summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
Diffstat (limited to 'source4')
-rw-r--r--source4/libnet/config.mk1
-rw-r--r--source4/libnet/libnet_vampire.c50
-rw-r--r--source4/libnet/libnet_vampire.h5
-rw-r--r--source4/utils/net/net.c3
-rw-r--r--source4/utils/net/net_join.c67
-rw-r--r--source4/utils/net/net_vampire.c2
6 files changed, 113 insertions, 15 deletions
diff --git a/source4/libnet/config.mk b/source4/libnet/config.mk
index 0890941398..231d67cf35 100644
--- a/source4/libnet/config.mk
+++ b/source4/libnet/config.mk
@@ -1,5 +1,6 @@
[SUBSYSTEM::LIBSAMBA-NET]
PRIVATE_PROTO_HEADER = libnet_proto.h
+PRIVATE_DEPENDENCIES = PROVISION
OBJ_FILES = \
libnet.o \
libnet_passwd.o \
diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c
index cd9167f541..476b97954f 100644
--- a/source4/libnet/libnet_vampire.c
+++ b/source4/libnet/libnet_vampire.c
@@ -37,6 +37,7 @@
#include "lib/ldb_wrap.h"
#include "auth/auth.h"
#include "param/param.h"
+#include "param/provision.h"
/*
List of tasks vampire.py must perform:
@@ -52,7 +53,6 @@ List of tasks vampire.py must perform:
*/
struct vampire_state {
- struct libnet_context *ctx;
const char *netbios_name;
struct libnet_JoinDomain *join;
struct cli_credentials *machine_account;
@@ -93,7 +93,7 @@ static NTSTATUS vampire_prepare_db(void *private_data,
settings.schema_dn_str = p->forest->schema_dn_str;
settings.netbios_name = p->dest_dsa->netbios_name;
settings.realm = s->join->out.realm;
- settings.domain = s->join->out.domain;
+ settings.domain = s->join->out.domain_name;
settings.server_dn_str = p->dest_dsa->server_dn_str;
settings.machine_password = generate_random_str(s, 16);
settings.targetdir = s->targetdir;
@@ -115,18 +115,13 @@ static NTSTATUS vampire_prepare_db(void *private_data,
return NT_STATUS_INTERNAL_DB_ERROR;
}
- /* We must set these up to ensure the replMetaData is written correctly, before our NTDS Settings entry is replicated */
+ /* We must set these up to ensure the replMetaData is written correctly,
+ before our NTDS Settings entry is replicated */
ok = samdb_set_ntds_invocation_id(s->ldb, &p->dest_dsa->invocation_id);
if (!ok) {
DEBUG(0,("Failed to set cached ntds invocationId\n"));
return NT_STATUS_FOOBAR;
}
- ok = samdb_set_ntds_objectGUID(s->ldb, &p->dest_dsa->ntds_guid);
- if (!ok) {
- DEBUG(0,("Failed to set cached ntds objectGUID\n"));
- return NT_STATUS_FOOBAR;
- }
-
s->lp_ctx = lp_ctx;
return NT_STATUS_OK;
@@ -591,10 +586,11 @@ static NTSTATUS vampire_store_chunk(void *private_data,
return NT_STATUS_OK;
}
-NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
- struct libnet_vampire *r)
+NTSTATUS libnet_Vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
+ struct libnet_Vampire *r)
{
struct libnet_JoinDomain *join;
+ struct libnet_set_join_secrets *set_secrets;
struct libnet_BecomeDC b;
struct libnet_UnbecomeDC u;
struct vampire_state *s;
@@ -651,6 +647,8 @@ NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
s->join = join;
+ s->targetdir = r->in.targetdir;
+
ZERO_STRUCT(b);
b.in.domain_dns_name = join->out.realm;
b.in.domain_netbios_name = join->out.domain_name;
@@ -665,7 +663,7 @@ NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
b.in.callbacks.config_chunk = vampire_store_chunk;
b.in.callbacks.domain_chunk = vampire_store_chunk;
- status = libnet_BecomeDC(s->ctx, s, &b);
+ status = libnet_BecomeDC(ctx, s, &b);
if (!NT_STATUS_IS_OK(status)) {
printf("libnet_BecomeDC() failed - %s\n", nt_errstr(status));
talloc_free(s);
@@ -703,4 +701,32 @@ NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
talloc_free(s);
return NT_STATUS_INTERNAL_DB_ERROR;
}
+
+ set_secrets = talloc_zero(s, struct libnet_set_join_secrets);
+ if (!set_secrets) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ set_secrets->in.domain_name = join->out.domain_name;
+ set_secrets->in.realm = join->out.realm;
+ set_secrets->in.account_name = account_name;
+ set_secrets->in.netbios_name = netbios_name;
+ set_secrets->in.join_type = SEC_CHAN_BDC;
+ set_secrets->in.join_password = join->out.join_password;
+ set_secrets->in.kvno = join->out.kvno;
+ set_secrets->in.domain_sid = join->out.domain_sid;
+
+ status = libnet_set_join_secrets(ctx, set_secrets, set_secrets);
+ if (!NT_STATUS_IS_OK(status)) {
