From 8d5f8f577f2e906cd80a6a11b76114922182cb99 Mon Sep 17 00:00:00 2001 From: Wilco Baan Hofman Date: Tue, 6 Apr 2010 20:15:38 +0200 Subject: Created net gpo and new libgpo for samba 4. This adds the init function which finds a DC and connects to its LDAP. It also can return information on all group policy objects on a DC. Aborted earlier attempt at reconciliation with samba 3. Did not work out due to lack of ldb support in samba 3, also the different registry libraries and different libnet did not help.. Signed-off-by: Jelmer Vernooij --- source4/utils/net/config.mk | 4 ++- source4/utils/net/net.c | 1 + source4/utils/net/net_gpo.c | 85 +++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 89 insertions(+), 1 deletion(-) create mode 100644 source4/utils/net/net_gpo.c (limited to 'source4/utils/net') diff --git a/source4/utils/net/config.mk b/source4/utils/net/config.mk index 56d2d8a08f..5549d5d7e4 100644 --- a/source4/utils/net/config.mk +++ b/source4/utils/net/config.mk @@ -33,6 +33,7 @@ PRIVATE_DEPENDENCIES = \ LIBPOPT \ POPT_SAMBA \ POPT_CREDENTIALS \ + LIBGPO \ net_drs # End BINARY net ################################# @@ -41,7 +42,8 @@ net_OBJ_FILES = $(addprefix $(utilssrcdir)/net/, \ net.o \ net_password.o \ net_join.o \ - net_vampire.o) + net_vampire.o \ + net_gpo.o) $(eval $(call proto_header_template,$(utilssrcdir)/net/net_proto.h,$(net_OBJ_FILES:.o=.c))) diff --git a/source4/utils/net/net.c b/source4/utils/net/net.c index a534957f5b..55dcca0931 100644 --- a/source4/utils/net/net.c +++ b/source4/utils/net/net.c @@ -201,6 +201,7 @@ static const struct net_functable net_functable[] = { {"samdump", "dump the sam of a domain\n", net_samdump, net_samdump_usage}, {"samsync", "synchronise into the local ldb the sam of an NT4 domain\n", net_samsync_ldb, net_samsync_ldb_usage}, {"drs", "Implements functionality offered by repadmin.exe utility in Windows\n", net_drs, net_drs_usage}, + {"gpo", "Administer group policies\n", net_gpo, net_gpo_usage}, {NULL, NULL, NULL, NULL} }; diff --git a/source4/utils/net/net_gpo.c b/source4/utils/net/net_gpo.c new file mode 100644 index 0000000000..25dfaa315c --- /dev/null +++ b/source4/utils/net/net_gpo.c @@ -0,0 +1,85 @@ +/* + Samba Unix/Linux SMB client library + net ads commands for Group Policy + + Copyright (C) 2005-2008 Guenther Deschner + Copyright (C) 2009 Wilco Baan Hofman + + Based on Guenther's work in net_ads_gpo.h (samba 3) + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#include "includes.h" +#include "utils/net/net.h" +#include "libgpo/gpo.h" + +static int net_gpo_list_all(struct net_context *c, int argc, const char **argv) +{ + struct gp_context *gp_ctx; + struct gp_object **gpo; + unsigned int i; + NTSTATUS rv; + + rv = gp_init(c, c->lp_ctx, c->credentials, c->event_ctx, &gp_ctx); + if (!NT_STATUS_IS_OK(rv)) { + DEBUG(0, ("Failed to connect to DC's LDAP: %s\n", get_friendly_nt_error_msg(rv))); + return 1; + } + + rv = gp_list_all_gpos(gp_ctx, &gpo); + if (!NT_STATUS_IS_OK(rv)) { + DEBUG(0, ("Failed to list all GPO's: %s\n", get_friendly_nt_error_msg(rv))); + return 1; + } + + for (i = 0; gpo[i] != NULL; i++) { + d_printf("GPO : %s\n", gpo[i]->name); + d_printf("display name : %s\n", gpo[i]->display_name); + d_printf("path : %s\n", gpo[i]->file_sys_path); + d_printf("dn : %s\n", gpo[i]->dn); + d_printf("version : %d\n", gpo[i]->version); + d_printf("flags : %d\n", gpo[i]->flags); + d_printf("\n"); + } + talloc_free(gp_ctx); + + return 0; +} + +static const struct net_functable net_gpo_functable[] = { +/* { "apply", "Apply GPO to container\n", net_gpo_apply, net_gpo_usage }, */ +// { "getgpo", "List specificied GPO\n", net_gpo_get_gpo, net_gpo_usage }, +// { "linkadd", "Link a GPO to a container\n", net_gpo_link_add, net_gpo_usage }, +/* { "linkdelete", "Delete GPO link from a container\n", net_gpo_link_delete, net_gpo_usage }, */ +// { "linkget", "List gPLink of container\n", net_gpo_link_get, net_gpo_usage }, +// { "list", "List all GPO's for machine/user\n", net_gpo_list, net_gpo_usage }, + { "listall", "List all GPO's on a DC\n", net_gpo_list_all, net_gpo_usage }, +// { "refresh", "List all GPO's for machine/user and download them\n", net_gpo_refresh, net_gpo_refresh_usage }, + { NULL, NULL } +}; + + +int net_gpo(struct net_context *ctx, int argc, const char **argv) +{ + return net_run_function(ctx, argc, argv, net_gpo_functable, net_gpo_usage); +} + + +int net_gpo_usage(struct net_context *ctx, int argc, const char **argv) +{ + d_printf("Syntax: net gpo [options]\n"); + d_printf("For available commands please type net gpo help\n"); + return 0; +} -- cgit