sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-27 03:21:53 +03:00
Code
76de025c72
samba-mirror/source3/utils/net_rpc.c

7123 lines
177 KiB
C
Raw Normal View History

This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
/*
Samba Unix/Linux SMB client library
Distributed SMB/CIFS Server Management Utility
Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com)
Add my copyright. Guenther (This used to be commit d078a8757182d84dfd3307a2e1b751cf173aaa97)
2008-02-27 21:38:48 +03:00
Copyright (C) 2004,2008 Guenther Deschner (gd@samba.org)
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
Copyright (C) 2005 Jeremy Allison (jra@samba.org)
r18802: Use the pidl-generated code for the srvsvc interface, both client and server code. This has had some basic testing. I'll do more during the next couple of days and hopefully also make RPC-SRVSVC from Samba4 pass against it. (This used to be commit ef10672399c4b82700dc431b4d93431ffdd42d98)
2006-09-22 03:57:32 +04:00
Copyright (C) 2006 Jelmer Vernooij (jelmer@samba.org)
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-07-09 23:25:36 +04:00
the Free Software Foundation; either version 3 of the License, or
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text (This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-07-10 04:52:41 +04:00
along with this program. If not, see <http://www.gnu.org/licenses/>. */
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
#include "includes.h"
r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid of '..' from all #include preprocessor commands. This fixes bugzilla #1880 where OpenVMS gets confused about the '.' characters. (This used to be commit 7f161702fa4916979602cc0295919b541912acd6)
2004-10-07 08:01:18 +04:00
#include "utils/net.h"
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
static int net_mode_share;
More pstring elimination. Jeremy. (This used to be commit c1f70793d615df57dc7b766d67db3e9eedd0e25e)
2007-12-05 03:35:24 +03:00
static bool sync_files(struct copy_clistate *cp_clistate, const char *mask);
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* @file net_rpc.c
*
* @brief RPC based subcommands for the 'net' utility.
*
* This file should contain much of the functionality that used to
* be found in rpcclient, execpt that the commands should change
* less often, and the fucntionality should be sane (the user is not
* expected to know a rid/sid before they conduct an operation etc.)
*
* @todo Perhaps eventually these should be split out into a number
* of files, as this could get quite big.
**/
/**
* Many of the RPC functions need the domain sid. This function gets
* it at the start of every run
*
* @param cli A cli_state already connected to the remote machine
*
* @return The Domain SID of the remote machine.
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
**/
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
NTSTATUS net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx,
Apply const to rpccli_lsa_query_info_policy() and rpccli_lsa_query_info_policy2(). Guenther (This used to be commit 7a3fe68bef7acde9d9f8a7a44ce7e9432f3c5a95)
2008-01-15 18:40:02 +03:00
DOM_SID **domain_sid,
const char **domain_name)
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
{
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *lsa_pipe;
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
POLICY_HND pol;
NTSTATUS result = NT_STATUS_OK;
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation *info = NULL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
lsa_pipe = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &result);
if (!lsa_pipe) {
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
d_fprintf(stderr, "Could not initialise lsa pipe\n");
return result;
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, False,
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
SEC_RIGHTS_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result)) {
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
d_fprintf(stderr, "open_policy failed: %s\n",
nt_errstr(result));
return result;
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
}
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
result = rpccli_lsa_QueryInfoPolicy(lsa_pipe, mem_ctx,
&pol,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
&info);
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
if (!NT_STATUS_IS_OK(result)) {
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
d_fprintf(stderr, "lsaquery failed: %s\n",
nt_errstr(result));
return result;
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
}
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
*domain_name = info->account_domain.name.string;
*domain_sid = info->account_domain.sid;
r18747: replace rpccli_lsa_close() with rpccli_lsa_Close() (This used to be commit 50d74ce0488a9bd0980cdc6d523a210f6238ef74)
2006-09-21 02:49:02 +04:00
rpccli_lsa_Close(lsa_pipe, mem_ctx, &pol);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
cli_rpc_pipe_close(lsa_pipe);
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
return NT_STATUS_OK;
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* Run a single RPC command, from start to finish.
*
* @param pipe_name the pipe to connect to (usually a PIPE_ constant)
* @param conn_flag a NET_FLAG_ combination. Passed to
* net_make_ipc_connection.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
* @return A shell status integer (0 for success)
*/
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
int run_rpc_command(struct cli_state *cli_arg,
const int pipe_idx,
int conn_flags,
rpc_command_fn fn,
int argc,
const char **argv)
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
{
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
struct cli_state *cli = NULL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *pipe_hnd = NULL;
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
TALLOC_CTX *mem_ctx;
NTSTATUS nt_status;
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
DOM_SID *domain_sid;
Apply const to rpccli_lsa_query_info_policy() and rpccli_lsa_query_info_policy2(). Guenther (This used to be commit 7a3fe68bef7acde9d9f8a7a44ce7e9432f3c5a95)
2008-01-15 18:40:02 +03:00
const char *domain_name;
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* make use of cli_state handed over as an argument, if possible */
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!cli_arg) {
r25197: Change net_make_ipc_connection() and net_make_ipc_connection_ex() to return NTSTATUS to allow for better error propagation. Michael (This used to be commit 46093004a788dae83a4ddb888ca5d72f555c236c)
2007-09-17 19:11:20 +04:00
nt_status = net_make_ipc_connection(conn_flags, &cli);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("failed to make ipc connection: %s\n",
nt_errstr(nt_status)));
return -1;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
} else {
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
cli = cli_arg;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
if (!cli) {
return -1;
}
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
/* Create mem_ctx */
Forward port the change to talloc_init() to make all talloc contexts named. Ensure we can query them. Jeremy. (This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
2002-12-20 23:21:31 +03:00
if (!(mem_ctx = talloc_init("run_rpc_command"))) {
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
DEBUG(0, ("talloc_init() failed\n"));
cli_shutdown(cli);
return -1;
}
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
nt_status = net_get_remote_domain_sid(cli, mem_ctx, &domain_sid,
&domain_name);
if (!NT_STATUS_IS_OK(nt_status)) {
cli_shutdown(cli);
return -1;
}
Fix another join problem. Don't use a TALLOC_CTX before it has been initialized. Also split out the oldstyle join into a new fn, allowing us to call it with no failure message from net rpc join, but displaying a failure message when used with net rpc oldjoin. (This used to be commit 07d6ed4343d7a2575dc974bfbc498b14784b2dc1)
2004-01-16 18:07:28 +03:00
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (lp_client_schannel() && (pipe_idx == PI_NETLOGON)) {
/* Always try and create an schannel netlogon pipe. */
pipe_hnd = cli_rpc_pipe_open_schannel(cli, pipe_idx,
PIPE_AUTH_LEVEL_PRIVACY,
domain_name,
&nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise schannel netlogon pipe. Error was %s\n",
nt_errstr(nt_status) ));
cli_shutdown(cli);
return -1;
}
} else {
pipe_hnd = cli_rpc_pipe_open_noauth(cli, pipe_idx, &nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise pipe %s. Error was %s\n",
cli_get_pipe_name(pipe_idx),
nt_errstr(nt_status) ));
cli_shutdown(cli);
return -1;
}
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
}
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_status = fn(domain_sid, domain_name, cli, pipe_hnd, mem_ctx, argc, argv);
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
if (!NT_STATUS_IS_OK(nt_status)) {
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status)));
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
} else {
DEBUG(5, ("rpc command function succedded\n"));
}
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (pipe_hnd) {
cli_rpc_pipe_close(pipe_hnd);
}
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
}
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* close the connection only if it was opened here */
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!cli_arg) {
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
cli_shutdown(cli);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
talloc_destroy(mem_ctx);
return (!NT_STATUS_IS_OK(nt_status));
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* Force a change of the trust acccount password.
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid aquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on compleation of the function.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
return trust_pw_find_change_and_store_it(pipe_hnd, mem_ctx, opt_target_workgroup);
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* Force a change of the trust acccount password.
*
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
- Change ADS CHOSTPASS -> ADS CHANGETRUSTPW - Add general CHANGETRUSTPW function that calls ADS CHANGETRUSTPW or RPC CHANGETRUSTPW (Merged from HEAD) (This used to be commit f0982e1102276453d79e438ffb90c9fa305ff98b)
2003-04-15 02:27:09 +04:00
int net_rpc_changetrustpw(int argc, const char **argv)
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
{
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
rpc_changetrustpw_internals,
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
argc, argv);
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* Join a domain, the old way.
*
* This uses 'machinename' as the inital password, and changes it.
*
Merge of bugfix for cli_lsa_query_info_policy() usage. (This used to be commit ab64a0b1e7666b6612659b5720eda451c0ab4857)
2003-04-14 08:00:15 +04:00
* The password should be created with 'server manager' or equiv first.
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid aquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on compleation of the function.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_oldjoin_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
fstring trust_passwd;
unsigned char orig_trust_passwd_hash[16];
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
NTSTATUS result;
Turn down some DEBUG()s and remove some duplicate code spotted by dfenwick. Andrew Bartlett (This used to be commit 542a8b1817d3930e03e08e16e9711cacceb6df61)
2003-05-01 06:51:49 +04:00
uint32 sec_channel_type;
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON, &result);
if (!pipe_hnd) {
DEBUG(0,("rpc_oldjoin_internals: netlogon pipe open to machine %s failed. "
"error was %s\n",
cli->desthost,
nt_errstr(result) ));
return result;
}
Turn down some DEBUG()s and remove some duplicate code spotted by dfenwick. Andrew Bartlett (This used to be commit 542a8b1817d3930e03e08e16e9711cacceb6df61)
2003-05-01 06:51:49 +04:00
/*
check what type of join - if the user want's to join as
a BDC, the server must agree that we are a BDC.
*/
if (argc >= 0) {
sec_channel_type = get_sec_channel_type(argv[0]);
} else {
sec_channel_type = get_sec_channel_type(NULL);
}
Removed global_myworkgroup, global_myname, global_myscope. Added liberal dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit f755711df8f74f9b8e8c1a2b0d07d02a931eeb89)
2002-11-13 02:20:50 +03:00
fstrcpy(trust_passwd, global_myname());
Removed strupper/strlower macros that automatically map to strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03 23:11:31 +04:00
strlower_m(trust_passwd);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/*
* Machine names can be 15 characters, but the max length on
* a password is 14. --jerry
*/
trust_passwd[14] = '\0';
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
E_md4hash(trust_passwd, orig_trust_passwd_hash);
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = trust_pw_change_and_store_it(pipe_hnd, mem_ctx, opt_target_workgroup,
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
orig_trust_passwd_hash,
Turn down some DEBUG()s and remove some duplicate code spotted by dfenwick. Andrew Bartlett (This used to be commit 542a8b1817d3930e03e08e16e9711cacceb6df61)
2003-05-01 06:51:49 +04:00
sec_channel_type);
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
if (NT_STATUS_IS_OK(result))
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
printf("Joined domain %s.\n",opt_target_workgroup);
if (!secrets_store_domain_sid(opt_target_workgroup, domain_sid)) {
DEBUG(0, ("error storing domain sid for %s\n", opt_target_workgroup));
result = NT_STATUS_UNSUCCESSFUL;
}
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
return result;
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
}
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
/**
* Join a domain, the old way.
*
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
Fix another join problem. Don't use a TALLOC_CTX before it has been initialized. Also split out the oldstyle join into a new fn, allowing us to call it with no failure message from net rpc join, but displaying a failure message when used with net rpc oldjoin. (This used to be commit 07d6ed4343d7a2575dc974bfbc498b14784b2dc1)
2004-01-16 18:07:28 +03:00
static int net_rpc_perform_oldjoin(int argc, const char **argv)
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
{
return run_rpc_command(NULL, PI_NETLOGON,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
NET_FLAGS_NO_PIPE | NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
Turn down some DEBUG()s and remove some duplicate code spotted by dfenwick. Andrew Bartlett (This used to be commit 542a8b1817d3930e03e08e16e9711cacceb6df61)
2003-05-01 06:51:49 +04:00
rpc_oldjoin_internals,
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
argc, argv);
}
Fix another join problem. Don't use a TALLOC_CTX before it has been initialized. Also split out the oldstyle join into a new fn, allowing us to call it with no failure message from net rpc join, but displaying a failure message when used with net rpc oldjoin. (This used to be commit 07d6ed4343d7a2575dc974bfbc498b14784b2dc1)
2004-01-16 18:07:28 +03:00
/**
* Join a domain, the old way. This function exists to allow
* the message to be displayed when oldjoin was explicitly
* requested, but not when it was implied by "net rpc join"
*
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int net_rpc_oldjoin(int argc, const char **argv)
{
int rc = net_rpc_perform_oldjoin(argc, argv);
if (rc) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Failed to join domain\n");
Fix another join problem. Don't use a TALLOC_CTX before it has been initialized. Also split out the oldstyle join into a new fn, allowing us to call it with no failure message from net rpc join, but displaying a failure message when used with net rpc oldjoin. (This used to be commit 07d6ed4343d7a2575dc974bfbc498b14784b2dc1)
2004-01-16 18:07:28 +03:00
}
Fix compiler warning (This used to be commit 413ed77142377351a0ed1c6cf800a14809e56e9c)
2004-01-21 17:48:02 +03:00
return rc;
Fix another join problem. Don't use a TALLOC_CTX before it has been initialized. Also split out the oldstyle join into a new fn, allowing us to call it with no failure message from net rpc join, but displaying a failure message when used with net rpc oldjoin. (This used to be commit 07d6ed4343d7a2575dc974bfbc498b14784b2dc1)
2004-01-16 18:07:28 +03:00
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* Basic usage function for 'net rpc join'
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
**/
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
static int rpc_join_usage(int argc, const char **argv)
{
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
d_printf("net rpc join -U <username>[%%password] <type>[options]\n"\
Change net rpc join several ways: \n\t1) expose \n\t2) eliminate oldstyle subcommand \n\t3) try oldstyle first, then more secure method\n to allow for autodetect between ads and rpc on net join (This used to be commit c8a4a09b5648af2f1669a5a30acdf0a088077af9)
2002-03-16 01:09:18 +03:00
"\t to join a domain with admin username & password\n"\
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
"\t\t password will be prompted if needed and none is specified\n"\
"\t <type> can be (default MEMBER)\n"\
"\t\t BDC - Join as a BDC\n"\
"\t\t PDC - Join as a PDC\n"\
"\t\t MEMBER - Join as a MEMBER server\n");
Change net rpc join several ways: \n\t1) expose \n\t2) eliminate oldstyle subcommand \n\t3) try oldstyle first, then more secure method\n to allow for autodetect between ads and rpc on net join (This used to be commit c8a4a09b5648af2f1669a5a30acdf0a088077af9)
2002-03-16 01:09:18 +03:00
net_common_flags_usage(argc, argv);
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
return -1;
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* 'net rpc join' entrypoint.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
Fix typo. Karolin (This used to be commit ae9d386bcc9d5e0987ed4d6a209830438c280974)
2008-02-08 15:48:23 +03:00
* Main 'net_rpc_join()' (where the admin username/password is used) is
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* in net_rpc_join.c
Turn down some DEBUG()s and remove some duplicate code spotted by dfenwick. Andrew Bartlett (This used to be commit 542a8b1817d3930e03e08e16e9711cacceb6df61)
2003-05-01 06:51:49 +04:00
* Try to just change the password, but if that doesn't work, use/prompt
* for a username/password.
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
**/
Change net rpc join several ways: \n\t1) expose \n\t2) eliminate oldstyle subcommand \n\t3) try oldstyle first, then more secure method\n to allow for autodetect between ads and rpc on net join (This used to be commit c8a4a09b5648af2f1669a5a30acdf0a088077af9)
2002-03-16 01:09:18 +03:00
int net_rpc_join(int argc, const char **argv)
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
{
r15194: We need to be able to join as PDC as well. Thanks to Andrew Bartlett. Guenther (This used to be commit ba81b508caa4ab21a04d142f3621e43a55e859cf)
2006-04-24 14:09:45 +04:00
if (lp_server_role() == ROLE_STANDALONE) {
d_printf("cannot join as standalone machine\n");
r15123: Don't even try to join with an inproper configuration. Guenther (This used to be commit 22b687589785051eca16a868e3475f066b647ea7)
2006-04-18 17:22:14 +04:00
return -1;
}
r15137: Refuse to join if our netbios name is longer than 15 chars. I think this is sufficient to fix bug #3659. Volker (This used to be commit 0ef5e4372c45a60d66a902a6dbca58ae98529358)
2006-04-19 19:43:48 +04:00
if (strlen(global_myname()) > 15) {
r15471: Clarify error message (This used to be commit f21adc04f745a966dbe6ef0b4ffd9729afa3fa78)
2006-05-06 17:33:14 +04:00
d_printf("Our netbios name can be at most 15 chars long, "
r16284: Start fixing up gcc4 -O6 warnings on an x86_64 box. size_t != unsigned int in a format string. Jeremy. (This used to be commit face01ef01e1a3c96eae17c56cadf01020d4cb46)
2006-06-16 05:47:02 +04:00
"\"%s\" is %u chars long\n",
global_myname(), (unsigned int)strlen(global_myname()));
r15137: Refuse to join if our netbios name is longer than 15 chars. I think this is sufficient to fix bug #3659. Volker (This used to be commit 0ef5e4372c45a60d66a902a6dbca58ae98529358)
2006-04-19 19:43:48 +04:00
return -1;
}
Fix another join problem. Don't use a TALLOC_CTX before it has been initialized. Also split out the oldstyle join into a new fn, allowing us to call it with no failure message from net rpc join, but displaying a failure message when used with net rpc oldjoin. (This used to be commit 07d6ed4343d7a2575dc974bfbc498b14784b2dc1)
2004-01-16 18:07:28 +03:00
if ((net_rpc_perform_oldjoin(argc, argv) == 0))
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
return 0;
return net_rpc_join_newstyle(argc, argv);
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/**
* display info about a rpc domain
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Merge of bugfix for cli_lsa_query_info_policy() usage. (This used to be commit ab64a0b1e7666b6612659b5720eda451c0ab4857)
2003-04-14 08:00:15 +04:00
* argc, argv which are passed through.
