From cc60b069836cbc355e828675e6f089b6ef22b32e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 13 Apr 2002 08:16:41 +0000 Subject: This is the 'multiple pdb backends' patch from ctrlsoft, aka Jelmer Vernooij . This patch also includes major rework of pdbedit to use popt, and the addition of -i paramter (allowing the user to specify which PDBs is being operated on) and -e to export a pdb - useful for backup and testing etc. Use of -i and -e gets us pdb2pdb functionality for transition between backends, much like the sam2sam in TNG. Andrew Bartlett (This used to be commit c10def37f506d3f2bab442418ac08fdb62659b02) --- source3/utils/pdbedit.c | 428 +++++++++++++----------------------------------- 1 file changed, 110 insertions(+), 318 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 1fb1f2355b..421a72923a 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -4,6 +4,7 @@ Copyright (C) Simo Sorce 2000 Copyright (C) Andrew Bartlett 2001 + Copyright (C) Jelmer Vernooij 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -25,40 +26,40 @@ extern pstring global_myname; extern BOOL AllowDebugChange; -/* - * Next two lines needed for SunOS and don't - * hurt anything else... - */ -extern char *optarg; -extern int optind; - /********************************************************* - Print command usage on stderr and die. -**********************************************************/ -static void usage(void) -{ - if (getuid() == 0) { - printf("pdbedit options\n"); - } else { - printf("You need to be root to use this tool!\n"); + Add all currently available users to another db + ********************************************************/ + +int export_database (struct pdb_context *in, char *db){ + struct pdb_context *context; + SAM_ACCOUNT *user = NULL; + + if(!NT_STATUS_IS_OK(make_pdb_context_name(&context, db))){ + fprintf(stderr, "Can't initialize %s.\n", db); + return 1; + } + + if(!in->pdb_setsampwent(in, 0)){ + fprintf(stderr, "Can't sampwent!\n"); + return 1; + } + + if(!NT_STATUS_IS_OK(pdb_init_sam(&user))){ + fprintf(stderr, "Can't initialize new SAM_ACCOUNT!\n"); + return 1; } - printf("(actually to add a user you need to use smbpasswd)\n"); - printf("options:\n"); - printf(" -l list usernames\n"); - printf(" -v verbose output\n"); - printf(" -w smbpasswd file style\n"); - printf(" -u username print user's info\n"); - printf(" -f fullname set Full Name\n"); - printf(" -h homedir set home directory\n"); - printf(" -d drive set home dir drive\n"); - printf(" -s script set logon script\n"); - printf(" -p profile set profile path\n"); - printf(" -a create new account\n"); - printf(" -m it is a machine trust\n"); - printf(" -x delete this user\n"); - printf(" -i file import account from file (smbpasswd style)\n"); - printf(" -D debuglevel set DEBUGELEVEL (default = 1)\n"); - exit(1); + + while(in->pdb_getsampwent(in,user)){ + context->pdb_add_sam_account(context,user); + if(!NT_STATUS_IS_OK(pdb_reset_sam(user))){ + fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); + return 1; + } + } + + in->pdb_endsampwent(in); + + return 0; } /********************************************************* @@ -126,7 +127,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst Get an Print User Info **********************************************************/ -static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) +static int print_user_info (struct pdb_context *in, char *username, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; @@ -135,7 +136,7 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) return -1; } - ret = pdb_getsampwnam (sam_pwent, username); + ret = in->pdb_getsampwnam (in, sam_pwent, username); if (ret==False) { fprintf (stderr, "Username not found!\n"); @@ -152,13 +153,13 @@ static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) /********************************************************* List Users **********************************************************/ -static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) +static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwdstyle) { SAM_ACCOUNT *sam_pwent=NULL; BOOL check, ret; errno = 0; /* testing --simo */ - check = pdb_setsampwent(False); + check = in->pdb_setsampwent(in, False); if (check && errno == ENOENT) { fprintf (stderr,"Password database not found!\n"); exit(1); @@ -167,7 +168,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) check = True; if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1; - while (check && (ret = pdb_getsampwent (sam_pwent))) { + while (check && (ret = in->pdb_getsampwent (in, sam_pwent))) { if (verbosity) printf ("---------------\n"); print_sam_info (sam_pwent, verbosity, smbpwdstyle); @@ -176,7 +177,7 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) } if (check) pdb_free_sam(&sam_pwent); - pdb_endsampwent(); + in->pdb_endsampwent(in); return 0; } @@ -184,14 +185,14 @@ static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) Set User Info **********************************************************/ -static int set_user_info (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +static int set_user_info (struct pdb_context *in, char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { SAM_ACCOUNT *sam_pwent=NULL; BOOL ret; pdb_init_sam(&sam_pwent); - ret = pdb_getsampwnam (sam_pwent, username); + ret = in->pdb_getsampwnam (in, sam_pwent, username); if (ret==False) { fprintf (stderr, "Username not found!\n"); pdb_free_sam(&sam_pwent); @@ -209,8 +210,8 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d if (profile) pdb_set_profile_path (sam_pwent, profile, True); - if (pdb_update_sam_account (sam_pwent)) - print_user_info (username, True, False); + if (in->pdb_update_sam_account (in, sam_pwent)) + print_user_info (in, username, True, False); else { fprintf (stderr, "Unable to modify entry!\n"); pdb_free_sam(&sam_pwent); @@ -223,7 +224,7 @@ static int set_user_info (char *username, char *fullname, char *homedir, char *d /********************************************************* Add New User **********************************************************/ -static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +static int new_user (struct pdb_context *in, char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) { SAM_ACCOUNT *sam_pwent=NULL; struct passwd *pwd = NULL; @@ -265,8 +266,8 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); - if (pdb_add_sam_account (sam_pwent)) { - print_user_info (username, True, False); + if (in->pdb_add_sam_account (in, sam_pwent)) { + print_user_info (in, username, True, False); } else { fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); pdb_free_sam (&sam_pwent); @@ -280,7 +281,7 @@ static int new_user (char *username, char *fullname, char *homedir, char *drive, Add New Machine **********************************************************/ -static int new_machine (char *machinename) +static int new_machine (struct pdb_context *in, char *machinename) { SAM_ACCOUNT *sam_pwent=NULL; char name[16]; @@ -307,8 +308,8 @@ static int new_machine (char *machinename) pdb_set_group_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS); - if (pdb_add_sam_account (sam_pwent)) { - print_user_info (name, True, False); + if (in->pdb_add_sam_account (in, sam_pwent)) { + print_user_info (in, name, True, False); } else { fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); pdb_free_sam (&sam_pwent); @@ -322,7 +323,7 @@ static int new_machine (char *machinename) Delete user entry **********************************************************/ -static int delete_user_entry (char *username) +static int delete_user_entry (struct pdb_context *in, char *username) { SAM_ACCOUNT *samaccount = NULL; @@ -330,19 +331,19 @@ static int delete_user_entry (char *username) return -1; } - if (!pdb_getsampwnam(samaccount, username)) { + if (!in->pdb_getsampwnam(in, samaccount, username)) { fprintf (stderr, "user %s does not exist in the passdb\n", username); return -1; } - return pdb_delete_sam_account (samaccount); + return in->pdb_delete_sam_account (in, samaccount); } /********************************************************* Delete machine entry **********************************************************/ -static int delete_machine_entry (char *machinename) +static int delete_machine_entry (struct pdb_context *in, char *machinename) { char name[16]; SAM_ACCOUNT *samaccount = NULL; @@ -355,189 +356,12 @@ static int delete_machine_entry (char *machinename) return -1; } - if (!pdb_getsampwnam(samaccount, name)) { + if (!in->pdb_getsampwnam(in, samaccount, name)) { fprintf (stderr, "user %s does not exist in the passdb\n", name); return -1; } - return pdb_delete_sam_account (samaccount); -} - -/********************************************************* - Import smbpasswd style file -**********************************************************/ - -static int import_users (char *filename) -{ - FILE *fp = NULL; - SAM_ACCOUNT *sam_pwent = NULL; - static pstring user_name; - static unsigned char smbpwd[16]; - static unsigned char smbntpwd[16]; - char linebuf[256]; - size_t linebuf_len; - unsigned char c; - unsigned char *p; - long uidval; - int line = 0; - int good = 0; - struct passwd *pwd; - - if((fp = sys_fopen(filename, "rb")) == NULL) { - fprintf (stderr, "%s\n", strerror (ferror (fp))); - return -1; - } - - while (!feof(fp)) { - /*Get a new line*/ - linebuf[0] = '\0'; - fgets(linebuf, 256, fp); - if (ferror(fp)) { - fprintf (stderr, "%s\n", strerror (ferror (fp))); - return -1; - } - if ((linebuf_len = strlen(linebuf)) == 0) { - line++; - continue; - } - if (linebuf[linebuf_len - 1] != '\n') { - c = '\0'; - while (!ferror(fp) && !feof(fp)) { - c = fgetc(fp); - if (c == '\n') break; - } - } else - linebuf[linebuf_len - 1] = '\0'; - linebuf[linebuf_len] = '\0'; - if ((linebuf[0] == 0) && feof(fp)) { - /*end of file!!*/ - return 0; - } - line++; - if (linebuf[0] == '#' || linebuf[0] == '\0') - continue; - - /* Get user name */ - p = (unsigned char *) strchr_m(linebuf, ':'); - if (p == NULL) { - fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); - continue; - } - strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); - user_name[PTR_DIFF(p, linebuf)] = '\0'; - - /* Get smb uid. */ - p++; - if(*p == '-') { - fprintf (stderr, "Error: negative uid at line %d\n", line); - continue; - } - if (!isdigit(*p)) { - fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); - continue; - } - uidval = atoi((char *) p); - while (*p && isdigit(*p)) p++; - if (*p != ':') { - fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); - continue; - } - if(!(pwd = sys_getpwnam(user_name))) { - fprintf(stderr, "User %s does not \ -exist in system password file (usually /etc/passwd). Cannot add \ -account without a valid local system user.\n", user_name); - return False; - } - - if (!NT_STATUS_IS_OK(pdb_init_sam_pw(&sam_pwent, pwd))) { - fprintf(stderr, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name); - return False; - } - - /* Get passwords */ - p++; - if (*p == '*' || *p == 'X') { - /* Password deliberately invalid */ - fprintf (stderr, "Warning: entry invalidated for user %s\n", user_name); - pdb_set_lanman_passwd(sam_pwent, NULL); - pdb_set_nt_passwd(sam_pwent,NULL); - pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_DISABLED); - } else { - if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { - fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); - pdb_free_sam (&sam_pwent); - continue; - } - if (p[32] != ':') { - fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); - pdb_free_sam (&sam_pwent); - continue; - } - if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { - pdb_set_lanman_passwd(sam_pwent, NULL); - pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_PWNOTREQ); - } else { - if (!pdb_gethexpwd((char *)p, smbpwd)) { - fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); - pdb_free_sam (&sam_pwent); - continue; - } - pdb_set_lanman_passwd(sam_pwent, smbpwd); - } - /* NT password */ - p += 33; - if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { - if (*p != '*' && *p != 'X') { - if (pdb_gethexpwd((char *)p,smbntpwd)) { - pdb_set_nt_passwd(sam_pwent, smbntpwd); - } - } - p += 33; - } - } - - /* Get ACCT_CTRL field if any */ - if (*p == '[') { - uint16 acct_ctrl; - unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']'); - - acct_ctrl = pdb_decode_acct_ctrl((char*)p); - if (acct_ctrl) - acct_ctrl = ACB_NORMAL; - - pdb_set_acct_ctrl(sam_pwent, acct_ctrl); - - /* Get last change time */ - if(end_p) - p = end_p + 1; - if(*p == ':') { - p++; - if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) { - int i; - - p += 4; - for(i = 0; i < 8; i++) { - if(p[i] == '\0' || !isxdigit(p[i])) break; - } - if(i == 8) { - pdb_set_pass_last_set_time (sam_pwent, (time_t)strtol((char *)p, NULL, 16)); - } - } - } - } - - /* Now ADD the entry */ - if (!