diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/libnet/py_net.c | 56 | ||||
-rw-r--r-- | source4/scripting/python/samba/netcmd/__init__.py | 2 | ||||
-rw-r--r-- | source4/scripting/python/samba/netcmd/vampire.py | 115 | ||||
-rw-r--r-- | source4/utils/net/net.c | 1 | ||||
-rw-r--r-- | source4/utils/net/net_vampire.c | 67 |
5 files changed, 173 insertions, 68 deletions
diff --git a/source4/libnet/py_net.c b/source4/libnet/py_net.c index bd916efe52..f2fc771413 100644 --- a/source4/libnet/py_net.c +++ b/source4/libnet/py_net.c @@ -251,6 +251,61 @@ static PyObject *py_net_user_delete(py_net_Object *self, PyObject *args, PyObjec static const char py_net_delete_user_doc[] = "delete_user(username)\n" "Delete a user."; +static PyObject *py_dom_sid_FromSid(struct dom_sid *sid) +{ + PyObject *mod_security, *dom_sid_Type; + + mod_security = PyImport_ImportModule("samba.dcerpc.security"); + if (mod_security == NULL) + return NULL; + + dom_sid_Type = PyObject_GetAttrString(mod_security, "dom_sid"); + if (dom_sid_Type == NULL) + return NULL; + + return py_talloc_reference((PyTypeObject *)dom_sid_Type, sid); +} + +static PyObject *py_net_vampire(py_net_Object *self, PyObject *args, PyObject *kwargs) +{ + const char *kwnames[] = { "domain", "target_dir", NULL }; + NTSTATUS status; + TALLOC_CTX *mem_ctx; + PyObject *ret; + struct libnet_Vampire r; + + if (!PyArg_ParseTupleAndKeywords(args, kwargs, "s|s", discard_const_p(char *, kwnames), + &r.in.domain_name, &r.in.targetdir)) + return NULL; + + r.in.netbios_name = lp_netbios_name(self->libnet_ctx->lp_ctx); + r.out.error_string = NULL; + + mem_ctx = talloc_new(NULL); + if (mem_ctx == NULL) { + PyErr_NoMemory(); + return NULL; + } + + status = libnet_Vampire(self->libnet_ctx, mem_ctx, &r); + + if (!NT_STATUS_IS_OK(status)) { + PyErr_SetString(PyExc_RuntimeError, + r.out.error_string ? r.out.error_string : nt_errstr(status)); + talloc_free(mem_ctx); + return NULL; + } + + ret = Py_BuildValue("(sO)", r.out.domain_name, py_dom_sid_FromSid(r.out.domain_sid)); + + talloc_free(mem_ctx); + + return ret; +} + +static const char py_net_vampire_doc[] = "vampire(domain, target_dir=None)\n" +"Vampire a domain."; + static PyMethodDef net_obj_methods[] = { {"join", (PyCFunction)py_net_join, METH_VARARGS|METH_KEYWORDS, py_net_join_doc}, {"set_password", (PyCFunction)py_net_set_password, METH_VARARGS|METH_KEYWORDS, py_net_set_password_doc}, @@ -258,6 +313,7 @@ static PyMethodDef net_obj_methods[] = { {"time", (PyCFunction)py_net_time, METH_VARARGS|METH_KEYWORDS, py_net_time_doc}, {"create_user", (PyCFunction)py_net_user_create, METH_VARARGS|METH_KEYWORDS, py_net_create_user_doc}, {"delete_user", (PyCFunction)py_net_user_delete, METH_VARARGS|METH_KEYWORDS, py_net_delete_user_doc}, + {"vampire", (PyCFunction)py_net_vampire, METH_VARARGS|METH_KEYWORDS, py_net_vampire_doc}, { NULL } }; diff --git a/source4/scripting/python/samba/netcmd/__init__.py b/source4/scripting/python/samba/netcmd/__init__.py index d4e21c1b4e..8164bbbe81 100644 --- a/source4/scripting/python/samba/netcmd/__init__.py +++ b/source4/scripting/python/samba/netcmd/__init__.py @@ -153,3 +153,5 @@ from samba.netcmd.time import cmd_time commands["time"] = cmd_time() from samba.netcmd.user import cmd_user commands["user"] = cmd_user() +from samba.netcmd.vampire import cmd_vampire +commands["vampire"] = cmd_vampire() diff --git a/source4/scripting/python/samba/netcmd/vampire.py b/source4/scripting/python/samba/netcmd/vampire.py new file mode 100644 index 0000000000..f5598cff62 --- /dev/null +++ b/source4/scripting/python/samba/netcmd/vampire.py @@ -0,0 +1,115 @@ +#!/usr/bin/python +# +# Vampire +# +# Copyright Jelmer Vernooij 2010 <jelmer@samba.org> +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# + +import samba.getopt as options + +from samba.net import Net + +from samba.netcmd import ( + Command, + Option, + SuperCommand, + ) + +class cmd_vampire(Command): + """Join and synchronise a remote AD domain to the local server.""" + synopsis = "%prog vampire [options] <domain>" + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "credopts": options.CredentialsOptions, + "versionopts": options.VersionOptions, + } + + takes_options = [ + Option("--target-dir", help="Target directory.", type=str), + ] + + takes_args = ["domain"] + + def run(self, domain, target_dir=None, credopts=None, sambaopts=None, versionopts=None): + lp = sambaopts.get_loadparm() + creds = credopts.get_credentials(lp) + net = Net(creds, lp) + (domain_name, domain_sid) = net.vampire(domain=domain, target_dir=target_dir) + self.outf.write("Vampired