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
NTSTATUS rpc_info_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Use rpccli_samr_QueryDomainInfo() in net rpc. Guenther (This used to be commit 82073db9f717249ccf108b238ed64170163fc4a7)
2008-02-05 17:55:11 +03:00
union samr_DomainInfo *info = NULL;
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
fstring sid_str;
s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-16 00:47:30 +03:00
sid_to_fstring(sid_str, domain_sid);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
r15011: Fix bug # 2413. net rpc info can't reliably work anonymously anymore. Volker (This used to be commit ba41c62b8b4d0c791035d63fb59496c0f655887f)
2006-04-09 21:01:59 +04:00
d_fprintf(stderr, "Could not connect to SAM: %s\n", nt_errstr(result));
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
r15011: Fix bug # 2413. net rpc info can't reliably work anonymously anymore. Volker (This used to be commit ba41c62b8b4d0c791035d63fb59496c0f655887f)
2006-04-09 21:01:59 +04:00
d_fprintf(stderr, "Could not open domain: %s\n", nt_errstr(result));
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
goto done;
}
Use rpccli_samr_QueryDomainInfo() in net rpc. Guenther (This used to be commit 82073db9f717249ccf108b238ed64170163fc4a7)
2008-02-05 17:55:11 +03:00
result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
&domain_pol,
2,
&info);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (NT_STATUS_IS_OK(result)) {
Use rpccli_samr_QueryDomainInfo() in net rpc. Guenther (This used to be commit 82073db9f717249ccf108b238ed64170163fc4a7)
2008-02-05 17:55:11 +03:00
d_printf("Domain Name: %s\n", info->info2.domain_name.string);
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
d_printf("Domain SID: %s\n", sid_str);
Use rpccli_samr_QueryDomainInfo() in net rpc. Guenther (This used to be commit 82073db9f717249ccf108b238ed64170163fc4a7)
2008-02-05 17:55:11 +03:00
d_printf("Sequence number: %llu\n",
(unsigned long long)info->info2.sequence_num);
d_printf("Num users: %u\n", info->info2.num_users);
d_printf("Num domain groups: %u\n", info->info2.num_groups);
d_printf("Num local groups: %u\n", info->info2.num_aliases);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
done:
return result;
}
/**
* 'net rpc info' entrypoint.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
int net_rpc_info(int argc, const char **argv)
{
r15011: Fix bug # 2413. net rpc info can't reliably work anonymously anymore. Volker (This used to be commit ba41c62b8b4d0c791035d63fb59496c0f655887f)
2006-04-09 21:01:59 +04:00
return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_PDC,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_info_internals,
argc, argv);
}
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
/**
* Fetch domain SID into the local secrets.tdb
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_getsid_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
{
fstring sid_str;
s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-16 00:47:30 +03:00
sid_to_fstring(sid_str, domain_sid);
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
d_printf("Storing SID %s for Domain %s in secrets.tdb\n",
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
sid_str, domain_name);
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
if (!secrets_store_domain_sid(domain_name, domain_sid)) {
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
DEBUG(0,("Can't store domain SID\n"));
return NT_STATUS_UNSUCCESSFUL;
}
return NT_STATUS_OK;
}
/**
* 'net rpc getsid' entrypoint.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
int net_rpc_getsid(int argc, const char **argv)
{
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
rpc_getsid_internals,
argc, argv);
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/****************************************************************************/
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
/**
* Basic usage function for 'net rpc user'
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
**/
static int rpc_user_usage(int argc, const char **argv)
{
return net_help_user(argc, argv);
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* Add a new user to a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* argc, argv which are passes through.
*
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
* @param domain_sid The domain sid acquired from the remote server
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* @param cli A cli_state connected to the server.
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
* @param mem_ctx Talloc context, destoyed on completion of the function.
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* @param argc Standard main() style argc
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
* @param argv Standard main() style argv. Initial components are already
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
struct lsa_String lsa_acct_name;
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2006-02-27 13:32:45 +03:00
uint32 acb_info;
Forward ported version of Matt Geddes <musicalcarrion@gmail.com> patch for adding acct_flags to rpccli_samr_create_dom_user(). Jerry please test. Jeremy. (This used to be commit 7d94f97947b7edfcf3ec52f0125e4593d6d54c05)
2008-01-24 00:54:02 +03:00
uint32 acct_flags, user_rid;
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
uint32_t access_granted = 0;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids user_rids, name_types;
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
if (argc < 1) {
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
d_printf("User must be specified\n");
rpc_user_usage(argc, argv);
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
return NT_STATUS_OK;
}
acct_name = argv[0];
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
init_lsa_String(&lsa_acct_name, acct_name);
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Create domain user */
acb_info = ACB_NORMAL;
Trying to avoid defining new SAMR acct creation flags when we already have them with different names. Matt, Jeremy, please check. Guenther (This used to be commit d4a9e46edf7336f673c001c559af96eb0ecf9f6f)
2008-01-25 03:00:51 +03:00
acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
SEC_STD_WRITE_DAC | SEC_STD_DELETE |
SAMR_USER_ACCESS_SET_PASSWORD |
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
&domain_pol,
&lsa_acct_name,
acb_info,
acct_flags,
&user_pol,
&access_granted,
&user_rid);
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
if (argc == 2) {
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
union samr_UserInfo info;
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
uchar pwbuf[516];
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&user_rids,
&name_types);
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
user_rids.ids[0],
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
&user_pol);
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Set password on account */
encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
init_samr_user_info24(&info.info24, pwbuf, 24);
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
SamOEMhashBlob(info.info24.password.data, 516,
&cli->user_session_key);
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
24,
&info);
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "Failed to set password for user %s - %s\n",
acct_name, nt_errstr(result));
Use rpccli_samr_DeleteUser() in net and rpcclient. Guenther (This used to be commit 5bd8f7067db8479ad4beb8e49d9106e43495ecec)
2008-02-01 03:26:36 +03:00
result = rpccli_samr_DeleteUser(pipe_hnd, mem_ctx,
&user_pol);
r16344: Allow to set passwords directly when creating users via "net rpc user add" (as the documentation says, and currently onle "net ads user add" did). Fixes #3843. Guenther (This used to be commit 5d776d5fabded9b713080789aefc6058510b51f6)
2006-06-19 13:54:00 +04:00
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "Failed to delete user %s - %s\n",
acct_name, nt_errstr(result));
return result;
}
}
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
done:
nicer output from "net rpc user add" (This used to be commit a21ba95897531e7964c9e80a81cd5faa7394db77)
2002-03-15 12:23:24 +03:00
if (!NT_STATUS_IS_OK(result)) {
Improve error messages of 'net rpc user [add|delete]' commands. Karolin (This used to be commit 4260c79bf7687bd2ebcc4ca5e0a5f020a759c1fb)
2007-12-27 16:08:40 +03:00
d_fprintf(stderr, "Failed to add user '%s' with %s.\n",
acct_name, nt_errstr(result));
nicer output from "net rpc user add" (This used to be commit a21ba95897531e7964c9e80a81cd5faa7394db77)
2002-03-15 12:23:24 +03:00
} else {
Improve error messages of 'net rpc user [add|delete]' commands. Karolin (This used to be commit 4260c79bf7687bd2ebcc4ca5e0a5f020a759c1fb)
2007-12-27 16:08:40 +03:00
d_printf("Added user '%s'.\n", acct_name);
nicer output from "net rpc user add" (This used to be commit a21ba95897531e7964c9e80a81cd5faa7394db77)
2002-03-15 12:23:24 +03:00
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
return result;
}
/**
* Add a new user to a remote RPC server
*
* @param argc Standard main() style argc
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
* @param argv Standard main() style argv. Initial components are already
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* stripped
*
* @return A shell status integer (0 for success)
**/
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
static int rpc_user_add(int argc, const char **argv)
{
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_add_internals,
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
argc, argv);
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
* Delete a user from a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* @param argc Standard main() style argc
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
* @param argv Standard main() style argv. Initial components are already
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* stripped
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
*
* @return Normal NTSTATUS return.
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
**/
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
{
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
POLICY_HND connect_pol, domain_pol, user_pol;
Improve error messages of 'net rpc user [add|delete]' commands. Karolin (This used to be commit 4260c79bf7687bd2ebcc4ca5e0a5f020a759c1fb)
2007-12-27 16:08:40 +03:00
const char *acct_name;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (argc < 1) {
d_printf("User must be specified\n");
rpc_user_usage(argc, argv);
return NT_STATUS_OK;
}
Improve error messages of 'net rpc user [add|delete]' commands. Karolin (This used to be commit 4260c79bf7687bd2ebcc4ca5e0a5f020a759c1fb)
2007-12-27 16:08:40 +03:00
acct_name = argv[0];
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
/* Get sam policy and domain handles */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Get handle on user */
{
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids user_rids, name_types;
struct lsa_String lsa_acct_name;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, acct_name);
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&user_rids,
&name_types);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
user_rids.ids[0],
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
&user_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
}
/* Delete user */
Use rpccli_samr_DeleteUser() in net and rpcclient. Guenther (This used to be commit 5bd8f7067db8479ad4beb8e49d9106e43495ecec)
2008-02-01 03:26:36 +03:00
result = rpccli_samr_DeleteUser(pipe_hnd, mem_ctx,
&user_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Improve error messages of 'net rpc user [add|delete]' commands. Karolin (This used to be commit 4260c79bf7687bd2ebcc4ca5e0a5f020a759c1fb)
2007-12-27 16:08:40 +03:00
done:
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(result)) {
Improve error messages of 'net rpc user [add|delete]' commands. Karolin (This used to be commit 4260c79bf7687bd2ebcc4ca5e0a5f020a759c1fb)
2007-12-27 16:08:40 +03:00
d_fprintf(stderr, "Failed to delete user '%s' with %s.\n",
acct_name, nt_errstr(result));
} else {
d_printf("Deleted user '%s'.\n", acct_name);
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
return result;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
/**
* Rename a user on a remote RPC server
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_user_rename_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 info_level = 7;
const char *old_name, *new_name;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids user_rids, name_types;
struct lsa_String lsa_acct_name;
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
union samr_UserInfo *info = NULL;
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
if (argc != 2) {
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
d_printf("Old and new username must be specified\n");
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
rpc_user_usage(argc, argv);
return NT_STATUS_OK;
}
old_name = argv[0];
new_name = argv[1];
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, old_name);
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&user_rids,
&name_types);
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Open domain user */
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
user_rids.ids[0],
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
&user_pol);
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Query user info */
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
&user_pol,
info_level,
&info);
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
init_samr_user_info7(&info->info7, new_name);
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
/* Set new name */
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
info_level,
info);
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
done:
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Failed to rename user from %s to %s - %s\n", old_name, new_name,
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
nt_errstr(result));
} else {
d_printf("Renamed user from %s to %s\n", old_name, new_name);
}
return result;
}
/**
* Rename a user on a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_user_rename(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_rename_internals,
argc, argv);
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
/**
* Delete a user from a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_user_delete(int argc, const char **argv)
{
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_del_internals,
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
argc, argv);
}
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
/**
* Set a password for a user on a remote RPC server
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
POLICY_HND connect_pol, domain_pol, user_pol;
uchar pwbuf[516];
const char *user;
const char *new_password;
char *prompt = NULL;
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
union samr_UserInfo info;
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
if (argc < 1) {
d_printf("User must be specified\n");
rpc_user_usage(argc, argv);
return NT_STATUS_OK;
}
user = argv[0];
if (argv[1]) {
new_password = argv[1];
} else {
asprintf(&prompt, "Enter new password for %s:", user);
new_password = getpass(prompt);
SAFE_FREE(prompt);
}
/* Get sam policy and domain handles */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Get handle on user */
{
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids user_rids, name_types;
struct lsa_String lsa_acct_name;
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, user);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&user_rids,
&name_types);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
user_rids.ids[0],
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
&user_pol);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
}
/* Set password on account */
encode_pw_buffer(pwbuf, new_password, STR_UNICODE);
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
init_samr_user_info24(&info.info24, pwbuf, 24);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
SamOEMhashBlob(info.info24.password.data, 516,
&cli->user_session_key);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
24,
&info);
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Display results */
done:
return result;
}
/**
* Set a user's password on a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_user_password(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_password_internals,
argc, argv);
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
/**
* List user's groups on a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_user_info_internals(const DOM_SID *domain_sid,
const char *domain_name,
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
struct cli_state *cli,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
{
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
int i;
Use rpccli_samr_GetGroupsForUser() all over the place. Guenther (This used to be commit d1c669920e88e7fecd13101c4ddfe45354c5ecdb)
2008-02-06 18:19:20 +03:00
struct samr_RidWithAttributeArray *rid_array = NULL;
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
struct lsa_Strings names;
struct samr_Ids types;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
uint32_t *lrids = NULL;
struct samr_Ids rids, name_types;
struct lsa_String lsa_acct_name;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (argc < 1) {
d_printf("User must be specified\n");
rpc_user_usage(argc, argv);
return NT_STATUS_OK;
}
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) goto done;
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) goto done;
/* Get handle on user */
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, argv[0]);
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
&name_types);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) goto done;
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
rids.ids[0],
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
&user_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) goto done;
Use rpccli_samr_GetGroupsForUser() all over the place. Guenther (This used to be commit d1c669920e88e7fecd13101c4ddfe45354c5ecdb)
2008-02-06 18:19:20 +03:00
result = rpccli_samr_GetGroupsForUser(pipe_hnd, mem_ctx,
&user_pol,
&rid_array);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
r5318: Fix a small problem in where we ignore the response from a SamrGetGroupsForUser that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs. The printing that there are no groups the user is a member of might be overkill in that it might upset existing scripts that don't expect that output. (This used to be commit d3482e118f99002c0460291d41708fdf7708c41f)
2005-02-10 21:27:23 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
r5318: Fix a small problem in where we ignore the response from a SamrGetGroupsForUser that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs. The printing that there are no groups the user is a member of might be overkill in that it might upset existing scripts that don't expect that output. (This used to be commit d3482e118f99002c0460291d41708fdf7708c41f)
2005-02-10 21:27:23 +03:00
/* Look up rids */
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
if (rid_array->count) {
if ((lrids = TALLOC_ARRAY(mem_ctx, uint32, rid_array->count)) == NULL) {
r16360: Fix Klocwork ID 136 520 521 522 523 542 574 575 576 607 in net_rpc.c: 715 716 732 734 735 736 737 738 739 749 in net_rpc_audit.c: 754 755 756 in net_rpc_join.c: 757 in net_rpc_registry: 766 767 in net_rpc_samsync.c: 771 773 in net_sam.c: 797 798 Volker (This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
2006-06-19 23:07:39 +04:00
result = NT_STATUS_NO_MEMORY;
goto done;
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
for (i = 0; i < rid_array->count; i++)
lrids[i] = rid_array->rids[i].rid;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
result = rpccli_samr_LookupRids(pipe_hnd, mem_ctx,
&domain_pol,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
rid_array->count,
lrids,
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
&names,
&types);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
r5318: Fix a small problem in where we ignore the response from a SamrGetGroupsForUser that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs. The printing that there are no groups the user is a member of might be overkill in that it might upset existing scripts that don't expect that output. (This used to be commit d3482e118f99002c0460291d41708fdf7708c41f)
2005-02-10 21:27:23 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
r5318: Fix a small problem in where we ignore the response from a SamrGetGroupsForUser that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs. The printing that there are no groups the user is a member of might be overkill in that it might upset existing scripts that don't expect that output. (This used to be commit d3482e118f99002c0460291d41708fdf7708c41f)