(pdb_add_sam_account (sam_pwent))) { - fprintf (stderr, "Unable to add user entry!\n"); - pdb_free_sam (&sam_pwent); - continue; - } - printf ("%s imported!\n", user_name); - good++; - pdb_free_sam (&sam_pwent); - } - printf ("%d lines read.\n%d entryes imported\n", line, good); - return 0; + return in->pdb_delete_sam_account (in, samaccount); } /********************************************************* @@ -546,7 +370,7 @@ account without a valid local system user.\n", user_name); int main (int argc, char **argv) { - int ch; + struct pdb_context *in; BOOL list_users = False; BOOL verbose = False; BOOL spstyle = False; @@ -555,93 +379,64 @@ int main (int argc, char **argv) BOOL add_user = False; BOOL delete_user = False; BOOL import = False; - char *user_name = NULL; + int opt; char *full_name = NULL; + char *user_name = NULL; char *home_dir = NULL; char *home_drive = NULL; + char *backend_in = NULL; + char *backend_out = NULL; char *logon_script = NULL; char *profile_path = NULL; - char *smbpasswd = NULL; - - setup_logging("pdbedit", True); - - if (argc < 2) { - usage(); - return 0; - } + poptContext pc; + struct poptOption long_options[] = { + POPT_AUTOHELP + {"list", 'l',POPT_ARG_VAL, &list_users, 1, "list all users", NULL}, + {"verbose", 'v',POPT_ARG_VAL, &verbose, 1, "be verbose", NULL }, + {"smbpasswd-style", 'w',POPT_ARG_VAL, &spstyle, 1, "give output in smbpasswd style", NULL}, + {"user", 'u',POPT_ARG_STRING,&user_name, 0, "use username", "USER" }, + {"fullname", 'f',POPT_ARG_STRING,&full_name, 0, "set full name", NULL}, + {"homedir", 'h',POPT_ARG_STRING,&home_dir, 0, "set home directory", NULL}, + {"drive", 'd',POPT_ARG_STRING,&home_drive, 0, "set home drive", NULL}, + {"script", 's',POPT_ARG_STRING,&logon_script, 0, "set logon script", NULL}, + {"profile", 'p',POPT_ARG_STRING,&profile_path, 0, "set profile path", NULL}, + {"create", 'a',POPT_ARG_VAL,&add_user, 1, "create user", NULL}, + {"machine", 'm',POPT_ARG_VAL,&machine, 1,"account is a machine account",NULL}, + {"delete", 'x',POPT_ARG_VAL,&delete_user,1,"delete user",NULL}, + {"import", 'i',POPT_ARG_STRING,&backend_in,0,"use different passdb backend",NULL}, + {"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL}, + {"debuglevel",'D',POPT_ARG_INT,&DEBUGLEVEL,0,"set debuglevel",NULL}, + {0,0,0,0} + }; DEBUGLEVEL = 1; + setup_logging("pdbedit", True); AllowDebugChange = False; - + if (!lp_load(dyn_CONFIGFILE,True,False,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", dyn_CONFIGFILE); exit(1); } - - if(!initialize_password_db(True)) { - fprintf(stderr, "Can't setup password database vectors.\n"); + + backend_in = lp_passdb_backend(); + + pc = poptGetContext(NULL, argc, (const char **) argv, long_options, + POPT_CONTEXT_KEEP_FIRST); + + while((opt = poptGetNextOpt(pc)) != -1); + + setparms = (full_name || home_dir || home_drive || logon_script || profile_path); + + if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) > 1) { + fprintf (stderr, "Incompatible options on command line!\n"); exit(1); } - while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwxD:")) != EOF) { - switch(ch) { - case 'a': - add_user = True; - break; - case 'm': - machine = True; - break; - case 'l': - list_users = True; - break; - case 'v': - verbose = True; - break; - case 'w': - spstyle = True; - break; - case 'u': - user_name = optarg; - break; - case 'f': - setparms = True; - full_name = optarg; - break; - case 'h': - setparms = True; - home_dir = optarg; - break; - case 'd': - setparms = True; - home_drive = optarg; - break; - case 's': - setparms = True; - logon_script = optarg; - break; - case 'p': - setparms = True; - profile_path = optarg; - break; - case 'x': - delete_user = True; - break; - case 'i': - import = True; - smbpasswd = optarg; - break; - case 'D': - DEBUGLEVEL = atoi(optarg); - break; - default: - usage(); - } - } - if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) > 1) { - fprintf (stderr, "Incompatible options on command line!\n"); - usage(); - exit(1); + + if(!NT_STATUS_IS_OK(make_pdb_context_name(&in, backend_in))){ + fprintf(stderr, "Can't initialize %s.\n", backend_in); + return 1; } if (add_user) { @@ -650,9 +445,9 @@ int main (int argc, char **argv) return -1; } if (machine) - return new_machine (user_name); + return new_machine (in, user_name); else - return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path); + return new_user (in, user_name, full_name, home_dir, home_drive, logon_script, profile_path); } if (delete_user) { @@ -661,32 +456,29 @@ int main (int argc, char **argv) return -1; } if (machine) - return delete_machine_entry (user_name); + return delete_machine_entry (in, user_name); else - return delete_user_entry (user_name); + return delete_user_entry (in, user_name); } if (user_name) { if (setparms) - set_user_info ( user_name, full_name, + return set_user_info (in, user_name, full_name, home_dir, home_drive, logon_script, profile_path); else - return print_user_info (user_name, verbose, spstyle); - - return 0; + return print_user_info (in, user_name, verbose, spstyle); } - if (list_users) - return print_users_list (verbose, spstyle); + return print_users_list (in, verbose, spstyle); + + if (backend_out) + return export_database(in, backend_out); - if (import) - return import_users (smbpasswd); + poptPrintHelp(pc, stderr, 0); - usage(); - - return 0; + return 1; } -- cgit From a88ff199bcf9a140cec482cf04578cb1b897877a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 13 Apr 2002 10:32:09 +0000 Subject: More updates from ctrlsoft. (Jelmer Vernooij ) Andrew Bartlett (This used to be commit 012b3326c40ca0f8f4c7673310d73f695cc4f79b) --- source3/utils/pdbedit.c | 40 ++++++++++++++++++++++++++++++++-------- 1 file changed, 32 insertions(+), 8 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 421a72923a..c63ed29529 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -70,24 +70,48 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst { uid_t uid; gid_t gid; + time_t tmp; /* TODO: chaeck if entry is a user or a workstation */ if (!sam_pwent) return -1; if (verbosity) { - printf ("username: %s\n", pdb_get_username(sam_pwent)); + printf ("Unix/NT username: %s/%s\n", pdb_get_username(sam_pwent),pdb_get_nt_username(sam_pwent)); if (IS_SAM_UNIX_USER(sam_pwent)) { uid = pdb_get_uid(sam_pwent); gid = pdb_get_gid(sam_pwent); - printf ("user ID/Group: %d/%d\n", uid, gid); + printf ("user ID/Group: %d/%d\n", uid, gid); } - printf ("user RID/GRID: %u/%u\n", (unsigned int)pdb_get_user_rid(sam_pwent), + printf ("user RID/GRID: %u/%u\n", (unsigned int)pdb_get_user_rid(sam_pwent), (unsigned int)pdb_get_group_rid(sam_pwent)); - printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); - printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); - printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); - printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); - printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); + printf ("Full Name: %s\n", pdb_get_fullname(sam_pwent)); + printf ("Home Directory: %s\n", pdb_get_homedir(sam_pwent)); + printf ("HomeDir Drive: %s\n", pdb_get_dirdrive(sam_pwent)); + printf ("Logon Script: %s\n", pdb_get_logon_script(sam_pwent)); + printf ("Profile Path: %s\n", pdb_get_profile_path(sam_pwent)); + printf ("Domain: %s\n", pdb_get_domain(sam_pwent)); + printf ("Account desc: %s\n", pdb_get_acct_desc(sam_pwent)); + printf ("Workstations: %s\n", pdb_get_workstations(sam_pwent)); + printf ("Munged dial: %s\n", pdb_get_munged_dial(sam_pwent)); + + tmp = pdb_get_logon_time(sam_pwent); + printf ("Logon time: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_logoff_time(sam_pwent); + printf ("Logoff time: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_kickoff_time(sam_pwent); + printf ("Kickoff time: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_pass_last_set_time(sam_pwent); + printf ("Password last set: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_pass_can_change_time(sam_pwent); + printf ("Password can change: %s\n", tmp ? http_timestring(tmp) : "0"); + + tmp = pdb_get_pass_must_change_time(sam_pwent); + printf ("Password must change: %s\n", tmp ? http_timestring(tmp) : "0"); + } else if (smbpwdstyle) { if (IS_SAM_UNIX_USER(sam_pwent)) { char lm_passwd[33]; -- cgit From c4e49dee7a4fdfbf1939b9d870fdfa6339113a74 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 14 Apr 2002 04:58:49 +0000 Subject: Fixed debugs. (This used to be commit 6d9336f3b9b205e5916424ee844658b445439fdb) --- source3/utils/net_rpc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 19e2c63ecc..2aca3f0485 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -59,13 +59,13 @@ static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli) TALLOC_CTX *mem_ctx; if (!(domain_sid = malloc(sizeof(DOM_SID)))){ - DEBUG(0,("fetch_domain_sid: malloc returned NULL!\n")); + DEBUG(0,("net_get_remote_domain_sid: malloc returned NULL!\n")); goto error; } if (!(mem_ctx=talloc_init())) { - DEBUG(0,("fetch_domain_sid: talloc_init returned NULL!\n")); + DEBUG(0,("net_get_remote_domain_sid: talloc_init returned NULL!\n")); goto error; } -- cgit From 07e6ff5fcfe337bb65a7c3a4493a92a7761cf2ed Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 14 Apr 2002 09:44:16 +0000 Subject: Partly based on the work by mimir (Rafal Szczesniak ) this patch allows samba to correctly enumerate its trusted domains - by exaimining the keys in the secrets.tdb file. This patch has been tested with both NT4 and rpcclient/wbinfo, and adds some extra functionality to talloc and rpc_parse to allow it to deal with already unicode strings. Finally, this cleans up some const warnings that were in net_rpc.c by pushing another dash of const into the rpc client code. Andrew Bartlett (This used to be commit 0bdd94cb992b40942aaf2e5e0efd2868b4686296) --- source3/utils/net_rpc.c | 40 ++++++++++++++++++++++------------------ 1 file changed, 22 insertions(+), 18 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 2aca3f0485..315c2de030 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -451,7 +451,7 @@ static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid, uint32 flags = 0x000003e8; /* Unknown */ result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, - flags, 1, (char **) &argv[0], + flags, 1, &argv[0], &num_rids, &user_rids, &name_types); @@ -548,7 +548,7 @@ rpc_user_info_internals(const DOM_SID *domain_sid, struct cli_state *cli, /* Get handle on user */ result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, - flags, 1, (char **) &argv[0], + flags, 1, &argv[0], &num_rids, &rids, &name_types); if (!NT_STATUS_IS_OK(result)) goto done; @@ -874,7 +874,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli if (argc != 1) { d_printf("Usage: net rpc trustdom add \n"); - return NT_STATUS_OK; + return NT_STATUS_INVALID_PARAMETER; } /* @@ -985,6 +985,12 @@ static int rpc_trustdom_establish(int argc, const char **argv) { * Connect to \\server\ipc$ as 'our domain' account with password */ + if (argc != 1) { + d_printf("Usage: net rpc trustdom add \n"); + return -1; + } + + domain_name = smb_xstrdup(argv[0]); strupper(domain_name); @@ -1061,10 +1067,8 @@ static int rpc_trustdom_establish(int argc, const char **argv) { return -1; } - if (cli->nt_pipe_fnum) { + if (cli->nt_pipe_fnum) cli_nt_session_close(cli); - talloc_destroy(mem_ctx); - } /* @@ -1103,6 +1107,17 @@ static int rpc_trustdom_establish(int argc, const char **argv) { /* There should be actually query info level 3 (following nt serv behaviour), but I still don't know if it's _really_ necessary */ + /* + * Store the password in secrets db + */ + + if (!secrets_store_trusted_domain_password(domain_name, wks_info.uni_lan_grp.buffer, + wks_info.uni_lan_grp.uni_str_len, opt_password, + domain_sid)) { + DEBUG(0, ("Storing password for trusted domain failed.\n")); + return -1; + } + /* * Close the pipes and clean up */ @@ -1116,20 +1131,9 @@ static int rpc_trustdom_establish(int argc, const char **argv) { if (cli->nt_pipe_fnum) cli_nt_session_close(cli); - - talloc_destroy(mem_ctx); + talloc_destroy(mem_ctx); - /* - * Store the password in secrets db - */ - - if (!secrets_store_trusted_domain_password(domain_name, opt_password, - domain_sid)) { - DEBUG(0, ("Storing password for trusted domain failed.