+ r->out.error_string = talloc_steal(mem_ctx, set_secrets->out.error_string);
+ talloc_free(s);
+ return status;
+ }
+
+ r->out.domain_name = talloc_steal(r, join->out.domain_name);
+ r->out.domain_sid = talloc_steal(r, join->out.domain_sid);
+ talloc_free(s);
+
+ return NT_STATUS_OK;
+
}
diff --git a/source4/libnet/libnet_vampire.h b/source4/libnet/libnet_vampire.h
index af461139ff..5e0c7594b2 100644
--- a/source4/libnet/libnet_vampire.h
+++ b/source4/libnet/libnet_vampire.h
@@ -22,13 +22,16 @@
#ifndef __LIBNET_VAMPIRE_H__
#define __LIBNET_VAMPIRE_H__
-struct libnet_vampire {
+struct libnet_Vampire {
struct {
const char *domain_name;
const char *netbios_name;
+ const char *targetdir;
} in;
struct {
+ struct dom_sid *domain_sid;
+ const char *domain_name;
const char *error_string;
} out;
};
diff --git a/source4/utils/net/net.c b/source4/utils/net/net.c
index e0865c4416..c908ea6279 100644
--- a/source4/utils/net/net.c
+++ b/source4/utils/net/net.c
@@ -102,7 +102,8 @@ static const struct net_functable net_functable[] = {
{"time", "get remote server's time\n", net_time, net_time_usage},
{"join", "join a domain\n", net_join, net_join_usage},
{"samdump", "dump the sam of a domain\n", net_samdump, net_samdump_usage},
- {"samsync", "synchronise into the local ldb the sam of a domain\n", net_samsync_ldb, net_samsync_ldb_usage},
+ {"vampire", "join and syncronise an AD domain onto the local server\n", net_vampire, net_vampire_usage},
+ {"samsync", "synchronise into the local ldb the sam of an NT4 domain\n", net_samsync_ldb, net_samsync_ldb_usage},
{"user", "manage user accounts\n", net_user, net_user_usage},
{NULL, NULL, NULL, NULL}
};
diff --git a/source4/utils/net/net_join.c b/source4/utils/net/net_join.c
index 08a4fbd4a1..abdcbf6027 100644
--- a/source4/utils/net/net_join.c
+++ b/source4/utils/net/net_join.c
@@ -100,3 +100,70 @@ int net_join_help(struct net_context *ctx, int argc, const char **argv)
d_printf("Joins domain as either member or backup domain controller.\n");
return 0;
}
+
+int net_vampire(struct net_context *ctx, int argc, const char **argv)
+{
+ NTSTATUS status;
+ struct libnet_context *libnetctx;
+ struct libnet_Vampire *r;
+ char *tmp, *targetdir = NULL;
+ const char *domain_name;
+
+ switch (argc) {
+ case 0: /* no args -> fail */
+ return net_vampire_usage(ctx, argc, argv);
+ case 1: /* only DOMAIN */
+ tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
+ break;
+ case 2: /* domain and target dir */
+ tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
+ targetdir = talloc_strdup(ctx->mem_ctx, argv[1]);
+ break;
+ default: /* too many args -> fail */
+ return net_vampire_usage(ctx, argc, argv);
+ }
+
+ domain_name = tmp;
+
+ libnetctx = libnet_context_init(NULL, ctx->lp_ctx);
+ if (!libnetctx) {
+ return -1;
+ }
+ libnetctx->cred = ctx->credentials;
+ r = talloc(ctx->mem_ctx, struct libnet_Vampire);
+ if (!r) {
+ return -1;
+ }
+ /* prepare parameters for the vampire */
+ r->in.netbios_name = lp_netbios_name(ctx->lp_ctx);
+ r->in.domain_name = domain_name;
+ r->in.targetdir = targetdir;
+ r->out.error_string = NULL;
+
+ /* do the domain vampire */
+ status = libnet_Vampire(libnetctx, r, r);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "Vampire of domain failed: %s\n",
+ r->out.error_string ? r->out.error_string : nt_errstr(status));
+ talloc_free(r);
+ talloc_free(libnetctx);
+ return -1;
+ }
+ d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx->mem_ctx, r->out.domain_sid));
+
+ talloc_free(libnetctx);
+ return 0;
+}
+
+int net_vampire_usage(struct net_context *ctx, int argc, const char **argv)
+{
+ d_printf("net vampire <domain> [options]\n");
+ return 0;
+}
+
+int net_vampire_help(struct net_context *ctx, int argc, const char **argv)
+{
+ d_printf("Vampires domain as either member or backup domain controller.\n");
+ return 0;
+}
diff --git a/source4/utils/net/net_vampire.c b/source4/utils/net/net_vampire.c
index c798112d7b..4f6371d617 100644
--- a/source4/utils/net/net_vampire.c
+++ b/source4/utils/net/net_vampire.c
@@ -169,7 +169,7 @@ int net_samsync_ldb(struct net_context *ctx, int argc, const char **argv)
int net_samsync_ldb_usage(struct net_context *ctx, int argc, const char **argv)
{
- d_printf("net samsync_ldb\n");
+ d_printf("net samsync\n");
return 0;
}