2005-02-10 21:27:23 +03:00
/* Display results */
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
for (i = 0; i < names.count; i++)
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
printf("%s\n", names.names[i].string);
r5318: Fix a small problem in where we ignore the response from a SamrGetGroupsForUser that says the user is in 0 groups, and we issue an RPC to LookupIds for 0 RIDs. The printing that there are no groups the user is a member of might be overkill in that it might upset existing scripts that don't expect that output. (This used to be commit d3482e118f99002c0460291d41708fdf7708c41f)
2005-02-10 21:27:23 +03:00
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
done:
return result;
}
/**
* List a user's groups from a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_user_info(int argc, const char **argv)
{
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_info_internals,
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
argc, argv);
}
/**
* List users on a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_user_list_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Merge tpot's changes to request the correct sizes for user dispinfo from HEAD. I had to do this for him as he was *so* tired, the poor chap, plus he has this bad leg, plus the dog ate his homework etc. etc. Jeremy. (This used to be commit 1e752b48a12cdcf2cb6343705be83f304e5ee2b6)
2003-01-29 23:15:35 +03:00
uint32 start_idx=0, num_entries, i, loop_count = 0;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Query domain users */
if (opt_long_list_entries)
d_printf("\nUser name Comment"\
"\n-----------------------------\n");
do {
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
const char *user = NULL;
const char *desc = NULL;
Merge tpot's changes to request the correct sizes for user dispinfo from HEAD. I had to do this for him as he was *so* tired, the poor chap, plus he has this bad leg, plus the dog ate his homework etc. etc. Jeremy. (This used to be commit 1e752b48a12cdcf2cb6343705be83f304e5ee2b6)
2003-01-29 23:15:35 +03:00
uint32 max_entries, max_size;
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
uint32_t total_size, returned_size;
union samr_DispInfo info;
Merge tpot's changes to request the correct sizes for user dispinfo from HEAD. I had to do this for him as he was *so* tired, the poor chap, plus he has this bad leg, plus the dog ate his homework etc. etc. Jeremy. (This used to be commit 1e752b48a12cdcf2cb6343705be83f304e5ee2b6)
2003-01-29 23:15:35 +03:00
get_query_dispinfo_params(
loop_count, &max_entries, &max_size);
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
result = rpccli_samr_QueryDisplayInfo(pipe_hnd, mem_ctx,
&domain_pol,
1,
start_idx,
max_entries,
max_size,
&total_size,
&returned_size,
&info);
Merge tpot's changes to request the correct sizes for user dispinfo from HEAD. I had to do this for him as he was *so* tired, the poor chap, plus he has this bad leg, plus the dog ate his homework etc. etc. Jeremy. (This used to be commit 1e752b48a12cdcf2cb6343705be83f304e5ee2b6)
2003-01-29 23:15:35 +03:00
loop_count++;
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
start_idx += info.info1.count;
num_entries = info.info1.count;
Merge tpot's changes to request the correct sizes for user dispinfo from HEAD. I had to do this for him as he was *so* tired, the poor chap, plus he has this bad leg, plus the dog ate his homework etc. etc. Jeremy. (This used to be commit 1e752b48a12cdcf2cb6343705be83f304e5ee2b6)
2003-01-29 23:15:35 +03:00
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
for (i = 0; i < num_entries; i++) {
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
user = info.info1.entries[i].account_name.string;
if (opt_long_list_entries)
desc = info.info1.entries[i].description.string;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
if (opt_long_list_entries)
Allow net rpc user -l to list longer than 50 characters in a user comment. Net.exe on windows won't allow more than 50 characters to be entered, but through AD you can have much more than this. (This used to be commit ca2886c9385361ea401e3e0b47c26cb39adcadbc)
2003-04-29 19:09:54 +04:00
printf("%-21.21s %s\n", user, desc);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
else
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
printf("%s\n", user);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
}
Fix the spinning bug for 'net rpc user' as well - there are more errors in this world than 'status more entires'... Also move all the cases to 'NT_STATUS_EQUAL()' to test it. Andrew Bartlett (This used to be commit b4645bf0661dadcd077b21bb6f6452ed8b2eb726)
2003-05-08 02:56:02 +04:00
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
done:
return result;
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
* 'net rpc user' entrypoint.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
**/
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
int net_rpc_user(int argc, const char **argv)
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
{
struct functable func[] = {
{"add", rpc_user_add},
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
{"info", rpc_user_info},
{"delete", rpc_user_delete},
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
{"password", rpc_user_password},
r4868: Add "net rpc user RENAME"-command. Note that Samba3 does not yet support it server-side. Guenther (This used to be commit b2c8220931733593fd312fc25b6c73f440b4567a)
2005-01-20 19:51:24 +03:00
{"rename", rpc_user_rename},
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
{NULL, NULL}
};
if (argc == 0) {
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
return run_rpc_command(NULL,PI_SAMR, 0,
rpc_user_list_internals,
argc, argv);
Add a mechinism to allow for sane porting of rpcclient components into the new 'net' command. This also gets us 'net rpc user add'. Andrew Bartlett (This used to be commit 1197689bc56f4b2ca6ffea3b2601b8f6f9f52207)
2001-12-05 03:26:36 +03:00
}
return net_run_function(argc, argv, func, rpc_user_usage);
}
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
static NTSTATUS rpc_sh_user_list(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
return rpc_user_list_internals(ctx->domain_sid, ctx->domain_name,
ctx->cli, pipe_hnd, mem_ctx,
argc, argv);
}
static NTSTATUS rpc_sh_user_info(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
return rpc_user_info_internals(ctx->domain_sid, ctx->domain_name,
ctx->cli, pipe_hnd, mem_ctx,
argc, argv);
}
static NTSTATUS rpc_sh_handle_user(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv,
NTSTATUS (*fn)(
TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
POLICY_HND *user_hnd,
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
int argc, const char **argv))
{
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
DOM_SID sid;
uint32 rid;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType type;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (argc == 0) {
d_fprintf(stderr, "usage: %s <username>\n", ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
ZERO_STRUCT(connect_pol);
ZERO_STRUCT(domain_pol);
ZERO_STRUCT(user_pol);
result = net_rpc_lookup_name(mem_ctx, pipe_hnd->cli, argv[0],
NULL, NULL, &sid, &type);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "Could not lookup %s: %s\n", argv[0],
nt_errstr(result));
goto done;
}
if (type != SID_NAME_USER) {
d_fprintf(stderr, "%s is a %s, not a user\n", argv[0],
sid_type_lookup(type));
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
if (!sid_peek_check_rid(ctx->domain_sid, &sid, &rid)) {
d_fprintf(stderr, "%s is not in our domain\n", argv[0]);
result = NT_STATUS_NO_SUCH_USER;
goto done;
}
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
ctx->domain_sid,
&domain_pol);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rid,
&user_pol);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
result = fn(mem_ctx, ctx, pipe_hnd, &user_pol, argc-1, argv+1);
done:
if (is_valid_policy_hnd(&user_pol)) {
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &user_pol);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
}
if (is_valid_policy_hnd(&domain_pol)) {
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
}
if (is_valid_policy_hnd(&connect_pol)) {
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
}
return result;
}
static NTSTATUS rpc_sh_user_show_internals(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
POLICY_HND *user_hnd,
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
int argc, const char **argv)
{
NTSTATUS result;
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
union samr_UserInfo *info = NULL;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (argc != 0) {
d_fprintf(stderr, "usage: %s show <username>\n", ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
user_hnd,
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
21,
&info);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (!NT_STATUS_IS_OK(result)) {
return result;
}
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
d_printf("user rid: %d, group rid: %d\n",
info->info21.rid,
info->info21.primary_gid);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
return result;
}
static NTSTATUS rpc_sh_user_show(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
return rpc_sh_handle_user(mem_ctx, ctx, pipe_hnd, argc, argv,
rpc_sh_user_show_internals);
}
#define FETCHSTR(name, rec) \
do { if (strequal(ctx->thiscmd, name)) { \
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
oldval = talloc_strdup(mem_ctx, info->info21.rec.string); } \
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
} while (0);
#define SETSTR(name, rec, flag) \
do { if (strequal(ctx->thiscmd, name)) { \
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
init_lsa_String(&(info->info21.rec), argv[0]); \
info->info21.fields_present |= SAMR_FIELD_##flag; } \
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
} while (0);
static NTSTATUS rpc_sh_user_str_edit_internals(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
POLICY_HND *user_hnd,
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
int argc, const char **argv)
{
NTSTATUS result;
const char *username;
const char *oldval = "";
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
union samr_UserInfo *info = NULL;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (argc > 1) {
d_fprintf(stderr, "usage: %s <username> [new value|NULL]\n",
ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
user_hnd,
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
21,
&info);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (!NT_STATUS_IS_OK(result)) {
return result;
}
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
username = talloc_strdup(mem_ctx, info->info21.account_name.string);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
FETCHSTR("fullname", full_name);
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
FETCHSTR("homedir", home_directory);
FETCHSTR("homedrive", home_drive);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
FETCHSTR("logonscript", logon_script);
FETCHSTR("profilepath", profile_path);
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
FETCHSTR("description", description);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (argc == 0) {
d_printf("%s's %s: [%s]\n", username, ctx->thiscmd, oldval);
goto done;
}
if (strcmp(argv[0], "NULL") == 0) {
argv[0] = "";
}
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
ZERO_STRUCT(info->info21);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
SETSTR("fullname", full_name, FULL_NAME);
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
SETSTR("homedir", home_directory, HOME_DIRECTORY);
SETSTR("homedrive", home_drive, HOME_DRIVE);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
SETSTR("logonscript", logon_script, LOGON_SCRIPT);
Removing unused ACCT_-flags. Guenther (This used to be commit d1e5a5a7f9dfb5756398e99cf09a4712d2b42682)
2008-02-12 02:07:41 +03:00
SETSTR("profilepath", profile_path, PROFILE_PATH);
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
SETSTR("description", description, DESCRIPTION);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
result = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
user_hnd,
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
21,
info);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
d_printf("Set %s's %s from [%s] to [%s]\n", username,
ctx->thiscmd, oldval, argv[0]);
done:
return result;
}
#define HANDLEFLG(name, rec) \
do { if (strequal(ctx->thiscmd, name)) { \
oldval = (oldflags & ACB_##rec) ? "yes" : "no"; \
if (newval) { \
newflags = oldflags | ACB_##rec; \
} else { \
newflags = oldflags & ~ACB_##rec; \
} } } while (0);
static NTSTATUS rpc_sh_user_str_edit(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
return rpc_sh_handle_user(mem_ctx, ctx, pipe_hnd, argc, argv,
rpc_sh_user_str_edit_internals);
}
static NTSTATUS rpc_sh_user_flag_edit_internals(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
POLICY_HND *user_hnd,
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
int argc, const char **argv)
{
NTSTATUS result;
const char *username;
const char *oldval = "unknown";
uint32 oldflags, newflags;
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool newval;
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
union samr_UserInfo *info = NULL;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if ((argc > 1) ||
((argc == 1) && !strequal(argv[0], "yes") &&
!strequal(argv[0], "no"))) {
d_fprintf(stderr, "usage: %s <username> [yes|no]\n",
ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
newval = strequal(argv[0], "yes");
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
user_hnd,
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
21,
&info);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (!NT_STATUS_IS_OK(result)) {
return result;
}
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
username = talloc_strdup(mem_ctx, info->info21.account_name.string);
oldflags = info->info21.acct_flags;
newflags = info->info21.acct_flags;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
HANDLEFLG("disabled", DISABLED);
HANDLEFLG("pwnotreq", PWNOTREQ);
HANDLEFLG("autolock", AUTOLOCK);
HANDLEFLG("pwnoexp", PWNOEXP);
if (argc == 0) {
d_printf("%s's %s flag: %s\n", username, ctx->thiscmd, oldval);
goto done;
}
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
ZERO_STRUCT(info->info21);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
info->info21.acct_flags = newflags;
info->info21.fields_present = SAMR_FIELD_ACCT_FLAGS;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
result = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
Remove const on policy handle in net rpc. Volker, are you ok with that? Guenther (This used to be commit f1c7fa19e43d720f0d42e6d1999130462d5979da)
2008-02-13 16:10:10 +03:00
user_hnd,
Remove all callers of rpccli_samr_setuserinfo2 and replace with rpccli_samr_SetUserInfo (see the opcode mixup in rpc_samr.h). Guenther (This used to be commit bdc49185036060ebb9c727767dce52e4b01bd8b4)
2008-02-12 02:51:51 +03:00
21,
info);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (NT_STATUS_IS_OK(result)) {
d_printf("Set %s's %s flag from [%s] to [%s]\n", username,
ctx->thiscmd, oldval, argv[0]);
}
done:
return result;
}
static NTSTATUS rpc_sh_user_flag_edit(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
return rpc_sh_handle_user(mem_ctx, ctx, pipe_hnd, argc, argv,
rpc_sh_user_flag_edit_internals);
}
struct rpc_sh_cmd *net_rpc_user_edit_cmds(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx)
{
static struct rpc_sh_cmd cmds[] = {
{ "fullname", NULL, PI_SAMR, rpc_sh_user_str_edit,
"Show/Set a user's full name" },
{ "homedir", NULL, PI_SAMR, rpc_sh_user_str_edit,
"Show/Set a user's home directory" },
{ "homedrive", NULL, PI_SAMR, rpc_sh_user_str_edit,
"Show/Set a user's home drive" },
{ "logonscript", NULL, PI_SAMR, rpc_sh_user_str_edit,
"Show/Set a user's logon script" },
{ "profilepath", NULL, PI_SAMR, rpc_sh_user_str_edit,
"Show/Set a user's profile path" },
{ "description", NULL, PI_SAMR, rpc_sh_user_str_edit,
"Show/Set a user's description" },
{ "disabled", NULL, PI_SAMR, rpc_sh_user_flag_edit,
"Show/Set whether a user is disabled" },
{ "autolock", NULL, PI_SAMR, rpc_sh_user_flag_edit,
"Show/Set whether a user locked out" },
{ "pwnotreq", NULL, PI_SAMR, rpc_sh_user_flag_edit,
"Show/Set whether a user does not need a password" },
{ "pwnoexp", NULL, PI_SAMR, rpc_sh_user_flag_edit,
"Show/Set whether a user's password does not expire" },
{ NULL, NULL, 0, NULL, NULL }
};
return cmds;
}
struct rpc_sh_cmd *net_rpc_user_cmds(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx)
{
static struct rpc_sh_cmd cmds[] = {
{ "list", NULL, PI_SAMR, rpc_sh_user_list,
"List available users" },
{ "info", NULL, PI_SAMR, rpc_sh_user_info,
"List the domain groups a user is member of" },
{ "show", NULL, PI_SAMR, rpc_sh_user_show,
"Show info about a user" },
{ "edit", net_rpc_user_edit_cmds, 0, NULL,
"Show/Modify a user's fields" },
{ NULL, NULL, 0, NULL, NULL }
};
return cmds;
r15657: Fix some Tru64 warnings (This used to be commit a85dfb9eff222142eb1f9d89beb3d156661dd047)
2006-05-17 15:14:26 +04:00
}
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
/****************************************************************************/
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/**
* Basic usage function for 'net rpc group'
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
**/
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
static int rpc_group_usage(int argc, const char **argv)
{
return net_help_group(argc, argv);
}
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
/**
* Delete group on a remote RPC server
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
static NTSTATUS rpc_group_delete_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
{
POLICY_HND connect_pol, domain_pol, group_pol, user_pol;
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool group_is_primary = False;
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
uint32_t group_rid;
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
struct samr_RidTypeArray *rids = NULL;
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
/* char **names; */
int i;
/* DOM_GID *user_gids; */
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids group_rids, name_types;
struct lsa_String lsa_acct_name;
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
union samr_UserInfo *info = NULL;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (argc < 1) {
d_printf("specify group\n");
rpc_group_usage(argc,argv);
return NT_STATUS_OK; /* ok? */
}
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
d_fprintf(stderr, "Request samr_Connect2 failed\n");
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Request open_domain failed\n");
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, argv[0]);
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&group_rids,
&name_types);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Lookup of '%s' failed\n",argv[0]);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
switch (name_types.ids[0])
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
{
case SID_NAME_DOM_GRP:
Use rpccli_samr_OpenGroup() all over the place. Guenther (This used to be commit d019fc69a986937880121c2587d3fe37f995edae)
2008-02-01 13:24:01 +03:00
result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
group_rids.ids[0],
Use rpccli_samr_OpenGroup() all over the place. Guenther (This used to be commit d019fc69a986937880121c2587d3fe37f995edae)
2008-02-01 13:24:01 +03:00
&group_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Request open_group failed");
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
group_rid = group_rids.ids[0];
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
result = rpccli_samr_QueryGroupMember(pipe_hnd, mem_ctx,
&group_pol,
&rids);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Unable to query group members of %s",argv[0]);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
if (opt_verbose) {
d_printf("Domain Group %s (rid: %d) has %d members\n",
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
argv[0],group_rid, rids->count);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
}
/* Check if group is anyone's primary group */
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
for (i = 0; i < rids->count; i++)
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
{
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
rids->rids[i],
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
&user_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
d_fprintf(stderr, "Unable to open group member %d\n",
rids->rids[i]);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
&user_pol,
21,