\n")); - return -1; - } - DEBUG(0, ("Success!\n")); return 0; } -- cgit From d0386372b2f491cd9281fc6466b1b5d2f5cf59a9 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 14 Apr 2002 11:21:25 +0000 Subject: The cli_lsa_lookup_{names,sids} functions were returning useless information when one or more of the names/sids being queried were not resolvable. We now return a list the same length as the parameters passed instead of an array of just the resolvable names/sids. (This used to be commit 245468dbabb7c849ce423cc3cb586fa913d0adfe) --- source3/utils/smbcacls.c | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 8c0b2a4a72..017f4035b0 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -108,7 +108,6 @@ static void SidToString(fstring str, DOM_SID *sid) char **domains = NULL; char **names = NULL; uint32 *types = NULL; - int num_names; sid_to_string(str, sid); @@ -118,8 +117,8 @@ static void SidToString(fstring str, DOM_SID *sid) if (!cacls_open_policy_hnd() || !NT_STATUS_IS_OK(cli_lsa_lookup_sids(&lsa_cli, lsa_cli.mem_ctx, - &pol, 1, sid, &domains, &names, - &types, &num_names)) || + &pol, 1, sid, &domains, + &names, &types)) || !domains || !domains[0] || !names || !names[0]) { return; } @@ -137,7 +136,6 @@ static BOOL StringToSid(DOM_SID *sid, const char *str) { uint32 *types = NULL; DOM_SID *sids = NULL; - int num_sids; BOOL result = True; if (strncmp(str, "S-", 2) == 0) { @@ -145,9 +143,9 @@ static BOOL StringToSid(DOM_SID *sid, const char *str) } if (!cacls_open_policy_hnd() || - !NT_STATUS_IS_OK(cli_lsa_lookup_names(&lsa_cli, lsa_cli.mem_ctx, &pol, 1, - &str, - &sids, &types, &num_sids))) { + !NT_STATUS_IS_OK(cli_lsa_lookup_names(&lsa_cli, lsa_cli.mem_ctx, + &pol, 1, &str, &sids, + &types))) { result = False; goto done; } -- cgit From 26152050bb9f327d67360fa2997344787d9073c7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 14 Apr 2002 12:14:52 +0000 Subject: Merge from 2_2. Volker (This used to be commit 8973a01f5efa547ed356e27fe1660da732b24cdd) --- source3/utils/testparm.c | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'source3/utils') diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index defde6cb2c..c6e417a2bc 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -152,6 +152,15 @@ via the %%o substitution. With encrypted passwords this is not possible.\n", lp_ } } + if (strlen(lp_winbind_separator()) != 1) { + printf("ERROR: the 'winbind separator' parameter must be a single character.\n"); + ret = 1; + } + + if (*lp_winbind_separator() == '+') { + printf("'winbind separator = +' might cause problems with group membership.\n"); + } + return ret; } -- cgit From 6d239fc97fb95033d590ee214d1e58f89ea6d269 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 15 Apr 2002 08:50:36 +0000 Subject: Another patch from jelmer: Doco for pdbedit and (ugly, but the best we could come up with) fix for compiling pdbedit on some non-gcc compilers. Andrew Bartlett (This used to be commit 80adf1dbb56cf8bdbfbcc2c8c7b670c0a23c97f8) --- source3/utils/pdbedit.c | 68 +++++++++++++++++++++++++++---------------------- 1 file changed, 37 insertions(+), 31 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index c63ed29529..2cbc9eb71d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -394,24 +394,25 @@ static int delete_machine_entry (struct pdb_context *in, char *machinename) int main (int argc, char **argv) { - struct pdb_context *in; - BOOL list_users = False; - BOOL verbose = False; - BOOL spstyle = False; - BOOL setparms = False; - BOOL machine = False; - BOOL add_user = False; - BOOL delete_user = False; - BOOL import = False; + static BOOL list_users = False; + static BOOL verbose = False; + static BOOL spstyle = False; + static BOOL setparms = False; + static BOOL machine = False; + static BOOL add_user = False; + static BOOL delete_user = False; + static BOOL import = False; int opt; - char *full_name = NULL; - char *user_name = NULL; - char *home_dir = NULL; - char *home_drive = NULL; - char *backend_in = NULL; - char *backend_out = NULL; - char *logon_script = NULL; - char *profile_path = NULL; + static char *full_name = NULL; + static char *user_name = NULL; + static char *home_dir = NULL; + static char *home_drive = NULL; + static char *backend_in = NULL; + static char *backend_out = NULL; + static char *logon_script = NULL; + static char *profile_path = NULL; + + struct pdb_context *in; poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP @@ -432,14 +433,14 @@ int main (int argc, char **argv) {"debuglevel",'D',POPT_ARG_INT,&DEBUGLEVEL,0,"set debuglevel",NULL}, {0,0,0,0} }; - + DEBUGLEVEL = 1; setup_logging("pdbedit", True); AllowDebugChange = False; - + if (!lp_load(dyn_CONFIGFILE,True,False,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", - dyn_CONFIGFILE); + dyn_CONFIGFILE); exit(1); } @@ -456,7 +457,7 @@ int main (int argc, char **argv) fprintf (stderr, "Incompatible options on command line!\n"); exit(1); } - + if(!NT_STATUS_IS_OK(make_pdb_context_name(&in, backend_in))){ fprintf(stderr, "Can't initialize %s.\n", backend_in); @@ -471,7 +472,9 @@ int main (int argc, char **argv) if (machine) return new_machine (in, user_name); else - return new_user (in, user_name, full_name, home_dir, home_drive, logon_script, profile_path); + return new_user (in, user_name, full_name, home_dir, + home_drive, logon_script, + profile_path); } if (delete_user) { @@ -484,16 +487,17 @@ int main (int argc, char **argv) else return delete_user_entry (in, user_name); } - + if (user_name) { if (setparms) - return set_user_info (in, user_name, full_name, - home_dir, - home_drive, - logon_script, - profile_path); + return set_user_info (in, user_name, full_name, + home_dir, + home_drive, + logon_script, + profile_path); else - return print_user_info (in, user_name, verbose, spstyle); + return print_user_info (in, user_name, verbose, + spstyle); } if (list_users) @@ -501,8 +505,10 @@ int main (int argc, char **argv) if (backend_out) return export_database(in, backend_out); - + poptPrintHelp(pc, stderr, 0); - + return 1; } + + -- cgit From 7a661ac63c674472cf808d46bf48ea45a99e2041 Mon Sep 17 00:00:00 2001 From: Jean-François Micouleau Date: Tue, 16 Apr 2002 15:49:24 +0000 Subject: we did not initialise global_myname and global_myworkgroup which lead to duplicate entries in secrets.tdb and false SID generated. took me *hours* to understand. J.F. (This used to be commit bfc3a25b776a5a66e1bd0e2c60c101cea87ef4d5) --- source3/utils/smbgroupedit.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) (limited to 'source3/utils') diff --git a/source3/utils/smbgroupedit.c b/source3/utils/smbgroupedit.c index cfa0dd8af9..04d46f4559 100644 --- a/source3/utils/smbgroupedit.c +++ b/source3/utils/smbgroupedit.c @@ -22,6 +22,7 @@ #include "includes.h" extern pstring global_myname; +extern pstring global_myworkgroup; extern DOM_SID global_sam_sid; /* @@ -287,6 +288,18 @@ int main (int argc, char **argv) dyn_CONFIGFILE); exit(1); } + + if (!*global_myname) { + char *p; + pstrcpy( global_myname, myhostname() ); + p = strchr_m(global_myname, '.' ); + if (p) + *p = 0; + } + + strupper(global_myname); + + fstrcpy(global_myworkgroup, lp_workgroup()); if(!initialize_password_db(True)) { fprintf(stderr, "Can't setup password database vectors.\n"); @@ -294,7 +307,7 @@ int main (int argc, char **argv) } if(pdb_generate_sam_sid()==False) { - printf("Can not read machine SID\n"); + fprintf(stderr, "Can not read machine SID\n"); return 0; } -- cgit From c0a991943044e038b78f796fb35d7625eb843d85 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Thu, 18 Apr 2002 06:56:44 +0000 Subject: fixed the fallback to a BDC for ADS connections (This used to be commit 3e58a1ee83ea0b4347ce24e566445cc6cb67bb3a) --- source3/utils/net_ads.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 68fa89ea35..ea261187ce 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -56,7 +56,7 @@ static int net_ads_info(int argc, const char **argv) { ADS_STRUCT *ads; - ads = ads_init(NULL, opt_host, NULL, NULL); + ads = ads_init(NULL, NULL, opt_host, NULL, NULL); ads_connect(ads); if (!ads) { @@ -81,7 +81,7 @@ static ADS_STRUCT *ads_startup(void) BOOL need_password = False; BOOL second_time = False; - ads = ads_init(NULL, opt_host, NULL, NULL); + ads = ads_init(NULL, NULL, opt_host, NULL, NULL); if (!opt_user_name) { opt_user_name = "administrator"; @@ -650,7 +650,7 @@ static int net_ads_password(int argc, const char **argv) /* use the realm so we can eventually change passwords for users in realms other than default */ - if (!(ads = ads_init(realm, NULL, NULL, NULL))) return -1; + if (!(ads = ads_init(realm, NULL, NULL, NULL, NULL))) return -1; asprintf(&prompt, "Enter new password for %s:", argv[0]); @@ -681,8 +681,7 @@ static int net_ads_change_localhost_pass(int argc, const char **argv) char *hostname; ADS_STATUS ret; - - if (!(ads = ads_init(NULL, NULL, NULL, NULL))) return -1; + if (!(ads = ads_init_simple())) return -1; hostname = strdup(global_myname); strlower(hostname); -- cgit From 19bacddd52f4099fcad39e666e6eba26d16b4863 Mon Sep 17 00:00:00 2001 From: Herb Lewis Date: Fri, 26 Apr 2002 16:16:14 +0000 Subject: fix compile error (This used to be commit c64a57a6106bfd766679ac89837881ed9592409b) --- source3/utils/pdbedit.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/utils') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 2cbc9eb71d..bf52d08989 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -411,6 +411,7 @@ int main (int argc, char **argv) static char *backend_out = NULL; static char *logon_script = NULL; static char *profile_path = NULL; + static int new_debuglevel = -1; struct pdb_context *in; poptContext pc; @@ -430,7 +431,7 @@ int main (int argc, char **argv) {"delete", 'x',POPT_ARG_VAL,&delete_user,1,"delete user",NULL}, {"import", 'i',POPT_ARG_STRING,&backend_in,0,"use different passdb backend",NULL}, {"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL}, - {"debuglevel",'D',POPT_ARG_INT,&DEBUGLEVEL,0,"set debuglevel",NULL}, + {"debuglevel",'D',POPT_ARG_INT,&new_debuglevel,0,"set debuglevel",NULL}, {0,0,0,0} }; @@ -451,6 +452,10 @@ int main (int argc, char **argv) while((opt = poptGetNextOpt(pc)) != -1); + if (new_debuglevel != -1) { + DEBUGLEVEL = new_debuglevel; + } + setparms = (full_name || home_dir || home_drive || logon_script || profile_path); if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) > 1) { -- cgit From 4db4e95ab2140e179d0f15ad390b7a994b6642f2 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 9 May 2002 04:08:00 +0000 Subject: pidfile merge from SAMBA_2_2 (including --with-fhs) and a few other minor things; compiles and shouldnt break, but needs testing (This used to be commit 19b9b50d9039afe614284aaf379f9f1078e2e307) --- source3/utils/testparm.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'source3/utils') diff --git a/source3/utils/testparm.c b/source3/utils/testparm.c index c6e417a2bc..b727f883fd 100644 --- a/source3/utils/testparm.c +++ b/source3/utils/testparm.c @@ -67,6 +67,12 @@ cannot be set in the smb.conf file. nmbd will abort with this setting.