
- };
-
- return net_run_function(c, argc, argv, func, net_ads_help);
+ return net_run_function3(c, argc, argv, "net ads kerberos", func);
}
int net_ads(struct net_context *c, int argc, const char **argv)
{
- struct functable func[] = {
- {"INFO", net_ads_info},
- {"JOIN", net_ads_join},
- {"TESTJOIN", net_ads_testjoin},
- {"LEAVE", net_ads_leave},
- {"STATUS", net_ads_status},
- {"USER", net_ads_user},
- {"GROUP", net_ads_group},
- {"DNS", net_ads_dns},
- {"PASSWORD", net_ads_password},
- {"CHANGETRUSTPW", net_ads_changetrustpw},
- {"PRINTER", net_ads_printer},
- {"SEARCH", net_ads_search},
- {"DN", net_ads_dn},
- {"SID", net_ads_sid},
- {"WORKGROUP", net_ads_workgroup},
- {"LOOKUP", net_ads_lookup},
- {"KEYTAB", net_ads_keytab},
- {"GPO", net_ads_gpo},
- {"KERBEROS", net_ads_kerberos},
- {"HELP", net_ads_help},
- {NULL, NULL}
+ struct functable3 func[] = {
+ {
+ "info",
+ net_ads_info,
+ NET_TRANSPORT_ADS,
+ "Display details on remote ADS server",
+ "net ads info\n"
+ " Display details on remote ADS server"
+ },
+ {
+ "join",
+ net_ads_join,
+ NET_TRANSPORT_ADS,
+ "Join the local machine to ADS realm",
+ "net ads join\n"
+ " Join the local machine to ADS realm"
+ },
+ {
+ "testjoin",
+ net_ads_testjoin,
+ NET_TRANSPORT_ADS,
+ "Validate machine account",
+ "net ads testjoin\n"
+ " Validate machine account"
+ },
+ {
+ "leave",
+ net_ads_leave,
+ NET_TRANSPORT_ADS,
+ "Remove the local machine from ADS",
+ "net ads leave\n"
+ " Remove the local machine from ADS"
+ },
+ {
+ "status",
+ net_ads_status,
+ NET_TRANSPORT_ADS,
+ "Display machine account details",
+ "net ads status\n"
+ " Display machine account details"
+ },
+ {
+ "user",
+ net_ads_user,
+ NET_TRANSPORT_ADS,
+ "List/modify users",
+ "net ads user\n"
+ " List/modify users"
+ },
+ {
+ "group",
+ net_ads_group,
+ NET_TRANSPORT_ADS,
+ "List/modify groups",
+ "net ads group\n"
+ " List/modify groups"
+ },
+ {
+ "dns",
+ net_ads_dns,
+ NET_TRANSPORT_ADS,
+ "Issue dynamic DNS update",
+ "net ads dns\n"
+ " Issue dynamic DNS update"
+ },
+ {
+ "password",
+ net_ads_password,
+ NET_TRANSPORT_ADS,
+ "Change user passwords",
+ "net ads password\n"
+ " Change user passwords"
+ },
+ {
+ "changetrustpw",
+ net_ads_changetrustpw,
+ NET_TRANSPORT_ADS,
+ "Change trust account password",
+ "net ads changetrustpw\n"
+ " Change trust account password"
+ },
+ {
+ "printer",
+ net_ads_printer,
+ NET_TRANSPORT_ADS,
+ "List/modify printer entries",
+ "net ads printer\n"
+ " List/modify printer entries"
+ },
+ {
+ "search",
+ net_ads_search,
+ NET_TRANSPORT_ADS,
+ "Issue LDAP search using filter",
+ "net ads search\n"
+ " Issue LDAP search using filter"
+ },
+ {
+ "dn",
+ net_ads_dn,
+ NET_TRANSPORT_ADS,
+ "Issue LDAP search by DN",
+ "net ads dn\n"
+ " Issue LDAP search by DN"
+ },
+ {
+ "sid",
+ net_ads_sid,
+ NET_TRANSPORT_ADS,
+ "Issue LDAP search by SID",
+ "net ads sid\n"
+ " Issue LDAP search by SID"
+ },
+ {
+ "workgroup",
+ net_ads_workgroup,
+ NET_TRANSPORT_ADS,
+ "Display workgroup name",
+ "net ads workgroup\n"
+ " Display the workgroup name"
+ },
+ {
+ "lookup",
+ net_ads_lookup,
+ NET_TRANSPORT_ADS,
+ "Perfom CLDAP query on DC",
+ "net ads lookup\n"
+ " Find the ADS DC using CLDAP lookups"
+ },
+ {
+ "keytab",
+ net_ads_keytab,
+ NET_TRANSPORT_ADS,
+ "Manage local keytab file",
+ "net ads keytab\n"
+ " Manage local keytab file"
+ },
+ {
+ "gpo",
+ net_ads_gpo,
+ NET_TRANSPORT_ADS,
+ "Manage group policy objects",
+ "net ads gpo\n"
+ " Manage group policy objects"
+ },
+ {
+ "kerberos",
+ net_ads_kerberos,
+ NET_TRANSPORT_ADS,
+ "Manage kerberos keytab",
+ "net ads kerberos\n"
+ " Manage kerberos keytab"
+ },
+ {NULL, NULL, 0, NULL, NULL}
};
- return net_run_function(c, argc, argv, func, net_ads_help);
+ return net_run_function3(c, argc, argv, "net ads", func);
}
#else
@@ -2235,16 +2543,6 @@ int net_ads_kerberos(struct net_context *c, int argc, const char **argv)
return net_ads_noads();
}
-int net_ads_usage(struct net_context *c, int argc, const char **argv)
-{
- return net_ads_noads();
-}
-
-int net_ads_help(struct net_context *c, int argc, const char **argv)
-{
- return net_ads_noads();
-}
-
int net_ads_changetrustpw(struct net_context *c, int argc, const char **argv)
{
return net_ads_noads();
diff --git a/source3/utils/net_proto.h b/source3/utils/net_proto.h
index 79ff8fed79..0d4714cf9f 100644
--- a/source3/utils/net_proto.h
+++ b/source3/utils/net_proto.h
@@ -46,7 +46,6 @@ uint32 get_sec_channel_type(const char *param);
/* The following definitions come from utils/net_ads.c */
-int net_ads_help(struct net_context *c, int argc, const char **argv);
ADS_STATUS ads_startup(struct net_context *c, bool only_own_domain, ADS_STRUCT **ads);
ADS_STATUS ads_startup_nobind(struct net_context *c, bool only_own_domain, ADS_STRUCT **ads);
int net_ads_check_our_domain(struct net_context *c);
@@ -59,7 +58,6 @@ int net_ads_printer_usage(struct net_context *c, int argc, const char **argv);
int net_ads_changetrustpw(struct net_context *c, int argc, const char **argv);
int net_ads_keytab(struct net_context *c, int argc, const char **argv);
int net_ads_kerberos(struct net_context *c, int argc, const char **argv);
-int net_ads_usage(struct net_context *c, int argc, const char **argv);
int net_ads(struct net_context *c, int argc, const char **argv);
/* The following definitions come from utils/net_ads_gpo.c */