&info);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
d_fprintf(stderr, "Unable to lookup userinfo for group member %d\n",
rids->rids[i]);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
Use rpccli_samr_QueryUserInfo in net and winbindd. Guenther (This used to be commit a9ff6760901a489ff8877717bdd5a2218154498f)
2008-02-12 20:13:30 +03:00
if (info->info21.primary_gid == group_rid) {
if (opt_verbose) {
d_printf("Group is primary group of %s\n",
info->info21.account_name.string);
}
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
group_is_primary = True;
}
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &user_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
}
if (group_is_primary) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Unable to delete group because some "
"of it's members have it as primary group\n");
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
result = NT_STATUS_MEMBERS_PRIMARY_GROUP;
goto done;
}
/* remove all group members */
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
for (i = 0; i < rids->count; i++)
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
{
if (opt_verbose)
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
d_printf("Remove group member %d...",
rids->rids[i]);
Use rpccli_samr_DeleteGroupMember() in net. Guenther (This used to be commit 4e1496894ba286aa42ff0a49d975d54c5ee04b2d)
2008-02-04 20:13:07 +03:00
result = rpccli_samr_DeleteGroupMember(pipe_hnd, mem_ctx,
&group_pol,
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
rids->rids[i]);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (NT_STATUS_IS_OK(result)) {
if (opt_verbose)
d_printf("ok\n");
} else {
if (opt_verbose)
d_printf("failed\n");
goto done;
}
}
Use rpccli_samr_DeleteDomainGroup() in net and rpcclient. Guenther (This used to be commit 8cc094ddb5c28c7378be6c655f3311ea6abb4f64)
2008-02-01 03:17:22 +03:00
result = rpccli_samr_DeleteDomainGroup(pipe_hnd, mem_ctx,
&group_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
break;
/* removing a local group is easier... */
case SID_NAME_ALIAS:
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
group_rids.ids[0],
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
&group_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Request open_alias failed\n");
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
goto done;
}
Use rpccli_samr_DeleteDomAlias() in net and rpcclient. Guenther (This used to be commit bbed3aed5175589787cb1b233ce4e81ecc0c81fe)
2008-02-01 03:22:22 +03:00
result = rpccli_samr_DeleteDomAlias(pipe_hnd, mem_ctx,
&group_pol);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
break;
default:
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "%s is of type %s. This command is only for deleting local or global groups\n",
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
argv[0],sid_type_lookup(name_types.ids[0]));
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
result = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (NT_STATUS_IS_OK(result)) {
if (opt_verbose)
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
d_printf("Deleted %s '%s'\n",sid_type_lookup(name_types.ids[0]),argv[0]);
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
} else {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Deleting of %s failed: %s\n",argv[0],
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
get_friendly_nt_error_msg(result));
}
done:
return result;
}
static int rpc_group_delete(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SAMR, 0, rpc_group_delete_internals,
argc,argv);
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_group_add_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
{
POLICY_HND connect_pol, domain_pol, group_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Use rpccli_samr_SetGroupInfo() in net. Guenther (This used to be commit 5909e9f97179b125202c323a256add20c3db9e5f)
2008-02-06 15:06:31 +03:00
union samr_GroupInfo group_info;
Use rpccli_samr_CreateDomainGroup() in net and rpcclient. Guenther (This used to be commit 7b7b10adcaa94de3fed9b5e925eeee714ffd1c50)
2008-02-01 15:42:28 +03:00
struct lsa_String grp_name;
uint32_t rid = 0;
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
if (argc != 1) {
d_printf("Group name must be specified\n");
rpc_group_usage(argc, argv);
return NT_STATUS_OK;
}
Use rpccli_samr_CreateDomainGroup() in net and rpcclient. Guenther (This used to be commit 7b7b10adcaa94de3fed9b5e925eeee714ffd1c50)
2008-02-01 15:42:28 +03:00
init_lsa_String(&grp_name, argv[0]);
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
/* Create the group */
Use rpccli_samr_CreateDomainGroup() in net and rpcclient. Guenther (This used to be commit 7b7b10adcaa94de3fed9b5e925eeee714ffd1c50)
2008-02-01 15:42:28 +03:00
result = rpccli_samr_CreateDomainGroup(pipe_hnd, mem_ctx,
&domain_pol,
&grp_name,
MAXIMUM_ALLOWED_ACCESS,
&group_pol,
&rid);
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
if (strlen(opt_comment) == 0) goto done;
/* We've got a comment to set */
Use rpccli_samr_SetGroupInfo() in net. Guenther (This used to be commit 5909e9f97179b125202c323a256add20c3db9e5f)
2008-02-06 15:06:31 +03:00
init_lsa_String(&group_info.description, opt_comment);
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
Use rpccli_samr_SetGroupInfo() in net. Guenther (This used to be commit 5909e9f97179b125202c323a256add20c3db9e5f)
2008-02-06 15:06:31 +03:00
result = rpccli_samr_SetGroupInfo(pipe_hnd, mem_ctx,
&group_pol,
4,
&group_info);
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
done:
if (NT_STATUS_IS_OK(result))
DEBUG(5, ("add group succeeded\n"));
else
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "add group failed: %s\n", nt_errstr(result));
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
return result;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_alias_add_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
POLICY_HND connect_pol, domain_pol, alias_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Use rpccli_samr_SetAliasInfo() in net. Guenther (This used to be commit 18c52030bb44dd0e05037477cd7e1329a8390560)
2008-02-06 15:16:04 +03:00
union samr_AliasInfo alias_info;
Use rpccli_samr_CreateDomAlias() in net and rpcclient. Guenther (This used to be commit 1248ec89d2d9a400f892f828126ce4e862de642f)
2008-02-01 15:48:19 +03:00
struct lsa_String alias_name;
uint32_t rid = 0;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (argc != 1) {
r4972: Fix a warning and some debugging-outputs. Guenther (This used to be commit 1eabfa050b661168b42892c2d841c7891e59cf5f)
2005-01-25 04:19:02 +03:00
d_printf("Alias name must be specified\n");
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
rpc_group_usage(argc, argv);
return NT_STATUS_OK;
}
Use rpccli_samr_CreateDomAlias() in net and rpcclient. Guenther (This used to be commit 1248ec89d2d9a400f892f828126ce4e862de642f)
2008-02-01 15:48:19 +03:00
init_lsa_String(&alias_name, argv[0]);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
/* Create the group */
Use rpccli_samr_CreateDomAlias() in net and rpcclient. Guenther (This used to be commit 1248ec89d2d9a400f892f828126ce4e862de642f)
2008-02-01 15:48:19 +03:00
result = rpccli_samr_CreateDomAlias(pipe_hnd, mem_ctx,
&domain_pol,
&alias_name,
MAXIMUM_ALLOWED_ACCESS,
&alias_pol,
&rid);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
if (strlen(opt_comment) == 0) goto done;
/* We've got a comment to set */
Use rpccli_samr_SetAliasInfo() in net. Guenther (This used to be commit 18c52030bb44dd0e05037477cd7e1329a8390560)
2008-02-06 15:16:04 +03:00
init_lsa_String(&alias_info.description, opt_comment);
result = rpccli_samr_SetAliasInfo(pipe_hnd, mem_ctx,
&alias_pol,
3,
&alias_info);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) goto done;
done:
if (NT_STATUS_IS_OK(result))
r4972: Fix a warning and some debugging-outputs. Guenther (This used to be commit 1eabfa050b661168b42892c2d841c7891e59cf5f)
2005-01-25 04:19:02 +03:00
DEBUG(5, ("add alias succeeded\n"));
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
else
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "add alias failed: %s\n", nt_errstr(result));
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
}
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
static int rpc_group_add(int argc, const char **argv)
{
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (opt_localgroup)
return run_rpc_command(NULL, PI_SAMR, 0,
rpc_alias_add_internals,
argc, argv);
Add 'net rpc group add'. For this parse_samr.c had to be changed: The group_info4 in set_dom_group_info also has the level in the record itself. This seems not to be an align. Tested with NT4 usrmgr.exe. It can still create a domain group on a samba machine. Volker (This used to be commit 76c75bb8a7ad2a2e719dbbe997abf8aefe2fbbb4)
2004-02-24 21:00:41 +03:00
return run_rpc_command(NULL, PI_SAMR, 0,
rpc_group_add_internals,
argc, argv);
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS get_sid_from_name(struct cli_state *cli,
TALLOC_CTX *mem_ctx,
const char *name,
DOM_SID *sid,
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType *type)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
DOM_SID *sids = NULL;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType *types = NULL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *pipe_hnd;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
POLICY_HND lsa_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &result);
if (!pipe_hnd) {
goto done;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, False,
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(result)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
goto done;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &lsa_pol, 1,
r23627: Allow to pass down the lookup-level to rpccli_lsa_lookup_names(). Guenther (This used to be commit e9a7512a9f630340004913f1379452eea8a9b6ae)
2007-06-27 15:42:17 +04:00
&name, NULL, 1, &sids, &types);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (NT_STATUS_IS_OK(result)) {
sid_copy(sid, &sids[0]);
*type = types[0];
}
r18747: replace rpccli_lsa_close() with rpccli_lsa_Close() (This used to be commit 50d74ce0488a9bd0980cdc6d523a210f6238ef74)
2006-09-21 02:49:02 +04:00
rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
done:
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (pipe_hnd) {
cli_rpc_pipe_close(pipe_hnd);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
}
if (!NT_STATUS_IS_OK(result) && (StrnCaseCmp(name, "S-", 2) == 0)) {
/* Try as S-1-5-whatever */
DOM_SID tmp_sid;
if (string_to_sid(&tmp_sid, name)) {
sid_copy(sid, &tmp_sid);
*type = SID_NAME_UNKNOWN;
result = NT_STATUS_OK;
}
}
return result;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_add_groupmem(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
const DOM_SID *group_sid,
const char *member)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result;
uint32 group_rid;
POLICY_HND group_pol;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
DOM_SID sid;
sid_copy(&sid, group_sid);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!sid_split_rid(&sid, &group_rid)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(result)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
&domain_pol);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(result)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, member);
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
&rid_types);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not lookup up group member %s\n", member);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
goto done;
}
Use rpccli_samr_OpenGroup() all over the place. Guenther (This used to be commit d019fc69a986937880121c2587d3fe37f995edae)
2008-02-01 13:24:01 +03:00
result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
group_rid,
&group_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(result)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
goto done;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
Use rpccli_samr_AddGroupMember() in net. Guenther (This used to be commit e2635fa1e4785104174825c7ff063bd216060cb8)
2008-02-04 20:45:07 +03:00
result = rpccli_samr_AddGroupMember(pipe_hnd, mem_ctx,
&group_pol,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
rids.ids[0],
Use rpccli_samr_AddGroupMember() in net. Guenther (This used to be commit e2635fa1e4785104174825c7ff063bd216060cb8)
2008-02-04 20:45:07 +03:00
0x0005); /* unknown flags */
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
done:
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_add_aliasmem(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
const DOM_SID *alias_sid,
const char *member)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result;
uint32 alias_rid;
POLICY_HND alias_pol;
DOM_SID member_sid;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType member_type;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
DOM_SID sid;
sid_copy(&sid, alias_sid);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!sid_split_rid(&sid, &alias_rid)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = get_sid_from_name(pipe_hnd->cli, mem_ctx, member,
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
&member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not lookup up group member %s\n", member);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
}
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
&domain_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
alias_rid,
&alias_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(result)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
Use rpccli_samr_AddAliasMember() in net. Guenther (This used to be commit 390597c96c6ee6da249ea61eea574d434c168fbe)
2008-02-05 01:42:05 +03:00
result = rpccli_samr_AddAliasMember(pipe_hnd, mem_ctx,
&alias_pol,
&member_sid);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(result)) {
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
done:
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_group_addmem_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
DOM_SID group_sid;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType group_type;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (argc != 2) {
d_printf("Usage: 'net rpc group addmem <group> <member>\n");
return NT_STATUS_UNSUCCESSFUL;
}
if (!NT_STATUS_IS_OK(get_sid_from_name(cli, mem_ctx, argv[0],
&group_sid, &group_type))) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not lookup group name %s\n", argv[0]);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL;
}
if (group_type == SID_NAME_DOM_GRP) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
NTSTATUS result = rpc_add_groupmem(pipe_hnd, mem_ctx,
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not add %s to %s: %s\n",
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
argv[1], argv[0], nt_errstr(result));
}
net_rpc.c: Don't complain if [add|del]mem was successful. srv_samr_nt.c: Correctly report that a user is not member of an alias. Volker (This used to be commit 540f625036871e7facd094fce49d7317f65f4ffd)
2004-02-29 19:34:33 +03:00
return result;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
}
if (group_type == SID_NAME_ALIAS) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
NTSTATUS result = rpc_add_aliasmem(pipe_hnd, mem_ctx,
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not add %s to %s: %s\n",
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
argv[1], argv[0], nt_errstr(result));
}
net_rpc.c: Don't complain if [add|del]mem was successful. srv_samr_nt.c: Correctly report that a user is not member of an alias. Volker (This used to be commit 540f625036871e7facd094fce49d7317f65f4ffd)
2004-02-29 19:34:33 +03:00
return result;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
}
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Can only add members to global or local groups "
"which %s is not\n", argv[0]);
Print an informative error message if trying to add/remove members from something not a group. Volker (This used to be commit 73f26de5c0b6a6b9b78c22016986f3106bce7bfa)
2004-02-29 15:47:45 +03:00
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL;
}
static int rpc_group_addmem(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SAMR, 0,
rpc_group_addmem_internals,
argc, argv);
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_del_groupmem(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
const DOM_SID *group_sid,
const char *member)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result;
uint32 group_rid;
POLICY_HND group_pol;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
DOM_SID sid;
sid_copy(&sid, group_sid);
if (!sid_split_rid(&sid, &group_rid))
return NT_STATUS_UNSUCCESSFUL;
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result))
return result;
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
&domain_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result))
return result;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, member);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
&rid_types);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not lookup up group member %s\n", member);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
goto done;
}
Use rpccli_samr_OpenGroup() all over the place. Guenther (This used to be commit d019fc69a986937880121c2587d3fe37f995edae)
2008-02-01 13:24:01 +03:00
result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
group_rid,
&group_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result))
goto done;
Use rpccli_samr_DeleteGroupMember() in net. Guenther (This used to be commit 4e1496894ba286aa42ff0a49d975d54c5ee04b2d)
2008-02-04 20:13:07 +03:00
result = rpccli_samr_DeleteGroupMember(pipe_hnd, mem_ctx,
&group_pol,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
rids.ids[0]);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
done:
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_del_aliasmem(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
const DOM_SID *alias_sid,
const char *member)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result;
uint32 alias_rid;
POLICY_HND alias_pol;
DOM_SID member_sid;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType member_type;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
DOM_SID sid;
sid_copy(&sid, alias_sid);
if (!sid_split_rid(&sid, &alias_rid))
return NT_STATUS_UNSUCCESSFUL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = get_sid_from_name(pipe_hnd->cli, mem_ctx, member,
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
&member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not lookup up group member %s\n", member);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
}
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
&domain_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
alias_rid,
&alias_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result))
return result;
Use rpccli_samr_DeleteAliasMember() in net. Guenther (This used to be commit b04bf5c1258e4695b8544aa02c894f9941375e0c)
2008-02-05 01:28:38 +03:00
result = rpccli_samr_DeleteAliasMember(pipe_hnd, mem_ctx,
&alias_pol,
&member_sid);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (!NT_STATUS_IS_OK(result))
return result;
done:
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return result;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_group_delmem_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{
DOM_SID group_sid;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType group_type;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
if (argc != 2) {
d_printf("Usage: 'net rpc group delmem <group> <member>\n");
return NT_STATUS_UNSUCCESSFUL;
}
if (!NT_STATUS_IS_OK(get_sid_from_name(cli, mem_ctx, argv[0],
&group_sid, &group_type))) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not lookup group name %s\n", argv[0]);
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL;
}
if (group_type == SID_NAME_DOM_GRP) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
NTSTATUS result = rpc_del_groupmem(pipe_hnd, mem_ctx,
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not del %s from %s: %s\n",
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
argv[1], argv[0], nt_errstr(result));
}
net_rpc.c: Don't complain if [add|del]mem was successful. srv_samr_nt.c: Correctly report that a user is not member of an alias. Volker (This used to be commit 540f625036871e7facd094fce49d7317f65f4ffd)
2004-02-29 19:34:33 +03:00
return result;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
}
if (group_type == SID_NAME_ALIAS) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
NTSTATUS result = rpc_del_aliasmem(pipe_hnd, mem_ctx,
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Could not del %s from %s: %s\n",
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
argv[1], argv[0], nt_errstr(result));
}