\n"); ret = 1; } + if (!directory_exist(lp_piddir(), &st)) { + printf("ERROR: pid directory %s does not exist\n", + lp_piddir()); + ret = 1; + } + /* * Password server sanity checks. */ -- cgit From d06f4fa8345aaef6e7e88586c8e2f3dd3c20c0f7 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 9 May 2002 23:46:01 +0000 Subject: Converged help on net group command. (This used to be commit 9de5e0dc73f57e8c8b878da803452b86e6ce8fca) --- source3/utils/net_help.c | 18 +++++++++++++++++- source3/utils/net_rap.c | 12 +----------- 2 files changed, 18 insertions(+), 12 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_help.c b/source3/utils/net_help.c index 21af8a4fd9..31065a26b8 100644 --- a/source3/utils/net_help.c +++ b/source3/utils/net_help.c @@ -78,11 +78,27 @@ int net_help_user(int argc, const char **argv) return -1; } +int net_help_group(int argc, const char **argv) +{ + d_printf("net [method] group [misc. options] [targets]"\ + "\n\tList user groups\n\n"); + d_printf("net [method] group DELETE [misc. options] [targets]"\ + "\n\tDelete specified group\n"); + d_printf("\nnet [method] group ADD [-C comment]"\ + " [misc. options] [targets]\n\tCreate specified group\n"); + net_common_methods_usage(argc, argv); + net_common_flags_usage(argc, argv); + d_printf( + "\t-C or --comment=\tdescriptive comment (for add only)\n"); + return -1; +} + static int net_usage(int argc, const char **argv) { d_printf(" net time\t\tto view or set time information\n"\ " net lookup\t\tto lookup host name or ip address\n"\ " net user\t\tto manage users\n"\ + " net group\t\tto manage groups\n"\ " net join\t\tto join a domain\n"\ "\n"\ " net ads [command]\tto run ADS commands\n"\ @@ -110,7 +126,7 @@ int net_help(int argc, const char **argv) {"DOMAIN", net_rap_domain_usage}, {"PRINTQ", net_rap_printq_usage}, {"USER", net_help_user}, - {"GROUP", net_rap_group_usage}, + {"GROUP", net_help_group}, {"VALIDATE", net_rap_validate_usage}, {"GROUPMEMBER", net_rap_groupmember_usage}, {"ADMIN", net_rap_admin_usage}, diff --git a/source3/utils/net_rap.c b/source3/utils/net_rap.c index a6b199fd88..248e601df9 100644 --- a/source3/utils/net_rap.c +++ b/source3/utils/net_rap.c @@ -732,17 +732,7 @@ int net_rap_user(int argc, const char **argv) int net_rap_group_usage(int argc, const char **argv) { - d_printf("net rap group [misc. options] [targets]"\ - "\n\tList user groups\n"); - d_printf("\nnet rap group DELETE [misc. options] [targets]"\ - "\n\tDelete specified group\n"); - d_printf("\nnet rap group ADD [-C comment] [misc. options]"\ - " [targets]\n\tCreate specified group\n"); - - net_common_flags_usage(argc, argv); - d_printf( - "\t-C or --comment=\tdescriptive comment (for add only)\n"); - return -1; + return net_help_group(argc, argv); } static void long_group_fn(const char *group_name, const char *comment, -- cgit From 14b02089c2524191ba7e982a05fa2752c2460380 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 9 May 2002 23:47:26 +0000 Subject: Start of net rpc group command. List only right now. Add and delete have not been implemented...is it worth the effort? (This used to be commit 45ac4f4c29d0d8d1b0b1535b2ab500e38ac5b978) --- source3/utils/net_rpc.c | 154 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 153 insertions(+), 1 deletion(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 315c2de030..20f2b83156 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -664,7 +664,7 @@ rpc_user_list_internals(const DOM_SID *domain_sid, struct cli_state *cli, if (opt_long_list_entries) printf("%-21.21s %-50.50s\n", user, desc); else - printf("%-21.21s\n", user); + printf("%s\n", user); } } while (!NT_STATUS_IS_OK(result)); @@ -701,6 +701,157 @@ int net_rpc_user(int argc, const char **argv) } +/****************************************************************************/ + +/** + * Basic usage function for 'net rpc group' + * @param argc Standard main() style argc. + * @param argv Standard main() style argv. Initial components are already + * stripped. + **/ + +static int rpc_group_usage(int argc, const char **argv) +{ + return net_help_group(argc, argv); +} + +/** + * List groups on a remote RPC server + * + * All paramaters are provided by the run_rpc_command funcion, except for + * argc, argv which are passes through. + * + * @param domain_sid The domain sid acquired from the remote server + * @param cli A cli_state connected to the server. + * @param mem_ctx Talloc context, destoyed on completion of the function. + * @param argc Standard main() style argc + * @param argv Standard main() style argv. Initial components are already + * stripped + * + * @return Normal NTSTATUS return. + **/ + +static NTSTATUS +rpc_group_list_internals(const DOM_SID *domain_sid, struct cli_state *cli, + TALLOC_CTX *mem_ctx, int argc, const char **argv) +{ + POLICY_HND connect_pol, domain_pol; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + uint32 start_idx=0, max_entries=250, num_entries, i; + struct acct_info *groups; + DOM_SID global_sid_Builtin; + + string_to_sid(&global_sid_Builtin, "S-1-5-32"); + + /* Get sam policy handle */ + + result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + &connect_pol); + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + /* Get domain policy handle */ + + result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + domain_sid, &domain_pol); + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + /* Query domain groups */ + if (opt_long_list_entries) + d_printf("\nGroup name Comment"\ + "\n-----------------------------\n"); + do { + result = cli_samr_enum_dom_groups(cli, mem_ctx, &domain_pol, + &start_idx, max_entries, + &groups, &num_entries); + + for (i = 0; i < num_entries; i++) { + if (opt_long_list_entries) + printf("%-21.21s %-50.50s\n", + groups[i].acct_name, + groups[i].acct_desc); + else + printf("%-21.21s\n", groups[i].acct_name); + } + } while (!NT_STATUS_IS_OK(result)); + /* query domain aliases */ + do { + result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol, + &start_idx, max_entries, + &groups, &num_entries); + + for (i = 0; i < num_entries; i++) { + if (opt_long_list_entries) + printf("%-21.21s %-50.50s\n", + groups[i].acct_name, + groups[i].acct_desc); + else + printf("%-21.21s\n", groups[i].acct_name); + } + } while (!NT_STATUS_IS_OK(result)); + cli_samr_close(cli, mem_ctx, &domain_pol); + /* Get builtin policy handle */ + + result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + &global_sid_Builtin, &domain_pol); + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + /* query builtin aliases */ + do { + result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol, + &start_idx, max_entries, + &groups, &num_entries); + + for (i = 0; i < num_entries; i++) { + if (opt_long_list_entries) + printf("%-21.21s %-50.50s\n", + groups[i].acct_name, + groups[i].acct_desc); + else + printf("%s\n", groups[i].acct_name); + } + } while (!NT_STATUS_IS_OK(result)); + + done: + return result; +} + +/** + * 'net rpc group' entrypoint. + * @param argc Standard main() style argc + * @param argc Standard main() style argv. Initial components are already + * stripped + **/ + +int net_rpc_group(int argc, const char **argv) +{ + struct functable func[] = { +#if 0 + {"add", rpc_group_add}, + {"delete", rpc_group_delete}, +#endif + {NULL, NULL} + }; + + if (argc == 0) { + if (opt_long_list_entries) { + } else { + } + return run_rpc_command(PIPE_SAMR, 0, + rpc_group_list_internals, + argc, argv); + } + + return net_run_function(argc, argv, func, rpc_group_usage); +} + + /****************************************************************************/ @@ -1321,6 +1472,7 @@ int net_rpc(int argc, const char **argv) struct functable func[] = { {"join", net_rpc_join}, {"user", net_rpc_user}, + {"group", net_rpc_group}, {"changetrustpw", rpc_changetrustpw}, {"trustdom", rpc_trustdom}, {"abortshutdown", rpc_shutdown_abort}, -- cgit From 723bbbec0a520ba02fcad5d996338e47b10a2d4c Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 9 May 2002 23:49:28 +0000 Subject: Add ads group add and delete, allowing converged net group command. Also update some of the help info. (This used to be commit fde62de7a1735b2ef2d9593b38ffa5c7ea2e0d67) --- source3/utils/net_ads.c | 122 +++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 106 insertions(+), 16 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index ea261187ce..df10452867 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -33,9 +33,9 @@ int net_ads_usage(int argc, const char **argv) "\nnet ads leave"\ "\n\tremoves the local machine from a ADS realm\n"\ "\nnet ads user"\ -"\n\tlist users in the realm\n"\ +"\n\tlist, add, or delete users in the realm\n"\ "\nnet ads group"\ -"\n\tlist groups in the realm\n"\ +"\n\tlist, add, or delete groups in the realm\n"\ "\nnet ads info"\ "\n\tshows some info on the server\n"\ "\nnet ads status"\ @@ -145,7 +145,7 @@ static void usergrp_display(char *field, void **values, void *data_area) printf("%-21.21s %-50.50s\n", disp_fields[0], disp_fields[1]); else - printf("%-21.21s\n", disp_fields[0]); + printf("%s\n", disp_fields[0]); } SAFE_FREE(disp_fields[0]); SAFE_FREE(disp_fields[1]); @@ -308,26 +308,111 @@ int net_ads_user(int argc, const char **argv) return net_run_function(argc, argv, func, net_ads_user_usage); } -static int net_ads_group(int argc, const char **argv) +static int net_ads_group_usage(int argc, const char **argv) +{ + return net_help_group(argc, argv); +} + +static int ads_group_add(int argc, const char **argv) +{ + ADS_STRUCT *ads; + ADS_STATUS status; + void *res=NULL; + int rc = -1; + + if (argc < 1) return net_ads_group_usage(argc, argv); + + if (!(ads = ads_startup())) return -1; + + status = ads_find_user_acct(ads, &res, argv[0]); + + if (!ADS_ERR_OK(status)) { + d_printf("ads_group_add: %s\n", ads_errstr(status)); + goto done; + } + + if (ads_count_replies(ads, res)) { + d_printf("ads_group_add: Group %s already exists\n", argv[0]); + ads_msgfree(ads, res); + goto done; + } + + status = ads_add_group_acct(ads, argv[0], opt_comment); + + if (ADS_ERR_OK(status)) { + d_printf("Group %s added\n", argv[0]); + rc = 0; + } else { + d_printf("Could not add group %s: %s\n", argv[0], + ads_errstr(status)); + } + + done: + if (res) + ads_msgfree(ads, res); + ads_destroy(&ads); + return rc; +} + +static int ads_group_delete(int argc, const char **argv) { + ADS_STRUCT *ads; + ADS_STATUS rc; + void *res; + char *groupdn; + + if (argc < 1) return net_ads_group_usage(argc, argv); + + if (!(ads = ads_startup())) return -1; + + rc = ads_find_user_acct(ads, &res, argv[0]); + if (!ADS_ERR_OK(rc)) { + DEBUG(0, ("Group %s does not exist\n", argv[0])); + return -1; + } + groupdn = ads_get_dn(ads, res); + ads_msgfree(ads, res); + rc = ads_del_dn(ads, groupdn); + ads_memfree(ads, groupdn); + if (!ADS_ERR_OK(rc)) { + d_printf("Group %s deleted\n", argv[0]); + return 0; + } + d_printf("Error deleting group %s: %s\n", argv[0], + ads_errstr(rc)); + return -1; +} + +int net_ads_group(int argc, const char **argv) +{ + struct functable func[] = { + {"ADD", ads_group_add}, + {"DELETE", ads_group_delete}, + {NULL, NULL} + }; ADS_STRUCT *ads; ADS_STATUS rc; const char *shortattrs[] = {"sAMAccountName", NULL}; const char *longattrs[] = {"sAMAccountName", "description", NULL}; char *disp_fields[2] = {NULL, NULL}; - if (!(ads = ads_startup())) return -1; + if (argc == 0) { + if (!(ads = ads_startup())) return -1; - if (opt_long_list_entries) - d_printf("\nGroup name Comment"\ - "\n-----------------------------\n"); - rc = ads_do_search_all_fn(ads, ads->bind_path, LDAP_SCOPE_SUBTREE, - "(objectclass=group)", opt_long_list_entries - ? longattrs : shortattrs, usergrp_display, - disp_fields); + if (opt_long_list_entries) + d_printf("\nGroup name Comment"\ + "\n-----------------------------\n"); + rc = ads_do_search_all_fn(ads, ads->bind_path, + LDAP_SCOPE_SUBTREE, + "(objectclass=group)", + opt_long_list_entries ? longattrs : + shortattrs, usergrp_display, + disp_fields); - ads_destroy(&ads); - return 0; + ads_destroy(&ads); + return 0; + } + return net_run_function(argc, argv, func, net_ads_group_usage); } static int net_ads_status(int argc, const char **argv) @@ -709,15 +794,15 @@ int net_ads_help(int argc, const char **argv) { struct functable func[] = { {"USER", net_ads_user_usage}, + {"GROUP", net_ads_group_usage}, + {"PRINTER", net_ads_printer_usage}, #if 0 {"INFO", net_ads_info}, {"JOIN", net_ads_join}, {"LEAVE", net_ads_leave}, {"STATUS", net_ads_status}, - {"GROUP", net_ads_group}, {"PASSWORD", net_ads_password}, {"CHOSTPASS", net_ads_change_localhost_pass}, - {"PRINTER", net_ads_printer}, #endif {NULL, NULL} }; @@ -772,6 +857,11 @@ int net_ads_user(int argc, const char **argv) return net_ads_noads(); } +int net_ads_group(int argc, const char **argv) +{ + return net_ads_noads(); +} + /* this one shouldn't display a message */ int net_ads_check(void) { -- cgit From 90554c046ebf9fbf01f576550dae075b32d0a194 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 9 May 2002 23:49:40 +0000 Subject: Converged net group command. (This used to be commit 95cc3fa4d3e566f540090ed499e80d86eb55e895) --- source3/utils/net.c | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net.c b/source3/utils/net.c index b81e37c0af..0450d9519d 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -279,8 +279,6 @@ struct cli_state *net_make_ipc_connection(unsigned flags) return cli; } - - static int net_user(int argc, const char **argv) { if (net_ads_check() == 0) @@ -293,6 +291,18 @@ static int net_user(int argc, const char **argv) return net_rap_user(argc, argv); } +static int net_group(int argc, const char **argv) +{ + if (net_ads_check() == 0) + return net_ads_group(argc, argv); + + + /* if server is not specified, default to PDC? */ + /* not implemented yet if (net_rpc_check(NET_FLAGS_PDC)) + return net_rpc_group(argc, argv); */ + + return net_rap_group(argc, argv); +} static int net_join(int argc, const char **argv) { @@ -319,7 +329,7 @@ static struct functable net_func[] = { {"DOMAIN", net_rap_domain}, {"PRINTQ", net_rap_printq}, {"USER", net_user}, - {"GROUP", net_rap_group}, + {"GROUP", net_group}, {"VALIDATE", net_rap_validate}, {"GROUPMEMBER", net_rap_groupmember}, {"ADMIN", net_rap_admin}, -- cgit From 4f4f56d147628c5569f2c2fc6aeb2e0f5eecde8b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 10 May 2002 14:40:55 +0000 Subject: Allow -c to specify the location of the config file, and fix up some handling of non-existant passdb cases. (This used to be commit e56de32f5ce5cb301137497451b0ccd633f09f54) --- source3/utils/pdbedit.c | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index bf52d08989..6b4cd606d0 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -182,11 +182,9 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd SAM_ACCOUNT *sam_pwent=NULL; BOOL check, ret; - errno = 0; /* testing --simo */ check = in->pdb_setsampwent(in, False); - if (check && errno == ENOENT) { - fprintf (stderr,"Password database not found!