domain %s (%s)\n" % (domain_name, domain_sid)) + + +class cmd_samdump_keytab(Command): + """Dumps kerberos keys of a domain into a keytab.""" + + synopsis = "%prog samdump keytab [options] <keytab>" + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "credopts": options.CredentialsOptions, + "versionopts": options.VersionOptions, + } + + takes_args = ["keytab"] + + def run(self, keytab, credopts=None, sambaopts=None, versionopts=None): + lp = sambaopts.get_loadparm() + creds = credopts.get_credentials(lp) + net = Net(creds, lp) + net.samdump_keytab(keytab) + + +class cmd_samsync_ldb(Command): + """Synchronise into the local ldb the SAM of a domain.""" + + synopsis = "%prog samsync" + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "credopts": options.CredentialsOptions, + "versionopts": options.VersionOptions, + } + + def run(self, credopts=None, sambaopts=None, versionopts=None): + lp = sambaopts.get_loadparm() + creds = credopts.get_credentials(lp) + net = Net(creds, lp) + net.samdump() + + +class cmd_samsync(SuperCommand): + + commands = { + "ldb": cmd_samsync_ldb() + } + + +class cmd_samdump(Command): + """Dump the sam database.""" + + synopsis = "%prog samdump" + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "credopts": options.CredentialsOptions, + "versionopts": options.VersionOptions, + } + + def run(self, credopts=None, sambaopts=None, versionopts=None): + lp = sambaopts.get_loadparm() + creds = credopts.get_credentials(lp) + net = Net(creds, lp) + net.samdump() diff --git a/source4/utils/net/net.c b/source4/utils/net/net.c index 545bc0f523..398a4709ae 100644 --- a/source4/utils/net/net.c +++ b/source4/utils/net/net.c @@ -199,7 +199,6 @@ static const struct net_functable net_functable[] = { {"password", "change password\n", net_password, net_password_usage}, {"join", "join a domain\n", net_join, net_join_usage}, {"samdump", "dump the sam of a domain\n", net_samdump, net_samdump_usage}, - {"vampire", "join and syncronise an AD domain onto the local server\n", net_vampire, net_vampire_usage}, {"samsync", "synchronise into the local ldb the sam of an NT4 domain\n", net_samsync_ldb, net_samsync_ldb_usage}, {"machinepw", "Get a machine password out of our SAM\n", net_machinepw, net_machinepw_usage}, {"drs", "Implements functionality offered by repadmin.exe utility in Windows\n", net_drs, net_drs_usage}, diff --git a/source4/utils/net/net_vampire.c b/source4/utils/net/net_vampire.c index 1bcc8db5f0..f1f0f9db65 100644 --- a/source4/utils/net/net_vampire.c +++ b/source4/utils/net/net_vampire.c @@ -180,70 +180,3 @@ int net_samsync_ldb_help(struct net_context *ctx, int argc, const char **argv) d_printf("Synchronise into the local ldb the SAM of a domain.\n"); return 0; } - -int net_vampire(struct net_context *ctx, int argc, const char **argv) -{ - NTSTATUS status; - struct libnet_context *libnetctx; - struct libnet_Vampire *r; - char *tmp, *targetdir = NULL; - const char *domain_name; - - switch (argc) { - case 0: /* no args -> fail */ - return net_vampire_usage(ctx, argc, argv); - case 1: /* only DOMAIN */ - tmp = talloc_strdup(ctx, argv[0]); - break; - case 2: /* domain and target dir */ - tmp = talloc_strdup(ctx, argv[0]); - targetdir = talloc_strdup(ctx, argv[1]); - break; - default: /* too many args -> fail */ - return net_vampire_usage(ctx, argc, argv); - } - - domain_name = tmp; - - libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); - if (!libnetctx) { - return -1; - } - libnetctx->cred = ctx->credentials; - r = talloc(ctx, struct libnet_Vampire); - if (!r) { - return -1; - } - /* prepare parameters for the vampire */ - r->in.netbios_name = lp_netbios_name(ctx->lp_ctx); - r->in.domain_name = domain_name; - r->in.targetdir = targetdir; - r->out.error_string = NULL; - - /* do the domain vampire */ - status = libnet_Vampire(libnetctx, r, r); - - if (!NT_STATUS_IS_OK(status)) { - d_fprintf(stderr, "Vampire of domain failed: %s\n", - r->out.error_string ? r->out.error_string : nt_errstr(status)); - talloc_free(r); - talloc_free(libnetctx); - return -1; - } - d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx, r->out.domain_sid)); - - talloc_free(libnetctx); - return 0; -} - -int net_vampire_usage(struct net_context *ctx, int argc, const char **argv) -{ - d_printf("net vampire <domain> [options]\n"); - return 0; -} - -int net_vampire_help(struct net_context *ctx, int argc, const char **argv) -{ - d_printf("Join and synchronise a remote AD domain to the local server.\n"); - return 0; -} |