net_rpc.c: Don't complain if [add|del]mem was successful. srv_samr_nt.c: Correctly report that a user is not member of an alias. Volker (This used to be commit 540f625036871e7facd094fce49d7317f65f4ffd)
2004-02-29 19:34:33 +03:00
return result;
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
}
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Can only delete members from global or local groups "
"which %s is not\n", argv[0]);
Print an informative error message if trying to add/remove members from something not a group. Volker (This used to be commit 73f26de5c0b6a6b9b78c22016986f3106bce7bfa)
2004-02-29 15:47:45 +03:00
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL;
}
static int rpc_group_delmem(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SAMR, 0,
rpc_group_delmem_internals,
argc, argv);
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* List groups on a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_group_list_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
POLICY_HND connect_pol, domain_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
uint32 start_idx=0, max_entries=250, num_entries, i, loop_count = 0;
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
struct samr_SamArray *groups = NULL;
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool global = False;
bool local = False;
bool builtin = False;
Implement 'net rpc group list [global|local|builtin]*' for a select listing of the respective user databases. Volker (This used to be commit 39e4ee0c5be9f8d5a26b03ae17865b8e576b0b62)
2003-11-28 18:10:00 +03:00
if (argc == 0) {
global = True;
local = True;
builtin = True;
}
for (i=0; i<argc; i++) {
if (strequal(argv[i], "global"))
global = True;
if (strequal(argv[i], "local"))
local = True;
if (strequal(argv[i], "builtin"))
builtin = True;
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Query domain groups */
if (opt_long_list_entries)
d_printf("\nGroup name Comment"\
"\n-----------------------------\n");
do {
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
uint32_t max_size, total_size, returned_size;
union samr_DispInfo info;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
Implement 'net rpc group list [global|local|builtin]*' for a select listing of the respective user databases. Volker (This used to be commit 39e4ee0c5be9f8d5a26b03ae17865b8e576b0b62)
2003-11-28 18:10:00 +03:00
if (!global) break;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
get_query_dispinfo_params(
loop_count, &max_entries, &max_size);
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
result = rpccli_samr_QueryDisplayInfo(pipe_hnd, mem_ctx,
&domain_pol,
3,
start_idx,
max_entries,
max_size,
&total_size,
&returned_size,
&info);
num_entries = info.info3.count;
start_idx += info.info3.count;
Don't try to show groups that could not be listed. Volker (This used to be commit d713e76a24583acaffa0be67838e7629b980ff29)
2004-02-17 18:24:28 +03:00
Fix my fix to net rpc group list. We can certainly have more than a single set of groups. Volker (This used to be commit e77fe4a77a6b0b8d92014edb073b36d01a1a5169)
2004-02-28 11:18:09 +03:00
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
Don't try to show groups that could not be listed. Volker (This used to be commit d713e76a24583acaffa0be67838e7629b980ff29)
2004-02-17 18:24:28 +03:00
break;
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
for (i = 0; i < num_entries; i++) {
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
Use rpccli_samr_QueryDisplayInfo() all over the place. Guenther (This used to be commit 66b79add353bf7a09f304eac5274cb89b23d7b06)
2008-02-07 22:46:02 +03:00
const char *group = NULL;
const char *desc = NULL;
group = info.info3.entries[i].account_name.string;
desc = info.info3.entries[i].description.string;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (opt_long_list_entries)
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
printf("%-21.21s %-50.50s\n",
group, desc);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
else
In the brief 'net rpc group' listing, don't cut off group names at 21 chars. Volker (This used to be commit 5d0b8280f6c4990ee3a26c310efebfa859ee21be)
2003-12-01 17:12:26 +03:00
printf("%s\n", group);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
Fix the spinning bug for 'net rpc user' as well - there are more errors in this world than 'status more entires'... Also move all the cases to 'NT_STATUS_EQUAL()' to test it. Andrew Bartlett (This used to be commit b4645bf0661dadcd077b21bb6f6452ed8b2eb726)
2003-05-08 02:56:02 +04:00
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/* query domain aliases */
Working on bug#3. We want all of the aliases, so start with 0. Volker (This used to be commit ec1a58d09e08583288b18747a0c82e5cf8139b63)
2003-06-12 19:37:06 +04:00
start_idx = 0;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
do {
Implement 'net rpc group list [global|local|builtin]*' for a select listing of the respective user databases. Volker (This used to be commit 39e4ee0c5be9f8d5a26b03ae17865b8e576b0b62)
2003-11-28 18:10:00 +03:00
if (!local) break;
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
result = rpccli_samr_EnumDomainAliases(pipe_hnd, mem_ctx,
&domain_pol,
&start_idx,
&groups,
0xffff,
&num_entries);
Fix my fix to net rpc group list. We can certainly have more than a single set of groups. Volker (This used to be commit e77fe4a77a6b0b8d92014edb073b36d01a1a5169)
2004-02-28 11:18:09 +03:00
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
Don't try to show groups that could not be listed. Volker (This used to be commit d713e76a24583acaffa0be67838e7629b980ff29)
2004-02-17 18:24:28 +03:00
break;
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
for (i = 0; i < num_entries; i++) {
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
const char *description = NULL;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
if (opt_long_list_entries) {
POLICY_HND alias_pol;
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
union samr_AliasInfo *info = NULL;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
&domain_pol,
0x8,
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
groups->entries[i].idx,
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
&alias_pol))) &&
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
(NT_STATUS_IS_OK(rpccli_samr_QueryAliasInfo(pipe_hnd, mem_ctx,
&alias_pol,
3,
&info))) &&
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
(NT_STATUS_IS_OK(rpccli_samr_Close(pipe_hnd, mem_ctx,
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
&alias_pol)))) {
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
description = info->description.string;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
}
}
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
if (description != NULL) {
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
printf("%-21.21s %-50.50s\n",
groups->entries[i].name.string,
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
description);
} else {
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
printf("%s\n", groups->entries[i].name.string);
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
Fix the spinning bug for 'net rpc user' as well - there are more errors in this world than 'status more entires'... Also move all the cases to 'NT_STATUS_EQUAL()' to test it. Andrew Bartlett (This used to be commit b4645bf0661dadcd077b21bb6f6452ed8b2eb726)
2003-05-08 02:56:02 +04:00
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/* Get builtin policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
&domain_pol);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* query builtin aliases */
Working on bug#3. We want all of the aliases, so start with 0. Volker (This used to be commit ec1a58d09e08583288b18747a0c82e5cf8139b63)
2003-06-12 19:37:06 +04:00
start_idx = 0;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
do {
Implement 'net rpc group list [global|local|builtin]*' for a select listing of the respective user databases. Volker (This used to be commit 39e4ee0c5be9f8d5a26b03ae17865b8e576b0b62)
2003-11-28 18:10:00 +03:00
if (!builtin) break;
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
result = rpccli_samr_EnumDomainAliases(pipe_hnd, mem_ctx,
&domain_pol,
&start_idx,
&groups,
max_entries,
&num_entries);
Fix my fix to net rpc group list. We can certainly have more than a single set of groups. Volker (This used to be commit e77fe4a77a6b0b8d92014edb073b36d01a1a5169)
2004-02-28 11:18:09 +03:00
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
Don't try to show groups that could not be listed. Volker (This used to be commit d713e76a24583acaffa0be67838e7629b980ff29)
2004-02-17 18:24:28 +03:00
break;
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
for (i = 0; i < num_entries; i++) {
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
const char *description = NULL;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
if (opt_long_list_entries) {
POLICY_HND alias_pol;
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
union samr_AliasInfo *info = NULL;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
&domain_pol,
0x8,
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
groups->entries[i].idx,
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
&alias_pol))) &&
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
(NT_STATUS_IS_OK(rpccli_samr_QueryAliasInfo(pipe_hnd, mem_ctx,
&alias_pol,
3,
&info))) &&
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
(NT_STATUS_IS_OK(rpccli_samr_Close(pipe_hnd, mem_ctx,
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
&alias_pol)))) {
Use rpccli_samr_QueryAliasInfo() in net. Guenther (This used to be commit 5bf6c8b6d83708ba2f11e72fc952e932f0db59a6)
2008-02-07 15:07:07 +03:00
description = info->description.string;
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
}
}
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
if (description != NULL) {
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
printf("%-21.21s %-50.50s\n",
groups->entries[i].name.string,
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
description);
} else {
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
printf("%s\n", groups->entries[i].name.string);
Fix for bug#3. Show comments when doing 'net group -l'. Volker (This used to be commit e5664adc07307a066c5312d9224cef2c69a40f77)
2003-06-12 20:21:22 +04:00
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
Fix the spinning bug for 'net rpc user' as well - there are more errors in this world than 'status more entires'... Also move all the cases to 'NT_STATUS_EQUAL()' to test it. Andrew Bartlett (This used to be commit b4645bf0661dadcd077b21bb6f6452ed8b2eb726)
2003-05-08 02:56:02 +04:00
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
done:
return result;
}
Implement 'net rpc group list [global|local|builtin]*' for a select listing of the respective user databases. Volker (This used to be commit 39e4ee0c5be9f8d5a26b03ae17865b8e576b0b62)
2003-11-28 18:10:00 +03:00
static int rpc_group_list(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SAMR, 0,
rpc_group_list_internals,
argc, argv);
}
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_list_group_members(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
const char *domain_name,
const DOM_SID *domain_sid,
POLICY_HND *domain_pol,
uint32 rid)
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
{
NTSTATUS result;
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
POLICY_HND group_pol;
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
uint32 num_members, *group_rids;
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
int i;
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
struct samr_RidTypeArray *rids = NULL;
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
struct lsa_Strings names;
struct samr_Ids types;
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
fstring sid_str;
s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-16 00:47:30 +03:00
sid_to_fstring(sid_str, domain_sid);
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
Use rpccli_samr_OpenGroup() all over the place. Guenther (This used to be commit d019fc69a986937880121c2587d3fe37f995edae)
2008-02-01 13:24:01 +03:00
result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rid,
&group_pol);
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
if (!NT_STATUS_IS_OK(result))
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
result = rpccli_samr_QueryGroupMember(pipe_hnd, mem_ctx,
&group_pol,
&rids);
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
if (!NT_STATUS_IS_OK(result))
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
Use rpccli_samr_QueryGroupMember() all over the place. Guenther (This used to be commit 1793ed10df7f403b85a4e52c67cbfb277b23b30b)
2008-02-05 12:58:37 +03:00
num_members = rids->count;
group_rids = rids->rids;
JHT came up with a nasty (broken) torture case in preparing examples for his book. This prompted me to look at the code that reads the unix group list. This code did a lot of name -> uid -> name -> sid translations, which caused problems. Instead, we now do just name->sid I also cleaned up some interfaces, and client tools. Andrew Bartlett (This used to be commit f9e59f8bc06fae7e5c8cb0980947f78942dc25c0)
2004-01-02 08:32:07 +03:00
while (num_members > 0) {
Only ask for 512 names at a time. Volker (This used to be commit d5775b7106dc5d6326db89f7369d2ffd61646426)
2003-11-27 20:31:18 +03:00
int this_time = 512;
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
Only ask for 512 names at a time. Volker (This used to be commit d5775b7106dc5d6326db89f7369d2ffd61646426)
2003-11-27 20:31:18 +03:00
if (num_members < this_time)
this_time = num_members;
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
result = rpccli_samr_LookupRids(pipe_hnd, mem_ctx,
domain_pol,
this_time,
group_rids,
&names,
&types);
Only ask for 512 names at a time. Volker (This used to be commit d5775b7106dc5d6326db89f7369d2ffd61646426)
2003-11-27 20:31:18 +03:00
if (!NT_STATUS_IS_OK(result))
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
/* We only have users as members, but make the output
the same as the output of alias members */
Only ask for 512 names at a time. Volker (This used to be commit d5775b7106dc5d6326db89f7369d2ffd61646426)
2003-11-27 20:31:18 +03:00
for (i = 0; i < this_time; i++) {
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (opt_long_list_entries) {
printf("%s-%d %s\\%s %d\n", sid_str,
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
group_rids[i], domain_name,
names.names[i].string,
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
SID_NAME_USER);
} else {
Use rpccli_samr_LookupRids() in net and rpcclient. Guenther (This used to be commit 72fc4ffa38285b3358c6e264e9007162ae3782f1)
2008-02-08 14:05:29 +03:00
printf("%s\\%s\n", domain_name,
names.names[i].string);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
}
Only ask for 512 names at a time. Volker (This used to be commit d5775b7106dc5d6326db89f7369d2ffd61646426)
2003-11-27 20:31:18 +03:00
}
num_members -= this_time;
group_rids += 512;
JHT came up with a nasty (broken) torture case in preparing examples for his book. This prompted me to look at the code that reads the unix group list. This code did a lot of name -> uid -> name -> sid translations, which caused problems. Instead, we now do just name->sid I also cleaned up some interfaces, and client tools. Andrew Bartlett (This used to be commit f9e59f8bc06fae7e5c8cb0980947f78942dc25c0)
2004-01-02 08:32:07 +03:00
}
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return NT_STATUS_OK;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_list_alias_members(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
POLICY_HND *domain_pol,
uint32 rid)
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
{
NTSTATUS result;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *lsa_pipe;
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
POLICY_HND alias_pol, lsa_pol;
uint32 num_members;
DOM_SID *alias_sids;
char **domains;
char **names;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType *types;
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
int i;
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
struct lsa_SidArray sid_array;
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rid,
&alias_pol);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (!NT_STATUS_IS_OK(result))
return result;
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
result = rpccli_samr_GetMembersInAlias(pipe_hnd, mem_ctx,
&alias_pol,
&sid_array);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't list alias members\n");
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
}
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
num_members = sid_array.num_sids;
If there are no alias members, don't ask for their sids :-) Volker (This used to be commit 99f03a641e4fd75c3bafb8bd153687743317a3dc)
2004-02-17 13:08:18 +03:00
if (num_members == 0) {
return NT_STATUS_OK;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
lsa_pipe = cli_rpc_pipe_open_noauth(pipe_hnd->cli, PI_LSARPC, &result);
if (!lsa_pipe) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't open LSA pipe. Error was %s\n",
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_errstr(result) );
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, True,
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't open LSA policy handle\n");
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_rpc_pipe_close(lsa_pipe);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
}
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
alias_sids = TALLOC_ZERO_ARRAY(mem_ctx, DOM_SID, num_members);
if (!alias_sids) {
d_fprintf(stderr, "Out of memory\n");
cli_rpc_pipe_close(lsa_pipe);
return NT_STATUS_NO_MEMORY;
}
for (i=0; i<num_members; i++) {
sid_copy(&alias_sids[i], sid_array.sids[i].sid);
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_lookup_sids(lsa_pipe, mem_ctx, &lsa_pol, num_members,
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
alias_sids,
&domains, &names, &types);
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't lookup SIDs\n");
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_rpc_pipe_close(lsa_pipe);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
}
for (i = 0; i < num_members; i++) {
fstring sid_str;
s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-16 00:47:30 +03:00
sid_to_fstring(sid_str, &alias_sids[i]);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (opt_long_list_entries) {
printf("%s %s\\%s %d\n", sid_str,
domains[i] ? domains[i] : "*unknown*",
names[i] ? names[i] : "*unknown*", types[i]);
} else {
if (domains[i])
printf("%s\\%s\n", domains[i], names[i]);
else
printf("%s\n", sid_str);
}
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_rpc_pipe_close(lsa_pipe);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return NT_STATUS_OK;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_group_members_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
{
NTSTATUS result;
POLICY_HND connect_pol, domain_pol;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (!NT_STATUS_IS_OK(result))
return result;
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (!NT_STATUS_IS_OK(result))
return result;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, argv[0]); /* sure? */
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
&rid_types);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (!NT_STATUS_IS_OK(result)) {
/* Ok, did not find it in the global sam, try with builtin */
DOM_SID sid_Builtin;
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
string_to_sid(&sid_Builtin, "S-1-5-32");
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid_Builtin,
&domain_pol);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
&rid_types);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
if (!NT_STATUS_IS_OK(result)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
}
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
if (rids.count != 1) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
return result;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
if (rid_types.ids[0] == SID_NAME_DOM_GRP) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
return rpc_list_group_members(pipe_hnd, mem_ctx, domain_name,
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
domain_sid, &domain_pol,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
rids.ids[0]);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
if (rid_types.ids[0] == SID_NAME_ALIAS) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
return rpc_list_alias_members(pipe_hnd, mem_ctx, &domain_pol,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
rids.ids[0]);
Expand 'net rpc group members' to local groups. Volker (This used to be commit 90fabe6ec004ab95739100b6cd5b7cbd87e67e24)
2004-02-09 21:19:25 +03:00
}
return NT_STATUS_NO_SUCH_GROUP;
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
}
static int rpc_group_members(int argc, const char **argv)
