summaryrefslogtreecommitdiff
path: root/source4/libnet/libnet_join.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/libnet/libnet_join.c')
-rw-r--r--source4/libnet/libnet_join.c114
1 files changed, 66 insertions, 48 deletions
diff --git a/source4/libnet/libnet_join.c b/source4/libnet/libnet_join.c
index 78f239eab5..ec366aeb73 100644
--- a/source4/libnet/libnet_join.c
+++ b/source4/libnet/libnet_join.c
@@ -227,7 +227,11 @@ static NTSTATUS libnet_JoinADSDomain(struct libnet_context *ctx, struct libnet_J
}
*drsuapi_binding = *samr_binding;
- drsuapi_binding->transport = NCACN_IP_TCP;
+
+ /* DRSUAPI is only available on IP_TCP, and locally on NCALRPC */
+ if (drsuapi_binding->transport != NCALRPC) {
+ drsuapi_binding->transport = NCACN_IP_TCP;
+ }
drsuapi_binding->endpoint = NULL;
drsuapi_binding->flags |= DCERPC_SEAL;
@@ -655,52 +659,57 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
lsa_open_policy.out.handle = &lsa_p_handle;
status = dcerpc_lsa_OpenPolicy2(lsa_pipe, tmp_ctx, &lsa_open_policy);
- if (!NT_STATUS_IS_OK(status)) {
- r->out.error_string = talloc_asprintf(mem_ctx,
- "lsa_OpenPolicy2 failed: %s",
- nt_errstr(status));
- talloc_free(tmp_ctx);
- return status;
- }
-
- /* Look to see if this is ADS (a fault indicates NT4 or Samba 3.0) */
-
- lsa_query_info2.in.handle = &lsa_p_handle;
- lsa_query_info2.in.level = LSA_POLICY_INFO_DNS;
- status = dcerpc_lsa_QueryInfoPolicy2(lsa_pipe, tmp_ctx,
- &lsa_query_info2);
-
- if (!NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+ /* This now fails on ncacn_ip_tcp against Win2k3 SP1 */
+ if (NT_STATUS_IS_OK(status)) {
+ /* Look to see if this is ADS (a fault indicates NT4 or Samba 3.0) */
+
+ lsa_query_info2.in.handle = &lsa_p_handle;
+ lsa_query_info2.in.level = LSA_POLICY_INFO_DNS;
+
+ status = dcerpc_lsa_QueryInfoPolicy2(lsa_pipe, tmp_ctx,
+ &lsa_query_info2);
+
+ if (!NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
+ if (!NT_STATUS_IS_OK(status)) {
+ r->out.error_string = talloc_asprintf(mem_ctx,
+ "lsa_QueryInfoPolicy2 failed: %s",
+ nt_errstr(status));
+ talloc_free(tmp_ctx);
+ return status;
+ }
+ realm = lsa_query_info2.out.info->dns.dns_domain.string;
+ }
+
+ /* Grab the domain SID (regardless of the result of the previous call */
+
+ lsa_query_info.in.handle = &lsa_p_handle;
+ lsa_query_info.in.level = LSA_POLICY_INFO_DOMAIN;
+
+ status = dcerpc_lsa_QueryInfoPolicy(lsa_pipe, tmp_ctx,
+ &lsa_query_info);
+
if (!NT_STATUS_IS_OK(status)) {
r->out.error_string = talloc_asprintf(mem_ctx,
- "lsa_QueryInfoPolicy2 failed: %s",
- nt_errstr(status));
+ "lsa_QueryInfoPolicy2 failed: %s",
+ nt_errstr(status));
talloc_free(tmp_ctx);
return status;
}
- realm = lsa_query_info2.out.info->dns.dns_domain.string;
- }
-
- /* Grab the domain SID (regardless of the result of the previous call */
-
- lsa_query_info.in.handle = &lsa_p_handle;
- lsa_query_info.in.level = LSA_POLICY_INFO_DOMAIN;
-
- status = dcerpc_lsa_QueryInfoPolicy(lsa_pipe, tmp_ctx,
- &lsa_query_info);
-
- if (!NT_STATUS_IS_OK(status)) {
- r->out.error_string = talloc_asprintf(mem_ctx,
- "lsa_QueryInfoPolicy2 failed: %s",
- nt_errstr(status));
- talloc_free(tmp_ctx);
- return status;
+
+ domain_sid = lsa_query_info.out.info->domain.sid;
+ domain_name = lsa_query_info.out.info->domain.name.string;
+ } else {
+ /* Cause the code further down to try this with just SAMR */
+ domain_sid = NULL;
+ if (r->in.level == LIBNET_JOINDOMAIN_AUTOMATIC) {
+ domain_name = talloc_strdup(tmp_ctx, r->in.domain_name);
+ } else {
+ /* Bugger, we just lost our way to automaticly find the domain name */
+ domain_name = talloc_strdup(tmp_ctx, lp_workgroup());
+ }
}
- domain_sid = lsa_query_info.out.info->domain.sid;
- domain_name = lsa_query_info.out.info->domain.name.string;
-
DEBUG(0, ("Joining domain %s\n", domain_name));
/*
@@ -766,16 +775,25 @@ NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, stru
return status;
}
- /* check result of samr_Connect */
- if (!NT_STATUS_IS_OK(sc.out.result)) {
- r->out.error_string = talloc_asprintf(mem_ctx,
- "samr_Connect failed: %s",
- nt_errstr(sc.out.result));
- status = sc.out.result;
- talloc_free(tmp_ctx);
- return status;
+ /* Perhaps we didn't get a SID above, because we are against ncacn_ip_tcp */
+ if (!domain_sid) {
+ struct lsa_String name;
+ struct samr_LookupDomain l;
+ name.string = domain_name;
+ l.in.connect_handle = &p_handle;
+ l.in.domain_name = &name;
+
+ status = dcerpc_samr_LookupDomain(samr_pipe, tmp_ctx, &l);
+ if (!NT_STATUS_IS_OK(status)) {
+ r->out.error_string = talloc_asprintf(mem_ctx,
+ "SAMR LookupDomain failed: %s",
+ nt_errstr(status));
+ talloc_free(tmp_ctx);
+ return status;
+ }
+ domain_sid = l.out.sid;
}
-
+
/* prepare samr_OpenDomain */
ZERO_STRUCT(d_handle);
od.in.connect_handle = &p_handle;
generated by cgit (git 2.34.1) at 2024-08-09 08:41:32 +0000