\n"); - exit(1); + if (!check) { + return 1; } check = True; @@ -411,6 +409,7 @@ int main (int argc, char **argv) static char *backend_out = NULL; static char *logon_script = NULL; static char *profile_path = NULL; + static char *config_file = dyn_CONFIGFILE; static int new_debuglevel = -1; struct pdb_context *in; @@ -431,7 +430,8 @@ int main (int argc, char **argv) {"delete", 'x',POPT_ARG_VAL,&delete_user,1,"delete user",NULL}, {"import", 'i',POPT_ARG_STRING,&backend_in,0,"use different passdb backend",NULL}, {"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL}, - {"debuglevel",'D',POPT_ARG_INT,&new_debuglevel,0,"set debuglevel",NULL}, + {"debuglevel",'D', POPT_ARG_INT, &new_debuglevel,0,"set debuglevel",NULL}, + {"configfile",'c',POPT_ARG_STRING, &config_file,0,"use different configuration file",NULL}, {0,0,0,0} }; @@ -439,14 +439,6 @@ int main (int argc, char **argv) setup_logging("pdbedit", True); AllowDebugChange = False; - if (!lp_load(dyn_CONFIGFILE,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", - dyn_CONFIGFILE); - exit(1); - } - - backend_in = lp_passdb_backend(); - pc = poptGetContext(NULL, argc, (const char **) argv, long_options, POPT_CONTEXT_KEEP_FIRST); @@ -456,6 +448,16 @@ int main (int argc, char **argv) DEBUGLEVEL = new_debuglevel; } + if (!lp_load(config_file,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + config_file); + exit(1); + } + + if (!backend_in) { + backend_in = lp_passdb_backend(); + } + setparms = (full_name || home_dir || home_drive || logon_script || profile_path); if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) > 1) { -- cgit From d41d9b6fc55c358fadac5389cec541e429c8d555 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Sat, 11 May 2002 03:30:21 +0000 Subject: merge from SAMBA_2_2 (This used to be commit b41cefb4c0670b06564ac79fa10aff8d60069f10) --- source3/utils/net_rpc.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 20f2b83156..471e414683 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -235,6 +235,14 @@ static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cl fstrcpy(trust_passwd, global_myname); strlower(trust_passwd); + + /* + * Machine names can be 15 characters, but the max length on + * a password is 14. --jerry + */ + + trust_passwd[14] = '\0'; + E_md4hash( (uchar *)trust_passwd, orig_trust_passwd_hash); return trust_pw_change_and_store_it(cli, mem_ctx, orig_trust_passwd_hash); -- cgit From c5ee0761908fc0ae7662d74f15f9ecb981a6ad88 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Mon, 13 May 2002 14:10:46 +0000 Subject: Add auto-detect of time server. Uses master browser. (This used to be commit c2a6b0b1269b2e2abcf675538869dfba3cab8894) --- source3/utils/net_time.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_time.c b/source3/utils/net_time.c index 3f5532109c..13c75c80b0 100644 --- a/source3/utils/net_time.c +++ b/source3/utils/net_time.c @@ -166,8 +166,10 @@ int net_time(int argc, const char **argv) {NULL, NULL} }; - if (!opt_host && !opt_have_ip) { - d_printf("You must specify a hostname or IP\n"); + if (!opt_host && !opt_have_ip && + !find_master_ip(opt_target_workgroup, &opt_dest_ip)) { + d_printf("Could not locate a time server. Try "\ + "specifying a target host.\n"); net_time_usage(argc,argv); return -1; } -- cgit From 8bcdb4849baea4753eb74dbf2f49847bc43754e5 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Wed, 15 May 2002 19:56:13 +0000 Subject: Added ability to lookup ldap server, kdc, dc, and master browser. Please review especially the methods for finding kdc and ldap server when they're not specified. This is a first attempt... (This used to be commit 5edccb51b94a80bbb3ecd59602393887286c8074) --- source3/utils/net_lookup.c | 173 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 171 insertions(+), 2 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_lookup.c b/source3/utils/net_lookup.c index 0cc1ff579f..a324f594a1 100644 --- a/source3/utils/net_lookup.c +++ b/source3/utils/net_lookup.c @@ -23,8 +23,12 @@ int net_lookup_usage(int argc, const char **argv) { d_printf( -" net lookup host HOSTNAME \n\tgives IP for a hostname\n\n"\ -"\n"); +" net lookup host HOSTNAME \n\tgives IP for a hostname\n\n" +" net lookup ldap [domain]\n\tgives IP of domain's ldap server\n\n" +" net lookup kdc [realm]\n\tgives IP of realm's kerberos KDC\n\n" +" net lookup dc [domain]\n\tgives IP of domains Domain Controllers\n\n" +" net lookup master [domain|wg]\n\tgive IP of master browser\n\n" +); return -1; } @@ -48,12 +52,177 @@ static int net_lookup_host(int argc, const char **argv) return 0; } +static void print_ldap_srvlist(char *srvlist) +{ + char *cur, *next; + struct in_addr ip; + BOOL printit; + + cur = srvlist; + do { + next = strchr(cur,':'); + if (next) *next++='\0'; + printit = resolve_name(cur, &ip, 0x20); + cur=next; + next=cur ? strchr(cur,' ') :NULL; + if (next) + *next++='\0'; + if (printit) + d_printf("%s:%s\n", inet_ntoa(ip), cur?cur:""); + cur = next; + } while (next); +} + + +static int net_lookup_ldap(int argc, const char **argv) +{ +#ifdef HAVE_LDAP + char *srvlist, *domain; + int rc, count; + struct in_addr *addr; + struct hostent *hostent; + + if (argc > 0) + domain = argv[0]; + else + domain = opt_target_workgroup; + + DEBUG(9, ("Lookup up ldap for domain %s\n", domain)); + rc = ldap_domain2hostlist(domain, &srvlist); + if ((rc == LDAP_SUCCESS) && srvlist) { + print_ldap_srvlist(srvlist); + return 0; + } + + DEBUG(9, ("Looking up DC for domain %s\n", domain)); + if (!get_dc_list(True, domain, &addr, &count)) + return -1; + + hostent = gethostbyaddr((char *) &addr->s_addr, sizeof(addr->s_addr), + AF_INET); + if (!hostent) + return -1; + + DEBUG(9, ("Found DC with DNS name %s\n", hostent->h_name)); + domain = strchr(hostent->h_name, '.'); + if (!domain) + return -1; + domain++; + + DEBUG(9, ("Looking up ldap for domain %s\n", domain)); + rc = ldap_domain2hostlist(domain, &srvlist); + if ((rc == LDAP_SUCCESS) && srvlist) { + print_ldap_srvlist(srvlist); + return 0; + } + return -1; +#endif + DEBUG(1,("No LDAP support\n")); + return -1; +} + +static int net_lookup_dc(int argc, const char **argv) +{ + struct in_addr *ip_list; + char *pdc_str = NULL; + char *domain=opt_target_workgroup; + int count, i; + + if (argc > 0) + domain=argv[0]; + + /* first get PDC */ + if (!get_dc_list(True, domain, &ip_list, &count)) + return -1; + + asprintf(&pdc_str, "%s", inet_ntoa(*ip_list)); + d_printf("%s\n", pdc_str); + if (!get_dc_list(False, domain, &ip_list, &count)) { + SAFE_FREE(pdc_str); + return 0; + } + for (i=0;i 0) + domain=argv[0]; + + if (!find_master_ip(domain, &master_ip)) + return -1; + d_printf("%s\n", inet_ntoa(master_ip)); + return 0; +} + +static int net_lookup_kdc(int argc, const char **argv) +{ +#ifdef HAVE_KRB5 + krb5_error_code rc; + krb5_context ctx; + struct sockaddr_in *addrs; + int num_kdcs,i; + krb5_data realm; + char **realms; + + rc = krb5_init_context(&ctx); + if (rc) { + DEBUG(1,("krb5_init_context failed (%s)\n", + error_message(rc))); + return -1; + } + + if (argc>0) { + realm.data = (krb5_pointer) argv[0]; + realm.length = strlen(argv[0]); + } else if (lp_realm() && *lp_realm()) { + realm.data = (krb5_pointer) lp_realm(); + realm.length = strlen(realm.data); + } else { + rc = krb5_get_host_realm(ctx, NULL, &realms); + if (rc) { + DEBUG(1,("krb5_gethost_realm failed (%s)\n", + error_message(rc))); + return -1; + } + realm.data = (krb5_pointer) *realms; + realm.length = strlen(realm.data); + } + + rc = krb5_locate_kdc(ctx, &realm, &addrs, &num_kdcs, 0); + if (rc) { + DEBUG(1, ("krb5_locate_kdc failed (%s)\n", error_message(rc))); + return -1; + } + for (i=0;i Date: Wed, 15 May 2002 23:20:15 +0000 Subject: merges from SAMBA_2_2 (This used to be commit 91f569a691be893e1a02c659a8f0753970fadbae) --- source3/utils/status.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/status.c b/source3/utils/status.c index 6f4b9eb28c..7755ce9ab4 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -544,7 +544,6 @@ static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, vo int main(int argc, char *argv[]) { - pstring fname; int c; static int profile_only = 0; static int new_debuglevel = -1; @@ -626,10 +625,11 @@ static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, vo tdb = tdb_open_log(lock_path("connections.tdb"), 0, TDB_DEFAULT, O_RDONLY, 0); if (!tdb) { - d_printf("connections.tdb not initialised\n"); + d_printf("%s not initialised\n", lock_path("connections.tdb")); + d_printf("This is normal if an SMB client has never connected to your server.\n"); } else { if (verbose) { - d_printf("Opened status file %s\n", fname); + d_printf("Opened %s\n", lock_path("connections.tdb")); } if (brief) -- cgit From 6ee4366093b24251aa52c272512b2efacb9582d8 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Fri, 17 May 2002 03:37:37 +0000 Subject: Changes to allow head to translate NMB flags ... (This used to be commit c986a19cde0dfa96b512eb24d873203981e68c48) --- source3/utils/nmblookup.c | 34 ++++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/nmblookup.c b/source3/utils/nmblookup.c index 9549d16d04..2373beb0c9 100644 --- a/source3/utils/nmblookup.c +++ b/source3/utils/nmblookup.c @@ -25,6 +25,7 @@ extern BOOL AllowDebugChange; +static BOOL give_flags = False; static BOOL use_bcast = True; static BOOL got_bcast = False; static struct in_addr bcast_addr; @@ -63,6 +64,7 @@ static void usage(void) d_printf("Version %s\n",VERSION); d_printf("\t-d debuglevel set the debuglevel\n"); d_printf("\t-B broadcast address the address to use for broadcasts\n"); + d_printf("\t-f list the NMB flags returned\n"); d_printf("\t-U unicast address the address to use for unicast\n"); d_printf("\t-M searches for a master browser\n"); d_printf("\t-R set recursion desired in packet\n"); @@ -98,6 +100,24 @@ static char *node_status_flags(unsigned char flags) return ret; } +/**************************************************************************** +turn the NMB Query flags into a string +****************************************************************************/ +static char *query_flags(int flags) +{ + static fstring ret1; + fstrcpy(ret1, ""); + + if (flags & NM_FLAGS_RS) fstrcat(ret1, "Response "); + if (flags & NM_FLAGS_AA) fstrcat(ret1, "Authoritative "); + if (flags & NM_FLAGS_TC) fstrcat(ret1, "Truncated "); + if (flags & NM_FLAGS_RD) fstrcat(ret1, "Recursion_Desired "); + if (flags & NM_FLAGS_RA) fstrcat(ret1, "Recursion_Available "); + if (flags & NM_FLAGS_B) fstrcat(ret1, "Broadcast "); + + return ret1; +} + /**************************************************************************** do a node status query ****************************************************************************/ @@ -132,14 +152,14 @@ send out one query ****************************************************************************/ static BOOL query_one(char *lookup, unsigned int lookup_type) { - int j, count; + int j, count, flags = 0; struct in_addr *ip_list=NULL; if (got_bcast) { d_printf("querying %s on %s\n", lookup, inet_ntoa(bcast_addr)); ip_list = name_query(ServerFD,lookup,lookup_type,use_bcast, use_bcast?True:recursion_desired, - bcast_addr,&count); + bcast_addr,&count, &flags); } else { struct in_addr *bcast; for (j=iface_count() - 1; @@ -151,12 +171,15 @@ static BOOL query_one(char *lookup, unsigned int lookup_type) ip_list = name_query(ServerFD,lookup,lookup_type, use_bcast, use_bcast?True:recursion_desired, - *bcast,&count); + *bcast,&count, &flags); } } if (!ip_list) return False; + if (give_flags) + d_printf("Flags: %s\n", query_flags(flags)); + for (j=0;j Date: Fri, 17 May 2002 14:51:55 +0000 Subject: Make --with-ldapsam 'go away'. This is now a standard, stable, feature and there is no real reason for it to depend on more than the abilty to compile the code. (This used to be commit 64aaec137e39595e6e61b55eb525615683a1393c) --- source3/utils/smbpasswd.c | 13 ------------- 1 file changed, 13 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index a96fad0cdb..70876e9ce4 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -41,9 +41,7 @@ static char *old_passwd = NULL; static char *remote_machine = NULL; static pstring configfile; -#ifdef WITH_LDAP_SAM static fstring ldap_secret; -#endif /********************************************************* Print command usage on stderr and die. @@ -71,9 +69,7 @@ static void usage(void) printf(" -i interdomain trust account\n"); printf(" -m machine trust account\n"); printf(" -n set no password\n"); -#ifdef WITH_LDAP_SAM printf(" -w ldap admin password\n"); -#endif printf(" -x delete user\n"); printf(" -R ORDER name resolve order\n"); @@ -157,14 +153,9 @@ static void process_options(int argc, char **argv, BOOL amroot) break; case 'w': if (!amroot) goto bad_args; -#ifdef WITH_LDAP_SAM local_flags |= LOCAL_SET_LDAP_ADMIN_PW; fstrcpy(ldap_secret, optarg); break; -#else - printf("-w not available unless configured --with-ldap\n"); - goto bad_args; -#endif case 'R': if (!amroot) goto bad_args; lp_set_name_resolve_order(optarg); @@ -329,7 +320,6 @@ static BOOL password_change(const char *remote_machine, char *user_name, return ret; } -#ifdef WITH_LDAP_SAM /******************************************************************* Store the LDAP admin password in secrets.tdb ******************************************************************/ @@ -343,7 +333,6 @@ static BOOL store_ldap_admin_pw (char* pw) return secrets_store_ldap_pw(lp_ldap_admin_dn(), pw); } -#endif /************************************************************* @@ -355,7 +344,6 @@ static int process_root(void) struct passwd *pwd; int result = 0; -#ifdef WITH_LDAP_SAM if (local_flags & LOCAL_SET_LDAP_ADMIN_PW) { printf("Setting stored password for \"%s\" in secrets.tdb\n", @@ -364,7 +352,6 @@ static int process_root(void) DEBUG(0,("ERROR: Failed to store the ldap admin password!\n")); goto done; } -#endif /* * Ensure both add/delete user are not set -- cgit From 58e1fe62cc955c6b8449332447a6879c6fab64e7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 18 May 2002 05:52:52 +0000 Subject: A few things in this commit: cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34) --- source3/utils/net_rpc_join.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index c4558ea10b..cc1a203ca1 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -53,7 +53,6 @@ int net_rpc_join_newstyle(int argc, const char **argv) /* libsmb variables */ struct cli_state *cli; - fstring acct_name; TALLOC_CTX *mem_ctx; uint32 acb_info; @@ -81,7 +80,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) fstring domain; uint32 num_rids, *name_types, *user_rids; uint32 flags = 0x3e8; - char *names; + const char *acct_name; /* Connect to remote machine */ @@ -132,8 +131,7 @@ int net_rpc_join_newstyle(int argc, const char **argv) "could not open domain"); /* Create domain user */ - fstrcpy(acct_name, global_myname); - fstrcat(acct_name, "$"); + acct_name = talloc_asprintf(mem_ctx, "%s$", global_myname); strlower(acct_name); acb_info = ((lp_server_role() == ROLE_DOMAIN_BDC) || lp_server_role() == ROLE_DOMAIN_PDC) ? ACB_SVRTRUST : ACB_WSTRUST; @@ -162,11 +160,9 @@ int net_rpc_join_newstyle(int argc, const char **argv) if (NT_STATUS_IS_OK(result)) cli_samr_close(cli, mem_ctx, &user_pol); - names = (char *)&acct_name[0]; - CHECK_RPC_ERR_DEBUG(cli_samr_lookup_names(cli, mem_ctx, &domain_pol, flags, - 1, &names, &num_rids, + 1, &acct_name, &num_rids, &user_rids, &name_types), ("error looking up rid for user %s: %s\n", acct_name, nt_errstr(result))); -- cgit From 53ec535766ead3b764e2bbc722d4eca90ca52fc8 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 18 May 2002 08:57:25 +0000 Subject: Make smbpasswd at least slightly sane. This kills off some of the silly global variables, and makes it come closer to a clean compile. I'm still not convinced what was wrong with the previous code, at least it didn't cause a gush of warnings... In any case, we now don't need to spegetti code gotos etc. This should really be redone with popt. Andrew Bartlett (This used to be commit d9330f10447f199a5a73803579ce3b1253f4d02c) --- source3/utils/smbpasswd.c | 86 +++++++++++++++++++++++------------------------ 1 file changed, 43 insertions(+), 43 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 70876e9ce4..5d219b6907 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -30,16 +30,11 @@ extern char *optarg; extern int optind; /* forced running in root-mode */ -static BOOL local_mode; static BOOL got_pass = False, got_username = False; -static int local_flags = 0; static BOOL stdin_passwd_get = False; static fstring user_name, user_password; -static char *new_domain = NULL; static char *new_passwd = NULL; -static char *old_passwd = NULL; static char *remote_machine = NULL; -static pstring configfile; static fstring ldap_secret; @@ -84,62 +79,55 @@ static void set_line_buffering(FILE *f) /******************************************************************* Process command line options ******************************************************************/ -static void process_options(int argc, char **argv, BOOL amroot) +static int process_options(int argc, char **argv, int local_flags) { int ch; + pstring configfile; + pstrcpy(configfile, dyn_CONFIGFILE); - if (amroot) - local_flags = LOCAL_SET_PASSWORD; + local_flags |= LOCAL_SET_PASSWORD; ZERO_STRUCT(user_name); ZERO_STRUCT(user_password); user_name[0] = '\0'; - while ((ch = getopt(argc, argv, "c:axdehmnj:r:sw:R:D:U:L")) != EOF) { + while ((ch = getopt(argc, argv, "c:axdehmnjr:sw:R:D:U:L")) != EOF) { switch(ch) { case 'L': - local_mode = amroot = True; - local_flags = LOCAL_SET_PASSWORD; + local_flags |= LOCAL_AM_ROOT; break; case 'c': pstrcpy(configfile,optarg); break; case 'a': - if (!amroot) goto bad_args; local_flags |= LOCAL_ADD_USER; break; case 'x': - if (!amroot) goto bad_args; local_flags |= LOCAL_DELETE_USER; local_flags &= ~LOCAL_SET_PASSWORD; break; case 'd': - if (!amroot) goto bad_args; local_flags |= LOCAL_DISABLE_USER; local_flags &= ~LOCAL_SET_PASSWORD; break; case 'e': - if (!amroot) goto bad_args; local_flags |= LOCAL_ENABLE_USER; local_flags &= ~LOCAL_SET_PASSWORD; break; case 'm': - if (!amroot) goto bad_args; local_flags |= LOCAL_TRUST_ACCOUNT; break; case 'i': - if (!amroot) goto bad_args; local_flags |= LOCAL_INTERDOM_ACCOUNT; break; case 'j': - if (!amroot) goto bad_args; d_printf("See 'net rpc join' for this functionality\n"); exit(1); break; case 'n': - if (!amroot) goto bad_args; local_flags |= LOCAL_SET_NO_PASSWORD; + local_flags &= ~LOCAL_SET_PASSWORD; new_passwd = smb_xstrdup("NO PASSWORD"); break; case 'r': @@ -152,12 +140,10 @@ static void process_options(int argc, char **argv, BOOL amroot) stdin_passwd_get = True; break; case 'w': - if (!amroot) goto bad_args; local_flags |= LOCAL_SET_LDAP_ADMIN_PW; fstrcpy(ldap_secret, optarg); break; case 'R': - if (!amroot) goto bad_args; lp_set_name_resolve_order(optarg); break; case 'D': @@ -181,7 +167,6 @@ static void process_options(int argc, char **argv, BOOL amroot) } case 'h': default: -bad_args: usage(); } } @@ -195,17 +180,21 @@ bad_args: fstrcpy(user_name, ""); break; case 1: - if (!amroot) { + if (!(local_flags & LOCAL_AM_ROOT)) { new_passwd = argv[0]; - break; + } else { + if (got_username) { + usage(); + } else { + fstrcpy(user_name, argv[0]); + } } - if (got_username) - usage(); - fstrcpy(user_name, argv[0]); break; case 2: - if (!amroot || got_username || got_pass) + if (!(local_flags & LOCAL_AM_ROOT) || got_username || got_pass) { usage(); + } + fstrcpy(user_name, argv[0]); new_passwd = smb_xstrdup(argv[1]); break; @@ -213,6 +202,13 @@ bad_args: usage(); } + if (!lp_load(configfile,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + dyn_CONFIGFILE); + exit(1); + } + + return local_flags; } /************************************************************* @@ -339,10 +335,11 @@ static BOOL store_ldap_admin_pw (char* pw) Handle password changing for root. *************************************************************/ -static int process_root(void) +static int process_root(int local_flags) { struct passwd *pwd; int result = 0; + char *old_passwd = NULL; if (local_flags & LOCAL_SET_LDAP_ADMIN_PW) { @@ -495,10 +492,16 @@ static int process_root(void) Handle password changing for non-root. *************************************************************/ -static int process_nonroot(void) +static int process_nonroot(int local_flags) { struct passwd *pwd = NULL; int result = 0; + char *old_passwd = NULL; + + if (local_flags & ~(LOCAL_AM_ROOT | LOCAL_SET_PASSWORD)) { + /* Extra flags that we can't honor non-root */ + usage(); + } if (!user_name[0]) { pwd = sys_getpwuid(getuid()); @@ -557,25 +560,22 @@ static int process_nonroot(void) **********************************************************/ int main(int argc, char **argv) { - BOOL amroot = getuid() == 0; - - pstrcpy(configfile, dyn_CONFIGFILE); + int local_flags = 0; + AllowDebugChange = False; #if defined(HAVE_SET_AUTH_PARAMETERS) set_auth_parameters(argc, argv); #endif /* HAVE_SET_AUTH_PARAMETERS */ - process_options(argc, argv, amroot); + if (getuid() == 0) { + local_flags = LOCAL_AM_ROOT; + } + + local_flags = process_options(argc, argv, local_flags); setup_logging("smbpasswd", True); - if (!lp_load(configfile,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", - dyn_CONFIGFILE); - exit(1); - } - /* * Set the machine NETBIOS name if not already * set from the config file. @@ -595,10 +595,10 @@ int main(int argc, char **argv) exit(1); } - if (local_mode || amroot) { + if (local_flags & LOCAL_AM_ROOT) { secrets_init(); - return process_root(); + return process_root(local_flags); } - return process_nonroot(); + return process_nonroot(local_flags); } -- cgit From 2a02a76913a91c9882868b73c72ba2e8d2be764d Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sat, 18 May 2002 15:09:21 +0000 Subject: so here it is the code to introduce seriously debugggging classes. this is a first step only passdb stuff has beein "classized". - so what can you do? set debug level to: 1 poasdb:10 that will make all the code run at debug level 1 except the code in passdb/* files that will run at level 10 TODO: fix the man page - also smbcontrol has this nice feature so smbcontrol smbd debug 3 passdb:5 will set every smbd to have a default log level of 3 while passdb stuff will be at level 5 and so no.. minor cosmetic fix to pdbedit is there too (This used to be commit be5c3b3f5781ddc002ffcc98df04ab024dcef4ca) --- source3/utils/pdbedit.c | 3 ++- source3/utils/smbcontrol.c | 46 +++++++++++++++++++++++++++++++--------------- 2 files changed, 33 insertions(+), 16 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 6b4cd606d0..9a84af027d 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -76,7 +76,8 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst if (!sam_pwent) return -1; if (verbosity) { - printf ("Unix/NT username: %s/%s\n", pdb_get_username(sam_pwent),pdb_get_nt_username(sam_pwent)); + printf ("Unix username: %s\n", pdb_get_username(sam_pwent)); + printf ("NT username: %s\n", pdb_get_nt_username(sam_pwent)); if (IS_SAM_UNIX_USER(sam_pwent)) { uid = pdb_get_uid(sam_pwent); gid = pdb_get_gid(sam_pwent); diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index d680fa4489..5cb4e4febb 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -3,6 +3,7 @@ program to send control messages to Samba processes Copyright (C) Andrew Tridgell 1994-1998 Copyright (C) 2001, 2002 by Martin Pool + Copyright (C) Simo Sorce 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -106,16 +107,14 @@ Prints out the current Debug level returned by MSG_DEBUGLEVEL void debuglevel_function(int msg_type, pid_t src, void *buf, size_t len) { int i; - int debuglevel_class[DBGC_LAST]; - - memcpy(debuglevel_class, buf, len); - - printf("Current