{
if (argc != 1) {
return rpc_group_usage(argc, argv);
}
return run_rpc_command(NULL, PI_SAMR, 0,
rpc_group_members_internals,
argc, argv);
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_group_rename_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
{
NTSTATUS result;
POLICY_HND connect_pol, domain_pol, group_pol;
Use rpccli_samr_SetGroupInfo() in net. Guenther (This used to be commit 5909e9f97179b125202c323a256add20c3db9e5f)
2008-02-06 15:06:31 +03:00
union samr_GroupInfo group_info;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
if (argc != 2) {
d_printf("Usage: 'net rpc group rename group newname'\n");
return NT_STATUS_UNSUCCESSFUL;
}
/* Get sam policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
if (!NT_STATUS_IS_OK(result))
return result;
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
if (!NT_STATUS_IS_OK(result))
return result;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, argv[0]);
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
&rid_types);
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
if (rids.count != 1) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
return result;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
if (rid_types.ids[0] != SID_NAME_DOM_GRP) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Can only rename domain groups\n");
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
return NT_STATUS_UNSUCCESSFUL;
}
Use rpccli_samr_OpenGroup() all over the place. Guenther (This used to be commit d019fc69a986937880121c2587d3fe37f995edae)
2008-02-01 13:24:01 +03:00
result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
rids.ids[0],
Use rpccli_samr_OpenGroup() all over the place. Guenther (This used to be commit d019fc69a986937880121c2587d3fe37f995edae)
2008-02-01 13:24:01 +03:00
&group_pol);
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
if (!NT_STATUS_IS_OK(result))
return result;
Use rpccli_samr_SetGroupInfo() in net. Guenther (This used to be commit 5909e9f97179b125202c323a256add20c3db9e5f)
2008-02-06 15:06:31 +03:00
init_lsa_String(&group_info.name, argv[1]);
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
Use rpccli_samr_SetGroupInfo() in net. Guenther (This used to be commit 5909e9f97179b125202c323a256add20c3db9e5f)
2008-02-06 15:06:31 +03:00
result = rpccli_samr_SetGroupInfo(pipe_hnd, mem_ctx,
&group_pol,
2,
&group_info);
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
if (!NT_STATUS_IS_OK(result))
return result;
return NT_STATUS_NO_SUCH_GROUP;
}
static int rpc_group_rename(int argc, const char **argv)
{
if (argc != 2) {
return rpc_group_usage(argc, argv);
}
return run_rpc_command(NULL, PI_SAMR, 0,
rpc_group_rename_internals,
argc, argv);
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/**
* 'net rpc group' entrypoint.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
**/
int net_rpc_group(int argc, const char **argv)
{
struct functable func[] = {
{"add", rpc_group_add},
r269: Patch from Krischan Jodies <kj@sernet.de>: Implement 'net rpc group delete'. Volker (This used to be commit ec321674961cc62c048b149ee19b6e36325c8eb3)
2004-04-19 00:22:31 +04:00
{"delete", rpc_group_delete},
Add 'net rpc group [add|del]mem' for domain groups and aliases. Volker (This used to be commit e597420421e085b17dcdc062c5900518d0d4e685)
2004-02-28 21:41:16 +03:00
{"addmem", rpc_group_addmem},
{"delmem", rpc_group_delmem},
Implement 'net rpc group list [global|local|builtin]*' for a select listing of the respective user databases. Volker (This used to be commit 39e4ee0c5be9f8d5a26b03ae17865b8e576b0b62)
2003-11-28 18:10:00 +03:00
{"list", rpc_group_list},
Implement "net rpc group members": Get members of a domain group in human-readable format. Volker (This used to be commit 4e3a2eb8e04c3a669d94e38d81e994606fa6ef9d)
2003-11-26 13:07:07 +03:00
{"members", rpc_group_members},
r977: Implement 'net rpc group rename' -- rename domain groups. Volker (This used to be commit 9ceff803278bdbc09cb5ab678a108cea24ab49a9)
2004-06-02 18:25:29 +04:00
{"rename", rpc_group_rename},
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{NULL, NULL}
};
if (argc == 0) {
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SAMR, 0,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_group_list_internals,
argc, argv);
}
return net_run_function(argc, argv, func, rpc_group_usage);
}
/****************************************************************************/
static int rpc_share_usage(int argc, const char **argv)
{
return net_help_share(argc, argv);
}
/**
* Add a share on a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_share_add_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,int argc,
const char **argv)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
r16360: Fix Klocwork ID 136 520 521 522 523 542 574 575 576 607 in net_rpc.c: 715 716 732 734 735 736 737 738 739 749 in net_rpc_audit.c: 754 755 756 in net_rpc_join.c: 757 in net_rpc_registry: 766 767 in net_rpc_samsync.c: 771 773 in net_sam.c: 797 798 Volker (This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
2006-06-19 23:07:39 +04:00
char *sharename;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
char *path;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
uint32 num_users=0, perms=0;
char *password=NULL; /* don't allow a share password */
r19797: Convert the remaining pipes to the "new" unique out ptr handling (This used to be commit bc4e0a388a2859d2ddcfb8f07920f3b121a37894)
2006-11-19 21:57:52 +03:00
uint32 level = 2;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
r16360: Fix Klocwork ID 136 520 521 522 523 542 574 575 576 607 in net_rpc.c: 715 716 732 734 735 736 737 738 739 749 in net_rpc_audit.c: 754 755 756 in net_rpc_join.c: 757 in net_rpc_registry: 766 767 in net_rpc_samsync.c: 771 773 in net_sam.c: 797 798 Volker (This used to be commit 3df0bf7d6050fd7c9ace72487d4f74d92e30a584)
2006-06-19 23:07:39 +04:00
if ((sharename = talloc_strdup(mem_ctx, argv[0])) == NULL) {
return NT_STATUS_NO_MEMORY;
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
path = strchr(sharename, '=');
if (!path)
return NT_STATUS_UNSUCCESSFUL;
*path++ = '\0';
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_share_add(pipe_hnd, mem_ctx, sharename, type,
opt_comment, perms, opt_maxusers,
num_users, path, password,
level, NULL);
return werror_to_ntstatus(result);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
static int rpc_share_add(int argc, const char **argv)
{
if ((argc < 1) || !strchr(argv[0], '=')) {
DEBUG(1,("Sharename or path not specified on add\n"));
return rpc_share_usage(argc, argv);
}
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_share_add_internals,
argc, argv);
}
/**
* Delete a share on a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_share_del_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
result = rpccli_srvsvc_net_share_del(pipe_hnd, mem_ctx, argv[0]);
return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
/**
* Delete a share on a remote RPC server
*
* @param domain_sid The domain sid acquired from the remote server
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_share_delete(int argc, const char **argv)
{
if (argc < 1) {
DEBUG(1,("Sharename not specified on delete\n"));
return rpc_share_usage(argc, argv);
}
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_share_del_internals,
argc, argv);
}
/**
* Formatted print of share info
*
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
* @param info1 pointer to SRV_SHARE_INFO_1 to format
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
**/
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
static void display_share_info_1(SRV_SHARE_INFO_1 *info1)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
fstring netname = "", remark = "";
rpcstr_pull_unistr2_fstring(netname, &info1->info_1_str.uni_netname);
rpcstr_pull_unistr2_fstring(remark, &info1->info_1_str.uni_remark);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (opt_long_list_entries) {
BUG 1055; patch from SATOH Fumiyasu <fumiya@miraclelinux.com>; formatting fixes for 'net share' (This used to be commit 44db163b3001d8dc50b64bac7fd12be1147e14b7)
2004-02-11 17:59:08 +03:00
d_printf("%-12s %-8.8s %-50s\n",
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
netname, share_type[info1->info_1.type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)], remark);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
} else {
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
d_printf("%s\n", netname);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
static WERROR get_share_info(struct rpc_pipe_client *pipe_hnd,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
TALLOC_CTX *mem_ctx,
uint32 level,
int argc,
const char **argv,
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_SHARE_INFO_CTR *ctr)
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
SRV_SHARE_INFO info;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* no specific share requested, enumerate all */
if (argc == 0) {
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
ENUM_HND hnd;
uint32 preferred_len = 0xffffffff;
init_enum_hnd(&hnd, 0);
return rpccli_srvsvc_net_share_enum(pipe_hnd, mem_ctx, level, ctr,
preferred_len, &hnd);
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
}
/* request just one share */
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_share_get_info(pipe_hnd, mem_ctx, argv[0], level, &info);
r19445: Attempt to fix net rpc share (This used to be commit 769988f83adac5f8adcf6a3cda68fb8f26a0327d)
2006-10-21 20:27:38 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!W_ERROR_IS_OK(result))
goto done;
/* construct ctr */
ZERO_STRUCTP(ctr);
ctr->info_level = ctr->switch_value = level;
ctr->ptr_share_info = ctr->ptr_entries = 1;
ctr->num_entries = ctr->num_entries2 = 1;
r19445: Attempt to fix net rpc share (This used to be commit 769988f83adac5f8adcf6a3cda68fb8f26a0327d)
2006-10-21 20:27:38 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
switch (level) {
r19445: Attempt to fix net rpc share (This used to be commit 769988f83adac5f8adcf6a3cda68fb8f26a0327d)
2006-10-21 20:27:38 +04:00
case 1:
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
{
char *s;
SRV_SHARE_INFO_1 *info1;
ctr->share.info1 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_1, 1);
if (ctr->share.info1 == NULL) {
result = WERR_NOMEM;
goto done;
}
info1 = ctr->share.info1;
memset(ctr->share.info1, 0, sizeof(SRV_SHARE_INFO_1));
/* Copy pointer crap */
memcpy(&info1->info_1, &info.share.info1.info_1, sizeof(SH_INFO_1));
/* Duplicate strings */
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info1.info_1_str.uni_netname);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info1->info_1_str.uni_netname, s, UNI_STR_TERMINATE);
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info1.info_1_str.uni_remark);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info1->info_1_str.uni_remark, s, UNI_STR_TERMINATE);
}
case 2:
{
char *s;
SRV_SHARE_INFO_2 *info2;
ctr->share.info2 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_2, 1);
if (ctr->share.info2 == NULL) {
result = WERR_NOMEM;
goto done;
}
info2 = ctr->share.info2;
memset(ctr->share.info2, 0, sizeof(SRV_SHARE_INFO_2));
/* Copy pointer crap */
memcpy(&info2->info_2, &info.share.info2.info_2, sizeof(SH_INFO_2));
/* Duplicate strings */
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_netname);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info2->info_2_str.uni_netname, s, UNI_STR_TERMINATE);
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_remark);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info2->info_2_str.uni_remark, s, UNI_STR_TERMINATE);
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_path);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info2->info_2_str.uni_path, s, UNI_STR_TERMINATE);
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_passwd);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info2->info_2_str.uni_passwd, s, UNI_STR_TERMINATE);
}
r19445: Attempt to fix net rpc share (This used to be commit 769988f83adac5f8adcf6a3cda68fb8f26a0327d)
2006-10-21 20:27:38 +04:00
case 502:
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
{
char *s;
SRV_SHARE_INFO_502 *info502;
ctr->share.info502 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_502, 1);
if (ctr->share.info502 == NULL) {
result = WERR_NOMEM;
goto done;
}
info502 = ctr->share.info502;
memset(ctr->share.info502, 0, sizeof(SRV_SHARE_INFO_502));
/* Copy pointer crap */
memcpy(&info502->info_502, &info.share.info502.info_502, sizeof(SH_INFO_502));
/* Duplicate strings */
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_netname);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info502->info_502_str.uni_netname, s, UNI_STR_TERMINATE);
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_remark);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info502->info_502_str.uni_remark, s, UNI_STR_TERMINATE);
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_path);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info502->info_502_str.uni_path, s, UNI_STR_TERMINATE);
Remove pstrings from everything except srv_spoolss_nt.c. Jeremy. (This used to be commit 0002a9e96b0ef78316295a6eb94ff29b64e2f988)
2007-11-28 01:35:30 +03:00
s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_passwd);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (s)
init_unistr2(&info502->info_502_str.uni_passwd, s, UNI_STR_TERMINATE);
info502->info_502_str.sd = dup_sec_desc(mem_ctx, info.share.info502.info_502_str.sd);
r19445: Attempt to fix net rpc share (This used to be commit 769988f83adac5f8adcf6a3cda68fb8f26a0327d)
2006-10-21 20:27:38 +04:00
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
} /* switch */
done:
return result;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/**
* List shares on a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_share_list_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_SHARE_INFO_CTR ctr;
WERROR result;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
uint32 i, level = 1;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr);
if (!W_ERROR_IS_OK(result))
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
goto done;
/* Display results */
if (opt_long_list_entries) {
d_printf(
"\nEnumerating shared resources (exports) on remote server:\n\n"\
"\nShare name Type Description\n"\
"---------- ---- -----------\n");
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
for (i = 0; i < ctr.num_entries; i++)
display_share_info_1(&ctr.share.info1[i]);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
done:
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/***
* 'net rpc share list' entrypoint.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
static int rpc_share_list(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SRVSVC, 0, rpc_share_list_internals, argc, argv);
}
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
static bool check_share_availability(struct cli_state *cli, const char *netname)
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
{
if (!cli_send_tconX(cli, netname, "A:", "", 0)) {
d_printf("skipping [%s]: not a file share.\n", netname);
return False;
}
if (!cli_tdis(cli))
return False;
return True;
}
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
static bool check_share_sanity(struct cli_state *cli, fstring netname, uint32 type)
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
{
/* only support disk shares */
if (! ( type == STYPE_DISKTREE || type == (STYPE_DISKTREE | STYPE_HIDDEN)) ) {
printf("share [%s] is not a diskshare (type: %x)\n", netname, type);
return False;
}
/* skip builtin shares */
/* FIXME: should print$ be added too ? */
if (strequal(netname,"IPC$") || strequal(netname,"ADMIN$") ||
strequal(netname,"global"))
return False;
if (opt_exclude && in_list(netname, opt_exclude, False)) {
printf("excluding [%s]\n", netname);
return False;
}
return check_share_availability(cli, netname);
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
/**
Fix some typos. Karolin (This used to be commit 71f05a1f9656c4a50dd4b8b08575be6536e92288)
2008-02-26 12:26:10 +03:00
* Migrate shares from a remote RPC server to the local RPC server
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
*
* All parameters are provided by the run_rpc_command function, except for
Fix some typos. Karolin (This used to be commit 71f05a1f9656c4a50dd4b8b08575be6536e92288)
2008-02-26 12:26:10 +03:00
* argc, argv which are passed through.
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
Fix some typos. Karolin (This used to be commit 71f05a1f9656c4a50dd4b8b08575be6536e92288)
2008-02-26 12:26:10 +03:00
* @param mem_ctx Talloc context, destroyed on completion of the function.
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_share_migrate_shares_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_SHARE_INFO_CTR ctr_src;
uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
char *password = NULL; /* don't allow a share password */
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
uint32 i;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *srvsvc_pipe = NULL;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
struct cli_state *cli_dst = NULL;
uint32 level = 502; /* includes secdesc */
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr_src);
if (!W_ERROR_IS_OK(result))
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
goto done;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* connect destination PI_SRVSVC */
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_status = connect_dst_pipe(&cli_dst, &srvsvc_pipe, PI_SRVSVC);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
for (i = 0; i < ctr_src.num_entries; i++) {
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
fstring netname = "", remark = "", path = "";
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
/* reset error-code */
nt_status = NT_STATUS_UNSUCCESSFUL;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
rpcstr_pull_unistr2_fstring(
netname, &ctr_src.share.info502[i].info_502_str.uni_netname);
rpcstr_pull_unistr2_fstring(
remark, &ctr_src.share.info502[i].info_502_str.uni_remark);
rpcstr_pull_unistr2_fstring(
path, &ctr_src.share.info502[i].info_502_str.uni_path);
if (!check_share_sanity(cli, netname, ctr_src.share.info502[i].info_502.type))
r5954: Fix some compiler warnings and add missing exclude-block in "net rpc share migrate" (found by Lars Mueller <lmuelle@suse.de>). Guenther (This used to be commit 45a2a7bedb877745cd9677fe3124d5a2ad2c8853)
2005-03-22 18:45:38 +03:00
continue;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* finally add the share on the dst server */
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
r7876: Now that we have "net rpc share migrate security" completly remove the share-acl from "net rpc share migrate shares". God, how ugly does this syntax get. Guenther (This used to be commit 6f4d4acc868ee67f8434d904fa51c57d1b847135)
2005-06-24 18:15:31 +04:00
printf("migrating: [%s], path: %s, comment: %s, without share-ACLs\n",
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
netname, path, remark);
result = rpccli_srvsvc_net_share_add(srvsvc_pipe, mem_ctx, netname, type, remark,
ctr_src.share.info502[i].info_502.perms,
ctr_src.share.info502[i].info_502.max_uses,
ctr_src.share.info502[i].info_502.num_uses,
path, password, level,
NULL);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (W_ERROR_V(result) == W_ERROR_V(WERR_ALREADY_EXISTS)) {
printf(" [%s] does already exist\n", netname);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
continue;
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!W_ERROR_IS_OK(result)) {
printf("cannot add share: %s\n", dos_errstr(result));
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
goto done;
}
}
nt_status = NT_STATUS_OK;
done:
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (cli_dst) {
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
cli_shutdown(cli_dst);
}
return nt_status;
}
/**
* Migrate shares from a rpc-server to another
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_share_migrate_shares(int argc, const char **argv)
{
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
rpc_share_migrate_shares_internals,
argc, argv);
}
/**
* Copy a file/dir
*
* @param f file_info
* @param mask current search mask
* @param state arg-pointer
*
**/
r5614: fix proto for copy_fn() after changes to cli_list() (This used to be commit fb8e746ed65fa3aacda3d6be0e3f28f690fbdacb)
2005-03-02 06:24:40 +03:00
static void copy_fn(const char *mnt, file_info *f, const char *mask, void *state)
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
static NTSTATUS nt_status;
static struct copy_clistate *local_state;
static fstring filename, new_mask;
fstring dir;
char *old_dir;
local_state = (struct copy_clistate *)state;
nt_status = NT_STATUS_UNSUCCESSFUL;
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
if (strequal(f->name, ".") || strequal(f->name, ".."))
