diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/libnet/config.mk | 1 | ||||
-rw-r--r-- | source4/libnet/libnet_vampire.c | 50 | ||||
-rw-r--r-- | source4/libnet/libnet_vampire.h | 5 | ||||
-rw-r--r-- | source4/utils/net/net.c | 3 | ||||
-rw-r--r-- | source4/utils/net/net_join.c | 67 | ||||
-rw-r--r-- | source4/utils/net/net_vampire.c | 2 |
6 files changed, 113 insertions, 15 deletions
diff --git a/source4/libnet/config.mk b/source4/libnet/config.mk index 0890941398..231d67cf35 100644 --- a/source4/libnet/config.mk +++ b/source4/libnet/config.mk @@ -1,5 +1,6 @@ [SUBSYSTEM::LIBSAMBA-NET] PRIVATE_PROTO_HEADER = libnet_proto.h +PRIVATE_DEPENDENCIES = PROVISION OBJ_FILES = \ libnet.o \ libnet_passwd.o \ diff --git a/source4/libnet/libnet_vampire.c b/source4/libnet/libnet_vampire.c index cd9167f541..476b97954f 100644 --- a/source4/libnet/libnet_vampire.c +++ b/source4/libnet/libnet_vampire.c @@ -37,6 +37,7 @@ #include "lib/ldb_wrap.h" #include "auth/auth.h" #include "param/param.h" +#include "param/provision.h" /* List of tasks vampire.py must perform: @@ -52,7 +53,6 @@ List of tasks vampire.py must perform: */ struct vampire_state { - struct libnet_context *ctx; const char *netbios_name; struct libnet_JoinDomain *join; struct cli_credentials *machine_account; @@ -93,7 +93,7 @@ static NTSTATUS vampire_prepare_db(void *private_data, settings.schema_dn_str = p->forest->schema_dn_str; settings.netbios_name = p->dest_dsa->netbios_name; settings.realm = s->join->out.realm; - settings.domain = s->join->out.domain; + settings.domain = s->join->out.domain_name; settings.server_dn_str = p->dest_dsa->server_dn_str; settings.machine_password = generate_random_str(s, 16); settings.targetdir = s->targetdir; @@ -115,18 +115,13 @@ static NTSTATUS vampire_prepare_db(void *private_data, return NT_STATUS_INTERNAL_DB_ERROR; } - /* We must set these up to ensure the replMetaData is written correctly, before our NTDS Settings entry is replicated */ + /* We must set these up to ensure the replMetaData is written correctly, + before our NTDS Settings entry is replicated */ ok = samdb_set_ntds_invocation_id(s->ldb, &p->dest_dsa->invocation_id); if (!ok) { DEBUG(0,("Failed to set cached ntds invocationId\n")); return NT_STATUS_FOOBAR; } - ok = samdb_set_ntds_objectGUID(s->ldb, &p->dest_dsa->ntds_guid); - if (!ok) { - DEBUG(0,("Failed to set cached ntds objectGUID\n")); - return NT_STATUS_FOOBAR; - } - s->lp_ctx = lp_ctx; return NT_STATUS_OK; @@ -591,10 +586,11 @@ static NTSTATUS vampire_store_chunk(void *private_data, return NT_STATUS_OK; } -NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, - struct libnet_vampire *r) +NTSTATUS libnet_Vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, + struct libnet_Vampire *r) { struct libnet_JoinDomain *join; + struct libnet_set_join_secrets *set_secrets; struct libnet_BecomeDC b; struct libnet_UnbecomeDC u; struct vampire_state *s; @@ -651,6 +647,8 @@ NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, s->join = join; + s->targetdir = r->in.targetdir; + ZERO_STRUCT(b); b.in.domain_dns_name = join->out.realm; b.in.domain_netbios_name = join->out.domain_name; @@ -665,7 +663,7 @@ NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, b.in.callbacks.config_chunk = vampire_store_chunk; b.in.callbacks.domain_chunk = vampire_store_chunk; - status = libnet_BecomeDC(s->ctx, s, &b); + status = libnet_BecomeDC(ctx, s, &b); if (!NT_STATUS_IS_OK(status)) { printf("libnet_BecomeDC() failed - %s\n", nt_errstr(status)); talloc_free(s); @@ -703,4 +701,32 @@ NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, talloc_free(s); return NT_STATUS_INTERNAL_DB_ERROR; } + + set_secrets = talloc_zero(s, struct libnet_set_join_secrets); + if (!set_secrets) { + return NT_STATUS_NO_MEMORY; + } + + set_secrets->in.domain_name = join->out.domain_name; + set_secrets->in.realm = join->out.realm; + set_secrets->in.account_name = account_name; + set_secrets->in.netbios_name = netbios_name; + set_secrets->in.join_type = SEC_CHAN_BDC; + set_secrets->in.join_password = join->out.join_password; + set_secrets->in.kvno = join->out.kvno; + set_secrets->in.domain_sid = join->out.domain_sid; + + status = libnet_set_join_secrets(ctx, set_secrets, set_secrets); + if (!NT_STATUS_IS_OK(status)) { + r->out.error_string = talloc_steal(mem_ctx, set_secrets->out.error_string); + talloc_free(s); + return status; + } + + r->out.domain_name = talloc_steal(r, join->out.domain_name); + r->out.domain_sid = talloc_steal(r, join->out.domain_sid); + talloc_free(s); + + return NT_STATUS_OK; + } diff --git a/source4/libnet/libnet_vampire.h b/source4/libnet/libnet_vampire.h index af461139ff..5e0c7594b2 100644 --- a/source4/libnet/libnet_vampire.h +++ b/source4/libnet/libnet_vampire.h @@ -22,13 +22,16 @@ #ifndef __LIBNET_VAMPIRE_H__ #define __LIBNET_VAMPIRE_H__ -struct libnet_vampire { +struct libnet_Vampire { struct { const char *domain_name; const char *netbios_name; + const char *targetdir; } in; struct { + struct dom_sid *domain_sid; + const char *domain_name; const char *error_string; } out; }; diff --git a/source4/utils/net/net.c b/source4/utils/net/net.c index e0865c4416..c908ea6279 100644 --- a/source4/utils/net/net.c +++ b/source4/utils/net/net.c @@ -102,7 +102,8 @@ static const struct net_functable net_functable[] = { {"time", "get remote server's time\n", net_time, net_time_usage}, {"join", "join a domain\n", net_join, net_join_usage}, {"samdump", "dump the sam of a domain\n", net_samdump, net_samdump_usage}, - {"samsync", "synchronise into the local ldb the sam of a domain\n", net_samsync_ldb, net_samsync_ldb_usage}, + {"vampire", "join and syncronise an AD domain onto the local server\n", net_vampire, net_vampire_usage}, + {"samsync", "synchronise into the local ldb the sam of an NT4 domain\n", net_samsync_ldb, net_samsync_ldb_usage}, {"user", "manage user accounts\n", net_user, net_user_usage}, {NULL, NULL, NULL, NULL} }; diff --git a/source4/utils/net/net_join.c b/source4/utils/net/net_join.c index 08a4fbd4a1..abdcbf6027 100644 --- a/source4/utils/net/net_join.c +++ b/source4/utils/net/net_join.c @@ -100,3 +100,70 @@ int net_join_help(struct net_context *ctx, int argc, const char **argv) d_printf("Joins domain as either member or backup domain controller.\n"); return 0; } + +int net_vampire(struct net_context *ctx, int argc, const char **argv) +{ + NTSTATUS status; + struct libnet_context *libnetctx; + struct libnet_Vampire *r; + char *tmp, *targetdir = NULL; + const char *domain_name; + + switch (argc) { + case 0: /* no args -> fail */ + return net_vampire_usage(ctx, argc, argv); + case 1: /* only DOMAIN */ + tmp = talloc_strdup(ctx->mem_ctx, argv[0]); + break; + case 2: /* domain and target dir */ + tmp = talloc_strdup(ctx->mem_ctx, argv[0]); + targetdir = talloc_strdup(ctx->mem_ctx, argv[1]); + break; + default: /* too many args -> fail */ + return net_vampire_usage(ctx, argc, argv); + } + + domain_name = tmp; + + libnetctx = libnet_context_init(NULL, ctx->lp_ctx); + if (!libnetctx) { + return -1; + } + libnetctx->cred = ctx->credentials; + r = talloc(ctx->mem_ctx, struct libnet_Vampire); + if (!r) { + return -1; + } + /* prepare parameters for the vampire */ + r->in.netbios_name = lp_netbios_name(ctx->lp_ctx); + r->in.domain_name = domain_name; + r->in.targetdir = targetdir; + r->out.error_string = NULL; + + /* do the domain vampire */ + status = libnet_Vampire(libnetctx, r, r); + + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "Vampire of domain failed: %s\n", + r->out.error_string ? r->out.error_string : nt_errstr(status)); + talloc_free(r); + talloc_free(libnetctx); + return -1; + } + d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx->mem_ctx, r->out.domain_sid)); + + talloc_free(libnetctx); + return 0; +} + +int net_vampire_usage(struct net_context *ctx, int argc, const char **argv) +{ + d_printf("net vampire <domain> [options]\n"); + return 0; +} + +int net_vampire_help(struct net_context *ctx, int argc, const char **argv) +{ + d_printf("Vampires domain as either member or backup domain controller.\n"); + return 0; +} diff --git a/source4/utils/net/net_vampire.c b/source4/utils/net/net_vampire.c index c798112d7b..4f6371d617 100644 --- a/source4/utils/net/net_vampire.c +++ b/source4/utils/net/net_vampire.c @@ -169,7 +169,7 @@ int net_samsync_ldb(struct net_context *ctx, int argc, const char **argv) int net_samsync_ldb_usage(struct net_context *ctx, int argc, const char **argv) { - d_printf("net samsync_ldb\n"); + d_printf("net samsync\n"); return 0; } |