debug level of PID %u is %d ",(unsigned int)src, debuglevel_class[0]); - for (i=1;i:level\n"); + /* first pass retrieve total lenght */ + for (p = params; p && *p ; p++) + dim += (strnlen(*p, 1024) +1); /* lenght + space */ + b = buf = malloc(dim); + if (!buf) { + fprintf(stderr, "Out of memory!"); return(False); - } else - send_message(dest, MSG_DEBUG, &dm, sizeof(dm), False); + } + /* now build a single string with all parameters */ + for(p = params; p && *p; p++) { + int l = strnlen(*p, 1024); + strncpy(b, *p, l); + b[l] = ' '; + b = b + l + 1; + } + b[-1] = '\0'; + + send_message(dest, MSG_DEBUG, buf, dim, False); + + free(buf); + break; } -- cgit From 80b22f643394b2362be2a5a0a3a8b192c133a88f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 19 May 2002 02:28:14 +0000 Subject: Keep the compiler happy (This used to be commit 84ea2a434b510ed49838a04a4b30bd2fc9ec5673) --- source3/utils/smbcontrol.c | 1 - 1 file changed, 1 deletion(-) (limited to 'source3/utils') diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index 5cb4e4febb..1a8b1a6ada 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -106,7 +106,6 @@ Prints out the current Debug level returned by MSG_DEBUGLEVEL ****************************************************************************/ void debuglevel_function(int msg_type, pid_t src, void *buf, size_t len) { - int i; char *levels = (char *)buf; pstring dbgcl; -- cgit From b87eee983612c0d21b0c6f1346ba15ace797fe9e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 22 May 2002 12:44:45 +0000 Subject: Add a bit more const, and kill of (finally!) sys_getpwnam and sys_getpwuid. These might be reimplmented as simple pass-through functions, but all users really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that there are not shared static buffers. I don't beleive we actually need a getpw*() cache inside samba - if we do then I think we should look at our code design first. (some of these changes are for platforms I don't have access to, but they look sane) Andrew Bartlett (This used to be commit 9d8431b04f41dceffe4c45cc969472ee59f7282f) --- source3/utils/smbpasswd.c | 6 ++++-- source3/utils/status.c | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 5d219b6907..70bf551edb 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -367,8 +367,9 @@ static int process_root(int local_flags) load_interfaces(); } - if (!user_name[0] && (pwd = sys_getpwuid(geteuid()))) { + if (!user_name[0] && (pwd = getpwuid_alloc(geteuid()))) { fstrcpy(user_name, pwd->pw_name); + passwd_free(&pwd); } if (!user_name[0]) { @@ -504,9 +505,10 @@ static int process_nonroot(int local_flags) } if (!user_name[0]) { - pwd = sys_getpwuid(getuid()); + pwd = getpwuid_alloc(getuid()); if (pwd) { fstrcpy(user_name,pwd->pw_name); + passwd_free(&pwd); } else { fprintf(stderr, "smbpasswd: you don't exist - go away\n"); exit(1); diff --git a/source3/utils/status.c b/source3/utils/status.c index 7755ce9ab4..f230cd8466 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -61,14 +61,14 @@ static int show_brl; /* added by OH */ -static void Ucrit_addUsername(char *username) +static void Ucrit_addUsername(const char *username) { pstrcpy(Ucrit_username, username); if(strlen(Ucrit_username) > 0) Ucrit_IsActive = 1; } -static unsigned int Ucrit_checkUsername(char *username) +static unsigned int Ucrit_checkUsername(const char *username) { if ( !Ucrit_IsActive) return 1; if (strcmp(Ucrit_username,username) ==0) return 1; -- cgit From e46a6ecc697418ad7eb9aedb1610d1fbbe419029 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 23 May 2002 14:02:17 +0000 Subject: Given Jeremy's positive response, and a lack of one from tpot, I'll commit this: More code cleanup - this lot a bit more dodgy than the last: The aim is to trim pwd_cache down to size. Its overly complex, and a pain to deal with. With a header comment like this: 'obfusticaion is planned' I think it deserved to die (at least partly). This was being done to allow 'cli_establish_connection' to die - its functionality has been replaced by cli_full_connection(), which does not duplicate code everywhere for creating names etc. This also removes the little 'init' fucntions for the various pipes, becouse they were only used in one place, and even then it was dodgy. (I've reworked smbcacls not to use anonymous connections any more, as this will (should) fail with a 'restrict anonymous' PDC). This allowed me to remove cli_pipe_util.c, which was calling cli_establish_connection. tpot: I'm not sure what direction you were going with the client stuff, and you may well have been wanting the init functions. If thats the case, give me a yell and I'll reimplement them against cli_full_connection. Andrew Bartlett (This used to be commit fa67e4626bed623333c571e76e06ccd52cba5cc5) --- source3/utils/smbcacls.c | 115 ++++++++++++++++------------------------------- 1 file changed, 39 insertions(+), 76 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 017f4035b0..62ab6357b4 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -42,6 +42,9 @@ enum acl_mode {SMB_ACL_SET, SMB_ACL_DELETE, SMB_ACL_MODIFY, SMB_ACL_ADD }; enum chown_mode {REQUEST_NONE, REQUEST_CHOWN, REQUEST_CHGRP}; enum exit_values {EXIT_OK, EXIT_FAILED, EXIT_PARSE_ERROR}; +extern pstring global_myname; +extern fstring global_myworkgroup; + struct perm_value { char *perm; uint32 mask; @@ -66,24 +69,25 @@ static struct perm_value standard_values[] = { { NULL, 0 }, }; -struct cli_state lsa_cli; -POLICY_HND pol; -struct ntuser_creds creds; -BOOL got_policy_hnd; +static struct cli_state *global_hack_cli; +static POLICY_HND pol; +static BOOL got_policy_hnd; + +static struct cli_state *connect_one(char *share); /* Open cli connection and policy handle */ static BOOL cacls_open_policy_hnd(void) { - creds.pwd.null_pwd = 1; - /* Initialise cli LSA connection */ - if (!lsa_cli.initialised && - !cli_lsa_initialise(&lsa_cli, server, &creds)) { - return False; + if (!global_hack_cli) { + global_hack_cli = connect_one("IPC$"); + if (!cli_nt_session_open (global_hack_cli, PIPE_LSARPC)) { + return False; + } } - + /* Open policy handle */ if (!got_policy_hnd) { @@ -91,7 +95,7 @@ static BOOL cacls_open_policy_hnd(void) /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED, but NT sends 0x2000000 so we might as well do it too. */ - if (!NT_STATUS_IS_OK(cli_lsa_open_policy(&lsa_cli, lsa_cli.mem_ctx, True, + if (!NT_STATUS_IS_OK(cli_lsa_open_policy(global_hack_cli, global_hack_cli->mem_ctx, True, GENERIC_EXECUTE_ACCESS, &pol))) { return False; } @@ -116,7 +120,7 @@ static void SidToString(fstring str, DOM_SID *sid) /* Ask LSA to convert the sid to a name */ if (!cacls_open_policy_hnd() || - !NT_STATUS_IS_OK(cli_lsa_lookup_sids(&lsa_cli, lsa_cli.mem_ctx, + !NT_STATUS_IS_OK(cli_lsa_lookup_sids(global_hack_cli, global_hack_cli->mem_ctx, &pol, 1, sid, &domains, &names, &types)) || !domains || !domains[0] || !names || !names[0]) { @@ -143,7 +147,7 @@ static BOOL StringToSid(DOM_SID *sid, const char *str) } if (!cacls_open_policy_hnd() || - !NT_STATUS_IS_OK(cli_lsa_lookup_names(&lsa_cli, lsa_cli.mem_ctx, + !NT_STATUS_IS_OK(cli_lsa_lookup_names(global_hack_cli, global_hack_cli->mem_ctx, &pol, 1, &str, &sids, &types))) { result = False; @@ -700,80 +704,29 @@ static int cacl_set(struct cli_state *cli, char *filename, /***************************************************** return a connection to a server *******************************************************/ -struct cli_state *connect_one(char *share) +static struct cli_state *connect_one(char *share) { struct cli_state *c; - struct nmb_name called, calling; struct in_addr ip; - extern pstring global_myname; - - fstrcpy(server,share+2); - share = strchr_m(server,'\\'); - if (!share) return NULL; - *share = 0; - share++; - - zero_ip(&ip); - - make_nmb_name(&calling, global_myname, 0x0); - make_nmb_name(&called , server, 0x20); - - again: - zero_ip(&ip); - - /* have to open a new connection */ - if (!(c=cli_initialise(NULL)) || !cli_connect(c, server, &ip)) { - DEBUG(0,("Connection to %s failed\n", server)); - cli_shutdown(c); - return NULL; - } - - if (!cli_session_request(c, &calling, &called)) { - DEBUG(0,("session request to %s failed\n", called.name)); - cli_shutdown(c); - if (strcmp(called.name, "*SMBSERVER")) { - make_nmb_name(&called , "*SMBSERVER", 0x20); - goto again; - } - return NULL; - } - - DEBUG(4,(" session request ok\n")); - - if (!cli_negprot(c)) { - DEBUG(0,("protocol negotiation failed\n")); - cli_shutdown(c); - return NULL; - } - + zero_ip(&ip); + if (!got_pass) { char *pass = getpass("Password: "); if (pass) { pstrcpy(password, pass); + got_pass = True; } } - if (!cli_session_setup(c, username, - password, strlen(password), - password, strlen(password), - lp_workgroup())) { - DEBUG(0,("session setup failed: %s\n", cli_errstr(c))); - cli_shutdown(c); - return NULL; - } - - DEBUG(4,(" session setup ok\n")); - - if (!cli_send_tconX(c, share, "?????", - password, strlen(password)+1)) { - DEBUG(0,("tree connect failed: %s\n", cli_errstr(c))); - cli_shutdown(c); + if (NT_STATUS_IS_OK(cli_full_connection(&c, global_myname, server, + &ip, 0, + share, "?????", + username, global_myworkgroup, + password, strlen(password)))) { + return c; + } else { return NULL; } - - DEBUG(4,(" tconx ok\n")); - - return c; } @@ -811,12 +764,13 @@ You can string acls together with spaces, commas or newlines\n\ extern int optind; int opt; char *p; - struct cli_state *cli=NULL; enum acl_mode mode = SMB_ACL_SET; char *the_acl = NULL; enum chown_mode change_mode = REQUEST_NONE; int result; + struct cli_state *cli; + ctx=talloc_init(); setlinebuf(stdout); @@ -930,12 +884,20 @@ You can string acls together with spaces, commas or newlines\n\ /* Make connection to server */ + fstrcpy(server,share+2); + share = strchr_m(server,'\\'); + if (!share) return -1; + *share = 0; + share++; + if (!test_args) { cli = connect_one(share); if (!cli) { talloc_destroy(ctx); exit(EXIT_FAILED); } + } else { + exit(0); } all_string_sub(filename, "/", "\\", 0); @@ -960,3 +922,4 @@ You can string acls together with spaces, commas or newlines\n\ return result; } + -- cgit From bc2d07fc8a894697d0e66bb097fa708e92515695 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 23 May 2002 15:05:17 +0000 Subject: Allow initial password set on net ads user add. I need to do this on rpc and rap too. Anyone know what key I'm supposed to use to encrypt it for the rap one? (This used to be commit 033faaa8cbfe7e368c554b26e7a506098d06fa02) --- source3/utils/net_ads.c | 33 ++++++++++++++++++++++++++++++--- 1 file changed, 30 insertions(+), 3 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index df10452867..5af492bbb0 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -167,6 +167,7 @@ static int ads_user_add(int argc, const char **argv) { ADS_STRUCT *ads; ADS_STATUS status; + char *upn, *userdn; void *res=NULL; int rc = -1; @@ -189,12 +190,38 @@ static int ads_user_add(int argc, const char **argv) status = ads_add_user_acct(ads, argv[0], opt_comment); + if (!ADS_ERR_OK(status)) { + d_printf("Could not add user %s: %s\n", argv[0], + ads_errstr(status)); + goto done; + } + + /* if no password is to be set, we're done */ + if (argc == 1) { + d_printf("User %s added\n", argv[0]); + rc = 0; + goto done; + } + + /* try setting the password */ + asprintf(&upn, "%s@%s", argv[0], ads->realm); + status = krb5_set_password(ads->kdc_server, upn, argv[1]); + safe_free(upn); if (ADS_ERR_OK(status)) { d_printf("User %s added\n", argv[0]); rc = 0; - } else { - d_printf("Could not add user %s: %s\n", argv[0], - ads_errstr(status)); + goto done; + } + + /* password didn't set, delete account */ + d_printf("Could not add user %s. Error setting password %s\n", + argv[0], ads_errstr(status)); + ads_msgfree(ads, res); + status=ads_find_user_acct(ads, &res, argv[0]); + if (ADS_ERR_OK(status)) { + userdn = ads_get_dn(ads, res); + ads_del_dn(ads, userdn); + ads_memfree(ads, userdn); } done: -- cgit From 9c3d5d6fd0dd9e2e62a33d0822a72d5209fe3ffb Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 24 May 2002 05:14:16 +0000 Subject: Remove the password length paramater from cli_full_connection - it really didn't make any sense, and its was always just strlen(password) anyway. This fixes it to be strlen(password)+1 Andrew Bartlett (This used to be commit c205b18bd6b9b69200ff3db55f2c641631d4ab40) --- source3/utils/net.c | 4 ++-- source3/utils/smbcacls.