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return;
DEBUG(3,("got mask: %s, name: %s\n", mask, f->name));
/* DIRECTORY */
if (f->mode & aDIR) {
DEBUG(3,("got dir: %s\n", f->name));
fstrcpy(dir, local_state->cwd);
fstrcat(dir, "\\");
fstrcat(dir, f->name);
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
switch (net_mode_share)
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
{
case NET_MODE_SHARE_MIGRATE:
/* create that directory */
nt_status = net_copy_file(local_state->mem_ctx,
local_state->cli_share_src,
local_state->cli_share_dst,
dir, dir,
opt_acls? True : False,
opt_attrs? True : False,
opt_timestamps? True : False,
False);
break;
default:
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Unsupported mode %d\n", net_mode_share);
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
return;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
if (!NT_STATUS_IS_OK(nt_status))
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
printf("could not handle dir %s: %s\n",
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
dir, nt_errstr(nt_status));
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
/* search below that directory */
fstrcpy(new_mask, dir);
fstrcat(new_mask, "\\*");
old_dir = local_state->cwd;
local_state->cwd = dir;
if (!sync_files(local_state, new_mask))
printf("could not handle files\n");
local_state->cwd = old_dir;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return;
}
/* FILE */
fstrcpy(filename, local_state->cwd);
fstrcat(filename, "\\");
fstrcat(filename, f->name);
DEBUG(3,("got file: %s\n", filename));
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
switch (net_mode_share)
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
{
case NET_MODE_SHARE_MIGRATE:
nt_status = net_copy_file(local_state->mem_ctx,
local_state->cli_share_src,
local_state->cli_share_dst,
filename, filename,
opt_acls? True : False,
opt_attrs? True : False,
opt_timestamps? True: False,
True);
break;
default:
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Unsupported file mode %d\n", net_mode_share);
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
return;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
if (!NT_STATUS_IS_OK(nt_status))
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
printf("could not handle file %s: %s\n",
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
filename, nt_errstr(nt_status));
}
/**
* sync files, can be called recursivly to list files
* and then call copy_fn for each file
*
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
* @param cp_clistate pointer to the copy_clistate we work with
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
* @param mask the current search mask
*
* @return Boolean result
**/
More pstring elimination. Jeremy. (This used to be commit c1f70793d615df57dc7b766d67db3e9eedd0e25e)
2007-12-05 03:35:24 +03:00
static bool sync_files(struct copy_clistate *cp_clistate, const char *mask)
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{
r21768: Fix the client dfs code such that smbclient can process deep dfs links (ie. links that go to non root parts of a share). Make the directory handling conanonical in POSIX and Windows pathname processing. dfs should not be fully working in client tools. Please bug me if not. Jeremy. (This used to be commit 1c9e10569cd97ee41de39f9f012bea4e4c932b5d)
2007-03-09 02:54:57 +03:00
struct cli_state *targetcli;
Remove PSTRING_LEN from smbd/ nmbd/. Remove pstring from libsmb/clidfs.c except for a nasty hack (that will be removed when pstrings are gone from client/). Jeremy. (This used to be commit cc257b71d13daa47e6f2315d0f07a60eb4aaeca6)
2007-11-30 04:25:41 +03:00
char *targetpath = NULL;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
DEBUG(3,("calling cli_list with mask: %s\n", mask));
Remove PSTRING_LEN from smbd/ nmbd/. Remove pstring from libsmb/clidfs.c except for a nasty hack (that will be removed when pstrings are gone from client/). Jeremy. (This used to be commit cc257b71d13daa47e6f2315d0f07a60eb4aaeca6)
2007-11-30 04:25:41 +03:00
if ( !cli_resolve_path(talloc_tos(), "", cp_clistate->cli_share_src,
mask, &targetcli, &targetpath ) ) {
r21768: Fix the client dfs code such that smbclient can process deep dfs links (ie. links that go to non root parts of a share). Make the directory handling conanonical in POSIX and Windows pathname processing. dfs should not be fully working in client tools. Please bug me if not. Jeremy. (This used to be commit 1c9e10569cd97ee41de39f9f012bea4e4c932b5d)
2007-03-09 02:54:57 +03:00
d_fprintf(stderr, "cli_resolve_path %s failed with error: %s\n",
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
mask, cli_errstr(cp_clistate->cli_share_src));
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return False;
}
r21768: Fix the client dfs code such that smbclient can process deep dfs links (ie. links that go to non root parts of a share). Make the directory handling conanonical in POSIX and Windows pathname processing. dfs should not be fully working in client tools. Please bug me if not. Jeremy. (This used to be commit 1c9e10569cd97ee41de39f9f012bea4e4c932b5d)
2007-03-09 02:54:57 +03:00
if (cli_list(targetcli, targetpath, cp_clistate->attribute, copy_fn, cp_clistate) == -1) {
d_fprintf(stderr, "listing %s failed with error: %s\n",
mask, cli_errstr(targetcli));
return False;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return True;
}
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
/**
* Set the top level directory permissions before we do any further copies.
* Should set up ACL inheritance.
**/
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool copy_top_level_perms(struct copy_clistate *cp_clistate,
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
const char *sharename)
{
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
switch (net_mode_share) {
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
case NET_MODE_SHARE_MIGRATE:
DEBUG(3,("calling net_copy_fileattr for '.' directory in share %s\n", sharename));
nt_status = net_copy_fileattr(cp_clistate->mem_ctx,
cp_clistate->cli_share_src,
cp_clistate->cli_share_dst,
"\\", "\\",
opt_acls? True : False,
opt_attrs? True : False,
opt_timestamps? True: False,
False);
break;
default:
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Unsupported mode %d\n", net_mode_share);
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
break;
}
if (!NT_STATUS_IS_OK(nt_status)) {
printf("Could handle directory attributes for top level directory of share %s. Error %s\n",
sharename, nt_errstr(nt_status));
return False;
}
return True;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
/**
* Sync all files inside a remote share to another share (over smb)
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_share_migrate_files_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_SHARE_INFO_CTR ctr_src;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
uint32 i;
uint32 level = 502;
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
struct copy_clistate cp_clistate;
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool got_src_share = False;
bool got_dst_share = False;
More pstring elimination. Jeremy. (This used to be commit c1f70793d615df57dc7b766d67db3e9eedd0e25e)
2007-12-05 03:35:24 +03:00
const char *mask = "\\*";
r2080: Remove last traces of static migration to localhost. Needed to allow a local netbios-alias bound to non-loopback interface as a migration target. It's now possible to migrate printers|shares|files from Server A to Server B while running the net-command on client C. Guenther (This used to be commit 0cfd2866dfe5e959ede169a77c39480790300de3)
2004-08-27 01:37:20 +04:00
char *dst = NULL;
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
dst = SMB_STRDUP(opt_destination?opt_destination:"127.0.0.1");
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr_src);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!W_ERROR_IS_OK(result))
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
goto done;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
for (i = 0; i < ctr_src.num_entries; i++) {
fstring netname = "";
rpcstr_pull_unistr2_fstring(
netname, &ctr_src.share.info502[i].info_502_str.uni_netname);
if (!check_share_sanity(cli, netname, ctr_src.share.info502[i].info_502.type))
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
continue;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* one might not want to mirror whole discs :) */
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (strequal(netname, "print$") || netname[1] == '$') {
d_printf("skipping [%s]: builtin/hidden share\n", netname);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
continue;
}
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
switch (net_mode_share)
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
{
case NET_MODE_SHARE_MIGRATE:
printf("syncing");
break;
default:
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "Unsupported mode %d\n", net_mode_share);
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
break;
}
printf(" [%s] files and directories %s ACLs, %s DOS Attributes %s\n",
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
netname,
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
opt_acls ? "including" : "without",
opt_attrs ? "including" : "without",
opt_timestamps ? "(preserving timestamps)" : "");
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
cp_clistate.mem_ctx = mem_ctx;
cp_clistate.cli_share_src = NULL;
cp_clistate.cli_share_dst = NULL;
cp_clistate.cwd = NULL;
cp_clistate.attribute = aSYSTEM | aHIDDEN | aDIR;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
/* open share source */
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
nt_status = connect_to_service(&cp_clistate.cli_share_src,
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
&cli->dest_ss, cli->desthost,
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
netname, "A:");
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
if (!NT_STATUS_IS_OK(nt_status))
goto done;
got_src_share = True;
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
if (net_mode_share == NET_MODE_SHARE_MIGRATE) {
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
/* open share destination */
nt_status = connect_to_service(&cp_clistate.cli_share_dst,
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
NULL, dst, netname, "A:");
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
if (!NT_STATUS_IS_OK(nt_status))
goto done;
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
got_dst_share = True;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!copy_top_level_perms(&cp_clistate, netname)) {
d_fprintf(stderr, "Could not handle the top level directory permissions for the share: %s\n", netname);
r7609: Move top level dir handling in from of the loop. This makes the code much straither. copy_top_level_perms() is jra's work. I modified the copy_top_level_perms() function to use the copy_clistate. And I don't forget trunk. Lars (This used to be commit 2c68568e5232c057d4f76f4bb044c54d18272602)
2005-06-15 18:24:11 +04:00
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
if (!sync_files(&cp_clistate, mask)) {
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
d_fprintf(stderr, "could not handle files for share: %s\n", netname);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
}
nt_status = NT_STATUS_OK;
done:
if (got_src_share)
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
cli_shutdown(cp_clistate.cli_share_src);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
if (got_dst_share)
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
cli_shutdown(cp_clistate.cli_share_dst);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return nt_status;
}
static int rpc_share_migrate_files(int argc, const char **argv)
{
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
rpc_share_migrate_files_internals,
argc, argv);
}
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/**
* Migrate share-ACLs from a remote RPC server to the local RPC srever
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_share_migrate_security_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_SHARE_INFO_CTR ctr_src;
SRV_SHARE_INFO info;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
uint32 i;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *srvsvc_pipe = NULL;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
struct cli_state *cli_dst = NULL;
uint32 level = 502; /* includes secdesc */
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = get_share_info(pipe_hnd, mem_ctx, level, argc, argv, &ctr_src);
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!W_ERROR_IS_OK(result))
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
goto done;
/* connect destination PI_SRVSVC */
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_status = connect_dst_pipe(&cli_dst, &srvsvc_pipe, PI_SRVSVC);
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
for (i = 0; i < ctr_src.num_entries; i++) {
fstring netname = "", remark = "", path = "";
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* reset error-code */
nt_status = NT_STATUS_UNSUCCESSFUL;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
rpcstr_pull_unistr2_fstring(
netname, &ctr_src.share.info502[i].info_502_str.uni_netname);
rpcstr_pull_unistr2_fstring(
remark, &ctr_src.share.info502[i].info_502_str.uni_remark);
rpcstr_pull_unistr2_fstring(
path, &ctr_src.share.info502[i].info_502_str.uni_path);
if (!check_share_sanity(cli, netname, ctr_src.share.info502[i].info_502.type))
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
continue;
printf("migrating: [%s], path: %s, comment: %s, including share-ACLs\n",
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
netname, path, remark);
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
if (opt_verbose)
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
display_sec_desc(ctr_src.share.info502[i].info_502_str.sd);
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* init info */
ZERO_STRUCT(info);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
info.switch_value = level;
info.ptr_share_ctr = 1;
/* FIXME: shouldn't we be able to just set the security descriptor ? */
info.share.info502 = ctr_src.share.info502[i];
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* finally modify the share on the dst server */
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_share_set_info(srvsvc_pipe, mem_ctx, netname, level, &info);
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!W_ERROR_IS_OK(result)) {
printf("cannot set share-acl: %s\n", dos_errstr(result));
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
goto done;
}
}
nt_status = NT_STATUS_OK;
done:
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (cli_dst) {
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
cli_shutdown(cli_dst);
}
return nt_status;
}
/**
* Migrate share-acls from a rpc-server to another
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_share_migrate_security(int argc, const char **argv)
{
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
return run_rpc_command(NULL, PI_SRVSVC, 0,
rpc_share_migrate_security_internals,
argc, argv);
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
/**
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
* Migrate shares (including share-definitions, share-acls and files with acls/attrs)
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
* from one server to another
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
*
**/
static int rpc_share_migrate_all(int argc, const char **argv)
{
int ret;
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
/* order is important. we don't want to be locked out by the share-acl
* before copying files - gd */
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
ret = run_rpc_command(NULL, PI_SRVSVC, 0, rpc_share_migrate_shares_internals, argc, argv);
if (ret)
return ret;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
ret = run_rpc_command(NULL, PI_SRVSVC, 0, rpc_share_migrate_files_internals, argc, argv);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
if (ret)
return ret;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0, rpc_share_migrate_security_internals, argc, argv);
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
}
/**
* 'net rpc share migrate' entrypoint.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
static int rpc_share_migrate(int argc, const char **argv)
{
struct functable func[] = {
{"all", rpc_share_migrate_all},
{"files", rpc_share_migrate_files},
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
{"help", rpc_share_usage},
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
{"security", rpc_share_migrate_security},
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{"shares", rpc_share_migrate_shares},
{NULL, NULL}
};
r7852: Correct fix from Lars for the argv issue. Jeremy. (This used to be commit a667d9e474302e888a0cc009a342da471318928c)
2005-06-24 03:23:16 +04:00
net_mode_share = NET_MODE_SHARE_MIGRATE;
r7512: Fix net share migrate files to also migrate the ACLs of the top level dir of a share. Till now we excluded '.' and '..' in general. For the fix the information about top or lower level dir is stored in the copy_clistate. src and dst share are now also part of this struct and we only pass a pointer to the struct to the functions. This bug was found by Bill Calero of Novell. Thanks Bill! With this checkin no new functionality was added. But the copy_clistate already knows about a mode. Later beside the migrate an additional report mode will be added. This changes are coordinated with Günther <gd>. Lars (This used to be commit 506aaefa3716c7683eef9afe0d1bb5b6e2533c4b)
2005-06-13 01:18:16 +04:00
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return net_run_function(argc, argv, func, rpc_share_usage);
}
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
struct full_alias {
DOM_SID sid;
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
uint32 num_members;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
DOM_SID *members;
};
static int num_server_aliases;
static struct full_alias *server_aliases;
/*
* Add an alias to the static list.
*/
static void push_alias(TALLOC_CTX *mem_ctx, struct full_alias *alias)
{
if (server_aliases == NULL)
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
server_aliases = SMB_MALLOC_ARRAY(struct full_alias, 100);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
server_aliases[num_server_aliases] = *alias;
num_server_aliases += 1;
}
/*
* For a specific domain on the server, fetch all the aliases
* and their members. Add all of them to the server_aliases.
*/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_fetch_domain_aliases(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
POLICY_HND *connect_pol,
const DOM_SID *domain_sid)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
uint32 start_idx, max_entries, num_entries, i;
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
struct samr_SamArray *groups = NULL;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
NTSTATUS result;
POLICY_HND domain_pol;
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (!NT_STATUS_IS_OK(result))
return result;
start_idx = 0;
max_entries = 250;
do {
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
result = rpccli_samr_EnumDomainAliases(pipe_hnd, mem_ctx,
&domain_pol,
&start_idx,
&groups,
max_entries,
&num_entries);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
for (i = 0; i < num_entries; i++) {
POLICY_HND alias_pol;
struct full_alias alias;
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
struct lsa_SidArray sid_array;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
int j;
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
groups->entries[i].idx,
Use rpccli_samr_OpenAlias() in net and rpcclient. Guenther (This used to be commit f66facc0f82e3d4c470d584d8ab0494fcb4ff5a2)
2008-02-01 13:38:29 +03:00
&alias_pol);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (!NT_STATUS_IS_OK(result))
goto done;
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
result = rpccli_samr_GetMembersInAlias(pipe_hnd, mem_ctx,
&alias_pol,
&sid_array);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (!NT_STATUS_IS_OK(result))
goto done;
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
alias.num_members = sid_array.num_sids;
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
result = rpccli_samr_Close(pipe_hnd, mem_ctx, &alias_pol);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (!NT_STATUS_IS_OK(result))
goto done;
alias.members = NULL;
if (alias.num_members > 0) {
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
alias.members = SMB_MALLOC_ARRAY(DOM_SID, alias.num_members);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
for (j = 0; j < alias.num_members; j++)
sid_copy(&alias.members[j],
Use rpccli_samr_GetMembersInAlias() in net and rpcclient. Guenther (This used to be commit 3f48f9e671698235a4152102cf73a694b94542e0)
2008-02-05 03:18:56 +03:00
sid_array.sids[j].sid);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
}
sid_copy(&alias.sid, domain_sid);
Use rpccli_samr_EnumDomainAliases() in net and rpcclient. Guenther (This used to be commit d034d34faaced1d349ff9d36fcddf9533e402582)
2008-02-12 13:09:23 +03:00
sid_append_rid(&alias.sid, groups->entries[i].idx);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
push_alias(mem_ctx, &alias);
}
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
result = NT_STATUS_OK;
done:
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
return result;
}
/*
* Dump server_aliases as names for debugging purposes.
*/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_aliaslist_dump(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
int i;
NTSTATUS result;
POLICY_HND lsa_pol;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
SEC_RIGHTS_MAXIMUM_ALLOWED,
&lsa_pol);
if (!NT_STATUS_IS_OK(result))
return result;
for (i=0; i<num_server_aliases; i++) {
char **names;
char **domains;
r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951)
2006-09-08 18:28:06 +04:00
enum lsa_SidType *types;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
int j;
struct full_alias *alias = &server_aliases[i];
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, &lsa_pol, 1,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
&alias->sid,
&domains, &names, &types);
if (!NT_STATUS_IS_OK(result))
continue;
DEBUG(1, ("%s\\%s %d: ", domains[0], names[0], types[0]));
if (alias->num_members == 0) {
DEBUG(1, ("\n"));
continue;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_lookup_sids(pipe_hnd, mem_ctx, &lsa_pol,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
alias->num_members,
alias->members,
&domains, &names, &types);
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED))
continue;
for (j=0; j<alias->num_members; j++)
DEBUG(1, ("%s\\%s (%d); ",
domains[j] ? domains[j] : "*unknown*",
names[j] ? names[j] : "*unknown*",types[j]));
DEBUG(1, ("\n"));
}
r18747: replace rpccli_lsa_close() with rpccli_lsa_Close() (This used to be commit 50d74ce0488a9bd0980cdc6d523a210f6238ef74)
2006-09-21 02:49:02 +04:00
rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
return NT_STATUS_OK;
}
/*
* Fetch a list of all server aliases and their members into
* server_aliases.