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net.c b/source3/utils/net.c index 0450d9519d..fc5c6b90d5 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -119,7 +119,7 @@ NTSTATUS connect_to_ipc(struct cli_state **c, struct in_addr *server_ip, server_ip, opt_port, "IPC$", "IPC", opt_user_name, opt_workgroup, - opt_password, strlen(opt_password)); + opt_password); if (NT_STATUS_IS_OK(nt_status)) { return nt_status; @@ -149,7 +149,7 @@ NTSTATUS connect_to_ipc_anonymous(struct cli_state **c, server_ip, opt_port, "IPC$", "IPC", "", "", - "", 0); + ""); if (NT_STATUS_IS_OK(nt_status)) { return nt_status; diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c index 62ab6357b4..7d0dd579fb 100644 --- a/source3/utils/smbcacls.c +++ b/source3/utils/smbcacls.c @@ -722,7 +722,7 @@ static struct cli_state *connect_one(char *share) &ip, 0, share, "?????", username, global_myworkgroup, - password, strlen(password)))) { + password))) { return c; } else { return NULL; -- cgit From 98d5699d28c687f8af5671c9a29aa55dd5a01bfd Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 24 May 2002 09:57:48 +0000 Subject: Some of the updates from ctrlsoft's 'Various' patch: - convert net to popt - convert status to popt - adapt examples/pdb/ to multiple passdb system - add dynamic debug class example to examples/pdb/ and some reformatting to better match the samba coding style. Andrew Bartlett (This used to be commit 2498bc69d4e5c38ec385f640489daa94c508c726) --- source3/utils/net.c | 14 +++++++++----- source3/utils/pdbedit.c | 24 ++++++++++++------------ source3/utils/status.c | 8 ++++---- 3 files changed, 25 insertions(+), 21 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net.c b/source3/utils/net.c index fc5c6b90d5..b6998efdf7 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -77,6 +77,7 @@ BOOL opt_have_ip = False; struct in_addr opt_dest_ip; extern pstring global_myname; +extern BOOL AllowDebugChange; /* run a function from a function table. If not found then @@ -356,7 +357,7 @@ static struct functable net_func[] = { const char ** argv_new; poptContext pc; static char *servicesf = dyn_CONFIGFILE; - static int debuglevel = 0; + static char *debuglevel = NULL; struct poptOption long_options[] = { {"help", 'h', POPT_ARG_NONE, 0, 'h'}, @@ -367,8 +368,8 @@ static struct functable net_func[] = { {"port", 'p', POPT_ARG_INT, &opt_port}, {"myname", 'n', POPT_ARG_STRING, &opt_requester_name}, {"conf", 's', POPT_ARG_STRING, &servicesf}, - {"debug", 'd', POPT_ARG_INT, &debuglevel}, - {"debuglevel", 'd', POPT_ARG_INT, &debuglevel}, + {"debug", 'd', POPT_ARG_STRING, &debuglevel}, + {"debuglevel", 'd', POPT_ARG_STRING, &debuglevel}, {"server", 'S', POPT_ARG_STRING, &opt_host}, {"comment", 'C', POPT_ARG_STRING, &opt_comment}, {"maxusers", 'M', POPT_ARG_INT, &opt_maxusers}, @@ -416,9 +417,12 @@ static struct functable net_func[] = { } } - lp_load(servicesf,True,False,False); + if (debuglevel) { + debug_parse_levels(debuglevel); + AllowDebugChange = False; + } - DEBUGLEVEL = debuglevel; + lp_load(servicesf,True,False,False); argv_new = (const char **)poptGetArgs(pc); diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c index 9a84af027d..51254667c9 100644 --- a/source3/utils/pdbedit.c +++ b/source3/utils/pdbedit.c @@ -34,24 +34,24 @@ int export_database (struct pdb_context *in, char *db){ struct pdb_context *context; SAM_ACCOUNT *user = NULL; - if(!NT_STATUS_IS_OK(make_pdb_context_name(&context, db))){ + if (!NT_STATUS_IS_OK(make_pdb_context_name(&context, db))){ fprintf(stderr, "Can't initialize %s.\n", db); return 1; } - if(!in->pdb_setsampwent(in, 0)){ + if (!in->pdb_setsampwent(in, 0)){ fprintf(stderr, "Can't sampwent!\n"); return 1; } - if(!NT_STATUS_IS_OK(pdb_init_sam(&user))){ + if (!NT_STATUS_IS_OK(pdb_init_sam(&user))){ fprintf(stderr, "Can't initialize new SAM_ACCOUNT!\n"); return 1; } - while(in->pdb_getsampwent(in,user)){ + while (in->pdb_getsampwent(in,user)){ context->pdb_add_sam_account(context,user); - if(!NT_STATUS_IS_OK(pdb_reset_sam(user))){ + if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){ fprintf(stderr, "Can't reset SAM_ACCOUNT!\n"); return 1; } @@ -411,7 +411,7 @@ int main (int argc, char **argv) static char *logon_script = NULL; static char *profile_path = NULL; static char *config_file = dyn_CONFIGFILE; - static int new_debuglevel = -1; + static char *new_debuglevel = NULL; struct pdb_context *in; poptContext pc; @@ -431,22 +431,21 @@ int main (int argc, char **argv) {"delete", 'x',POPT_ARG_VAL,&delete_user,1,"delete user",NULL}, {"import", 'i',POPT_ARG_STRING,&backend_in,0,"use different passdb backend",NULL}, {"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL}, - {"debuglevel",'D', POPT_ARG_INT, &new_debuglevel,0,"set debuglevel",NULL}, + {"debuglevel",'D', POPT_ARG_STRING, &new_debuglevel,0,"set debuglevel",NULL}, {"configfile",'c',POPT_ARG_STRING, &config_file,0,"use different configuration file",NULL}, {0,0,0,0} }; - DEBUGLEVEL = 1; setup_logging("pdbedit", True); - AllowDebugChange = False; pc = poptGetContext(NULL, argc, (const char **) argv, long_options, POPT_CONTEXT_KEEP_FIRST); while((opt = poptGetNextOpt(pc)) != -1); - if (new_debuglevel != -1) { - DEBUGLEVEL = new_debuglevel; + if (new_debuglevel){ + debug_parse_levels(new_debuglevel); + AllowDebugChange = False; } if (!lp_load(config_file,True,False,False)) { @@ -455,6 +454,7 @@ int main (int argc, char **argv) exit(1); } + if (!backend_in) { backend_in = lp_passdb_backend(); } @@ -467,7 +467,7 @@ int main (int argc, char **argv) } - if(!NT_STATUS_IS_OK(make_pdb_context_name(&in, backend_in))){ + if (!NT_STATUS_IS_OK(make_pdb_context_name(&in, backend_in))){ fprintf(stderr, "Can't initialize %s.\n", backend_in); return 1; } diff --git a/source3/utils/status.c b/source3/utils/status.c index f230cd8466..b1e8bb9d8e 100644 --- a/source3/utils/status.c +++ b/source3/utils/status.c @@ -546,7 +546,7 @@ static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, vo { int c; static int profile_only = 0; - static int new_debuglevel = -1; + static char *new_debuglevel = NULL; TDB_CONTEXT *tdb; poptContext pc; struct poptOption long_options[] = { @@ -559,7 +559,7 @@ static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, vo {"brief", 'b', POPT_ARG_NONE, &brief}, {"profile", 'P', POPT_ARG_NONE, &profile_only}, {"byterange", 'B', POPT_ARG_NONE, &show_brl}, - {"debug", 'd', POPT_ARG_INT, &new_debuglevel}, + {"debug", 'd', POPT_ARG_STRING, &new_debuglevel}, { 0, 0, 0, 0} }; @@ -597,8 +597,8 @@ static int traverse_sessionid(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, vo return (-1); } - if (new_debuglevel != -1) { - DEBUGLEVEL = new_debuglevel; + if (new_debuglevel) { + debug_parse_levels(new_debuglevel); } if (verbose) { -- cgit From 1b9c519dc964791273186cced8d17fd9c7793ce9 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Fri, 31 May 2002 17:03:48 +0000 Subject: Enable net rpc share and net rpc file commands (list subcommands only), and autoselect for this subcommand when appropriate. (This used to be commit 77418256d3162b41a672a25f7e512999f1193926) --- source3/utils/net.c | 26 ++++-- source3/utils/net.h | 3 + source3/utils/net_help.c | 56 ++++++++++--- source3/utils/net_rap.c | 39 ++------- source3/utils/net_rpc.c | 200 ++++++++++++++++++++++++++++++++++++++++++++++- 5 files changed, 271 insertions(+), 53 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net.c b/source3/utils/net.c index b6998efdf7..e132b8d6e3 100644 --- a/source3/utils/net.c +++ b/source3/utils/net.c @@ -297,10 +297,8 @@ static int net_group(int argc, const char **argv) if (net_ads_check() == 0) return net_ads_group(argc, argv); - - /* if server is not specified, default to PDC? */ - /* not implemented yet if (net_rpc_check(NET_FLAGS_PDC)) - return net_rpc_group(argc, argv); */ + if (argc == 0 && net_rpc_check(NET_FLAGS_PDC)) + return net_rpc_group(argc, argv); return net_rap_group(argc, argv); } @@ -316,6 +314,22 @@ static int net_join(int argc, const char **argv) return net_rpc_join(argc, argv); } +static int net_share(int argc, const char **argv) +{ + /* only share list is implemented in RPC */ + if (argc == 0 && net_rpc_check(0)) + return net_rpc_share(argc, argv); + return net_rap_share(argc, argv); +} + +static int net_file(int argc, const char **argv) +{ + /* only file list is implemented in RPC */ + if (argc == 0 && net_rpc_check(0)) + return net_rpc_file(argc, argv); + return net_rap_file(argc, argv); +} + /* main function table */ static struct functable net_func[] = { {"RPC", net_rpc}, @@ -323,8 +337,8 @@ static struct functable net_func[] = { {"ADS", net_ads}, /* eventually these should auto-choose the transport ... */ - {"FILE", net_rap_file}, - {"SHARE", net_rap_share}, + {"FILE", net_file}, + {"SHARE", net_share}, {"SESSION", net_rap_session}, {"SERVER", net_rap_server}, {"DOMAIN", net_rap_domain}, diff --git a/source3/utils/net.h b/source3/utils/net.h index af6f153f7b..5a53740679 100644 --- a/source3/utils/net.h +++ b/source3/utils/net.h @@ -49,3 +49,6 @@ extern char *opt_host; extern char *opt_user_name; extern char *opt_password; extern BOOL opt_user_specified; + +extern const char *share_type[]; + diff --git a/source3/utils/net_help.c b/source3/utils/net_help.c index 31065a26b8..18a89a9cb7 100644 --- a/source3/utils/net_help.c +++ b/source3/utils/net_help.c @@ -63,12 +63,12 @@ static int help_usage(int argc, const char **argv) int net_help_user(int argc, const char **argv) { - d_printf("\nnet [method] user [misc. options] [targets]\n\tList users\n"); - d_printf("\nnet [method] user DELETE [misc. options] [targets]"\ + d_printf("\nnet user [misc. options] [targets]\n\tList users\n"); + d_printf("\nnet user DELETE [misc. options] [targets]"\ "\n\tDelete specified user\n"); - d_printf("\nnet [method] user INFO [misc. options] [targets]"\ + d_printf("\nnet user INFO [misc. options] [targets]"\ "\n\tList the domain groups of the specified user\n"); - d_printf("\nnet [method] user ADD [-F user flags] [misc. options]"\ + d_printf("\nnet user ADD [password] [-F user flags] [misc. options]"\ " [targets]\n\tAdd specified user\n"); net_common_methods_usage(argc, argv); @@ -80,11 +80,11 @@ int net_help_user(int argc, const char **argv) int net_help_group(int argc, const char **argv) { - d_printf("net [method] group [misc. options] [targets]"\ + d_printf("net group [misc. options] [targets]"\ "\n\tList user groups\n\n"); - d_printf("net [method] group DELETE [misc. options] [targets]"\ + d_printf("net group DELETE [misc. options] [targets]"\ "\n\tDelete specified group\n"); - d_printf("\nnet [method] group ADD [-C comment]"\ + d_printf("\nnet group ADD [-C comment]"\ " [misc. options] [targets]\n\tCreate specified group\n"); net_common_methods_usage(argc, argv); net_common_flags_usage(argc, argv); @@ -93,6 +93,38 @@ int net_help_group(int argc, const char **argv) return -1; } +int net_help_share(int argc, const char **argv) +{ + d_printf( + "\nnet share [misc. options] [targets] \n" + "\tenumerates all exported resources (network shares) " + "on target server\n" + "\nnet [rap] share ADD [misc. options] [targets]" + "\n\tAdds a share from a server (makes the export active)\n" + "\nnet [rap] share DELETE [misc. options] [targets]\n" + "\n\tDeletes a share from a server (makes the export inactive)\n"); + net_common_methods_usage(argc, argv); + net_common_flags_usage(argc, argv); + d_printf( + "\t-C or --comment=\tdescriptive comment (for add only)\n" + "\t-M or --maxusers=\t\tmax users allowed for share\n"); + return -1; +} + +int net_help_file(int argc, const char **argv) +{ + d_printf("net file [misc. options] [targets]\n"\ + "\tlists all open files on file server\n\n"); + d_printf("net [rap] file USER [misc. options] [targets]\n"\ + "\tlists all files opened by username on file server\n\n"); + d_printf("net [rap] file CLOSE [misc. options] [targets]\n"\ + "\tcloses specified file on target server\n"); + + net_common_methods_usage(argc, argv); + net_common_flags_usage(argc, argv); + return -1; +} + static int net_usage(int argc, const char **argv) { d_printf(" net time\t\tto view or set time information\n"\ @@ -101,9 +133,9 @@ static int net_usage(int argc, const char **argv) " net group\t\tto manage groups\n"\ " net join\t\tto join a domain\n"\ "\n"\ - " net ads [command]\tto run ADS commands\n"\ - " net rap [command]\tto run RAP (pre-RPC) commands\n"\ - " net rpc [command]\tto run RPC commands\n"\ + " net ads \tto run ADS commands\n"\ + " net rap \tto run RAP (pre-RPC) commands\n"\ + " net rpc \tto run RPC commands\n"\ "\n"\ "Type \"net help