*/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_aliaslist_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
NTSTATUS result;
POLICY_HND connect_pol;
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (!NT_STATUS_IS_OK(result))
goto done;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
&global_sid_Builtin);
if (!NT_STATUS_IS_OK(result))
goto done;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
result = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
domain_sid);
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
done:
return result;
}
static void init_user_token(NT_USER_TOKEN *token, DOM_SID *user_sid)
{
token->num_sids = 4;
r23757: Fix Coverity id 386 (This used to be commit 91be38f7ab42991e04a41e91132137a834c10996)
2007-07-09 12:00:50 +04:00
if (!(token->user_sids = SMB_MALLOC_ARRAY(DOM_SID, 4))) {
d_fprintf(stderr, "malloc failed\n");
token->num_sids = 0;
return;
}
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
token->user_sids[0] = *user_sid;
sid_copy(&token->user_sids[1], &global_sid_World);
sid_copy(&token->user_sids[2], &global_sid_Network);
sid_copy(&token->user_sids[3], &global_sid_Authenticated_Users);
}
static void free_user_token(NT_USER_TOKEN *token)
{
SAFE_FREE(token->user_sids);
}
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
static bool is_sid_in_token(NT_USER_TOKEN *token, DOM_SID *sid)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
int i;
for (i=0; i<token->num_sids; i++) {
if (sid_compare(sid, &token->user_sids[i]) == 0)
return True;
}
return False;
}
static void add_sid_to_token(NT_USER_TOKEN *token, DOM_SID *sid)
{
if (is_sid_in_token(token, sid))
return;
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
token->user_sids = SMB_REALLOC_ARRAY(token->user_sids, DOM_SID, token->num_sids+1);
r13915: Fixed a very interesting class of realloc() bugs found by Coverity. realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2006-03-07 09:31:04 +03:00
if (!token->user_sids) {
return;
}
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
sid_copy(&token->user_sids[token->num_sids], sid);
token->num_sids += 1;
}
struct user_token {
fstring name;
NT_USER_TOKEN token;
};
static void dump_user_token(struct user_token *token)
{
int i;
d_printf("%s\n", token->name);
for (i=0; i<token->token.num_sids; i++) {
Replace sid_string_static with sid_string_tos In utils/ I was a bit lazy... (This used to be commit 60e830b0f4571bd5d9039f2edd199534f2a4c341)
2007-12-15 23:53:26 +03:00
d_printf(" %s\n", sid_string_tos(&token->token.user_sids[i]));
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
}
}
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
static bool is_alias_member(DOM_SID *sid, struct full_alias *alias)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
int i;
for (i=0; i<alias->num_members; i++) {
if (sid_compare(sid, &alias->members[i]) == 0)
return True;
}
return False;
}
static void collect_sid_memberships(NT_USER_TOKEN *token, DOM_SID sid)
{
int i;
for (i=0; i<num_server_aliases; i++) {
if (is_alias_member(&sid, &server_aliases[i]))
add_sid_to_token(token, &server_aliases[i].sid);
}
}
/*
* We got a user token with all the SIDs we can know about without asking the
* server directly. These are the user and domain group sids. All of these can
* be members of aliases. So scan the list of aliases for each of the SIDs and
* add them to the token.
*/
static void collect_alias_memberships(NT_USER_TOKEN *token)
{
int num_global_sids = token->num_sids;
int i;
for (i=0; i<num_global_sids; i++) {
collect_sid_memberships(token, token->user_sids[i]);
}
}
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
static bool get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *token)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
struct winbindd_request request;
struct winbindd_response response;
fstring full_name;
NSS_STATUS result;
DOM_SID user_sid;
int i;
fstr_sprintf(full_name, "%s%c%s",
domain, *lp_winbind_separator(), user);
/* First let's find out the user sid */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
fstrcpy(request.data.name.dom_name, domain);
fstrcpy(request.data.name.name, user);
r7882: Looks like a large patch - but what it actually does is make Samba safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2005-06-25 00:25:18 +04:00
result = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (result != NSS_STATUS_SUCCESS) {
DEBUG(1, ("winbind could not find %s\n", full_name));
return False;
}
if (response.data.sid.type != SID_NAME_USER) {
DEBUG(1, ("%s is not a user\n", full_name));
return False;
}
string_to_sid(&user_sid, response.data.sid.sid);
init_user_token(token, &user_sid);
/* And now the groups winbind knows about */
ZERO_STRUCT(response);
fstrcpy(request.data.username, full_name);
r7882: Looks like a large patch - but what it actually does is make Samba safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2005-06-25 00:25:18 +04:00
result = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (result != NSS_STATUS_SUCCESS) {
DEBUG(1, ("winbind could not get groups of %s\n", full_name));
return False;
}
for (i = 0; i < response.data.num_entries; i++) {
r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit winbindd server (This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
2006-04-12 18:10:39 +04:00
gid_t gid = ((gid_t *)response.extra_data.data)[i];
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
DOM_SID sid;
struct winbindd_request sidrequest;
struct winbindd_response sidresponse;
ZERO_STRUCT(sidrequest);
ZERO_STRUCT(sidresponse);
sidrequest.data.gid = gid;
r7882: Looks like a large patch - but what it actually does is make Samba safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2005-06-25 00:25:18 +04:00
result = winbindd_request_response(WINBINDD_GID_TO_SID,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
&sidrequest, &sidresponse);
if (result != NSS_STATUS_SUCCESS) {
DEBUG(1, ("winbind could not find SID of gid %d\n",
gid));
return False;
}
DEBUG(3, (" %s\n", sidresponse.data.sid.sid));
string_to_sid(&sid, sidresponse.data.sid.sid);
add_sid_to_token(token, &sid);
}
r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit winbindd server (This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
2006-04-12 18:10:39 +04:00
SAFE_FREE(response.extra_data.data);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
return True;
}
/**
* Get a list of all user tokens we want to look at
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
static bool get_user_tokens(int *num_tokens, struct user_token **user_tokens)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
struct winbindd_request request;
struct winbindd_response response;
const char *extra_data;
Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-08 04:32:32 +03:00
char *name;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
int i;
struct user_token *result;
Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-08 04:32:32 +03:00
TALLOC_CTX *frame = NULL;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
r6880: Fix bug 2070 after positive feedback from Leon Vernikov. Thanks! Volker (This used to be commit f25da82ffd8cdaf9ba773352b6f35d5390ee4aad)
2005-05-18 15:57:53 +04:00
if (lp_winbind_use_default_domain() &&
(opt_target_workgroup == NULL)) {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "winbind use default domain = yes set, "
"please specify a workgroup\n");
r6880: Fix bug 2070 after positive feedback from Leon Vernikov. Thanks! Volker (This used to be commit f25da82ffd8cdaf9ba773352b6f35d5390ee4aad)
2005-05-18 15:57:53 +04:00
return False;
}
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
/* Send request to winbind daemon */
ZERO_STRUCT(request);
ZERO_STRUCT(response);
Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-08 04:32:32 +03:00
r7882: Looks like a large patch - but what it actually does is make Samba safe for using our headers and linking with C++ modules. Stops us from using C++ reserved keywords in our code. Jeremy (This used to be commit 9506b8e145982b1160a2f0aee5c9b7a54980940a)
2005-06-25 00:25:18 +04:00
if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) !=
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
NSS_STATUS_SUCCESS)
return False;
/* Look through extra data */
r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit winbindd server (This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
2006-04-12 18:10:39 +04:00
if (!response.extra_data.data)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
return False;
r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit winbindd server (This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
2006-04-12 18:10:39 +04:00
extra_data = (const char *)response.extra_data.data;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
*num_tokens = 0;
Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-08 04:32:32 +03:00
frame = talloc_stackframe();
while(next_token_talloc(frame, &extra_data, &name, ",")) {
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
*num_tokens += 1;
}
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
result = SMB_MALLOC_ARRAY(struct user_token, *num_tokens);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (result == NULL) {
DEBUG(1, ("Could not malloc sid array\n"));
Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-08 04:32:32 +03:00
TALLOC_FREE(frame);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
return False;
}
r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit winbindd server (This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
2006-04-12 18:10:39 +04:00
extra_data = (const char *)response.extra_data.data;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
i=0;
Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-08 04:32:32 +03:00
while(next_token_talloc(frame, &extra_data, &name, ",")) {
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
fstring domain, user;
char *p;
fstrcpy(result[i].name, name);
p = strchr(name, *lp_winbind_separator());
DEBUG(3, ("%s\n", name));
r6880: Fix bug 2070 after positive feedback from Leon Vernikov. Thanks! Volker (This used to be commit f25da82ffd8cdaf9ba773352b6f35d5390ee4aad)
2005-05-18 15:57:53 +04:00
if (p == NULL) {
fstrcpy(domain, opt_target_workgroup);
fstrcpy(user, name);
} else {
*p++ = '\0';
fstrcpy(domain, name);
strupper_m(domain);
fstrcpy(user, p);
}
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
get_user_sids(domain, user, &(result[i].token));
i+=1;
}
Remove next_token - all uses must now be next_token_talloc. No more temptations to use static length strings. Jeremy. (This used to be commit ec003f39369910dee852b7cafb883ddaa321c2de)
2007-12-08 04:32:32 +03:00
TALLOC_FREE(frame);
r15053: fix portabilities issues between 32-bit winbind clients and a 64-bit winbindd server (This used to be commit a95d11345e76948b147bbc1f29a05c978d99a47a)
2006-04-12 18:10:39 +04:00
SAFE_FREE(response.extra_data.data);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
*user_tokens = result;
return True;
}
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
static bool get_user_tokens_from_file(FILE *f,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
int *num_tokens,
struct user_token **tokens)
{
struct user_token *token = NULL;
while (!feof(f)) {
fstring line;
if (fgets(line, sizeof(line)-1, f) == NULL) {
return True;
}
if (line[strlen(line)-1] == '\n')
line[strlen(line)-1] = '\0';
if (line[0] == ' ') {
/* We have a SID */
DOM_SID sid;
string_to_sid(&sid, &line[1]);
if (token == NULL) {
DEBUG(0, ("File does not begin with username"));
return False;
}
add_sid_to_token(&token->token, &sid);
continue;
}
/* And a new user... */
*num_tokens += 1;
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
*tokens = SMB_REALLOC_ARRAY(*tokens, struct user_token, *num_tokens);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (*tokens == NULL) {
DEBUG(0, ("Could not realloc tokens\n"));
return False;
}
token = &((*tokens)[*num_tokens-1]);
fstrcpy(token->name, line);
token->token.num_sids = 0;
token->token.user_sids = NULL;
continue;
}
return False;
}
/*
* Show the list of all users that have access to a share
*/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static void show_userlist(struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
const char *netname,
int num_tokens,
struct user_token *tokens)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
int fnum;
SEC_DESC *share_sd = NULL;
SEC_DESC *root_sd = NULL;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct cli_state *cli = pipe_hnd->cli;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
int i;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_SHARE_INFO info;
WERROR result;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
uint16 cnum;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_share_get_info(pipe_hnd, mem_ctx, netname,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
502, &info);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!W_ERROR_IS_OK(result)) {
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
DEBUG(1, ("Coult not query secdesc for share %s\n",
netname));
return;
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
share_sd = info.share.info502.info_502_str.sd;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
if (share_sd == NULL) {
DEBUG(1, ("Got no secdesc for share %s\n",
netname));
}
cnum = cli->cnum;
if (!cli_send_tconX(cli, netname, "A:", "", 0)) {
return;
}
fnum = cli_nt_create(cli, "\\", READ_CONTROL_ACCESS);
if (fnum != -1) {
root_sd = cli_query_secdesc(cli, fnum, mem_ctx);
}
for (i=0; i<num_tokens; i++) {
uint32 acc_granted;
NTSTATUS status;
if (share_sd != NULL) {
if (!se_access_check(share_sd, &tokens[i].token,
1, &acc_granted, &status)) {
DEBUG(1, ("Could not check share_sd for "
"user %s\n",
tokens[i].name));
continue;
}
if (!NT_STATUS_IS_OK(status))
continue;
}
if (root_sd == NULL) {
d_printf(" %s\n", tokens[i].name);
continue;
}
if (!se_access_check(root_sd, &tokens[i].token,
1, &acc_granted, &status)) {
DEBUG(1, ("Could not check root_sd for user %s\n",
tokens[i].name));
continue;
}
if (!NT_STATUS_IS_OK(status))
continue;
d_printf(" %s\n", tokens[i].name);
}
if (fnum != -1)
cli_close(cli, fnum);
cli_tdis(cli);
cli->cnum = cnum;
return;
}
struct share_list {
int num_shares;
char **shares;
};
static void collect_share(const char *name, uint32 m,
const char *comment, void *state)
{
struct share_list *share_list = (struct share_list *)state;
if (m != STYPE_DISKTREE)
return;
share_list->num_shares += 1;
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
share_list->shares = SMB_REALLOC_ARRAY(share_list->shares, char *, share_list->num_shares);
r13915: Fixed a very interesting class of realloc() bugs found by Coverity. realloc can return NULL in one of two cases - (1) the realloc failed, (2) realloc succeeded but the new size requested was zero, in which case this is identical to a free() call. The error paths dealing with these two cases should be different, but mostly weren't. Secondly the standard idiom for dealing with realloc when you know the new size is non-zero is the following : tmp = realloc(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } However, there were *many* *many* places in Samba where we were using the old (broken) idiom of : p = realloc(p, size) if (!p) { return error; } which will leak the memory pointed to by p on realloc fail. This commit (hopefully) fixes all these cases by moving to a standard idiom of : p = SMB_REALLOC(p, size) if (!p) { return error; } Where if the realloc returns null due to the realloc failing or size == 0 we *guarentee* that the storage pointed to by p has been freed. This allows me to remove a lot of code that was dealing with the standard (more verbose) method that required a tmp pointer. This is almost always what you want. When a realloc fails you never usually want the old memory, you want to free it and get into your error processing asap. For the 11 remaining cases where we really do need to keep the old pointer I have invented the new macro SMB_REALLOC_KEEP_OLD_ON_ERROR, which can be used as follows : tmp = SMB_REALLOC_KEEP_OLD_ON_ERROR(p, size); if (!tmp) { SAFE_FREE(p); return error; } else { p = tmp; } SMB_REALLOC_KEEP_OLD_ON_ERROR guarentees never to free the pointer p, even on size == 0 or realloc fail. All this is done by a hidden extra argument to Realloc(), BOOL free_old_on_error which is set appropriately by the SMB_REALLOC and SMB_REALLOC_KEEP_OLD_ON_ERROR macros (and their array counterparts). It remains to be seen what this will do to our Coverity bug count :-). Jeremy. (This used to be commit 1d710d06a214f3f1740e80e0bffd6aab44aac2b0)
2006-03-07 09:31:04 +03:00
if (!share_list->shares) {
share_list->num_shares = 0;
return;
}
r4088: Get medieval on our ass about malloc.... :-). Take control of all our allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2004-12-07 21:25:53 +03:00
share_list->shares[share_list->num_shares-1] = SMB_STRDUP(name);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
}
static void rpc_share_userlist_usage(void)
{
return;
}
/**
* List shares on a remote RPC server, including the security descriptors
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_share_allowedusers_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
int ret;
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool r;
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
ENUM_HND hnd;
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
uint32 i;
FILE *f;
struct user_token *tokens = NULL;
int num_tokens = 0;
struct share_list share_list;
if (argc > 1) {
rpc_share_userlist_usage();
return NT_STATUS_UNSUCCESSFUL;
}
if (argc == 0) {
f = stdin;
} else {
f = fopen(argv[0], "r");
}
if (f == NULL) {
DEBUG(0, ("Could not open userlist: %s\n", strerror(errno)));
return NT_STATUS_UNSUCCESSFUL;
}
r = get_user_tokens_from_file(f, &num_tokens, &tokens);
if (f != stdin)
fclose(f);
if (!r) {
DEBUG(0, ("Could not read users from file\n"));
return NT_STATUS_UNSUCCESSFUL;
}
for (i=0; i<num_tokens; i++)
collect_alias_memberships(&tokens[i].token);
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
init_enum_hnd(&hnd, 0);
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
share_list.num_shares = 0;
share_list.shares = NULL;
ret = cli_RNetShareEnum(cli, collect_share, &share_list);
if (ret == -1) {
DEBUG(0, ("Error returning browse list: %s\n",
cli_errstr(cli)));
goto done;
}
for (i = 0; i < share_list.num_shares; i++) {
char *netname = share_list.shares[i];
if (netname[strlen(netname)-1] == '$')
continue;
d_printf("%s\n", netname);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
show_userlist(pipe_hnd, mem_ctx, netname,
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
num_tokens, tokens);
}
done:
for (i=0; i<num_tokens; i++) {
free_user_token(&tokens[i].token);
}
SAFE_FREE(tokens);
SAFE_FREE(share_list.shares);
return NT_STATUS_OK;
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static int rpc_share_allowedusers(int argc, const char **argv)
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{
int result;
result = run_rpc_command(NULL, PI_SAMR, 0,
rpc_aliaslist_internals,
argc, argv);
if (result != 0)
return result;
result = run_rpc_command(NULL, PI_LSARPC, 0,
rpc_aliaslist_dump,
argc, argv);
if (result != 0)
return result;
return run_rpc_command(NULL, PI_SRVSVC, 0,
rpc_share_allowedusers_internals,
argc, argv);
}
int net_usersidlist(int argc, const char **argv)
{
int num_tokens = 0;
struct user_token *tokens = NULL;
int i;
if (argc != 0) {
net_usersidlist_usage(argc, argv);
return 0;
}
if (!get_user_tokens(&num_tokens, &tokens)) {
DEBUG(0, ("Could not get the user/sid list\n"));
return 0;
}
for (i=0; i<num_tokens; i++) {
dump_user_token(&tokens[i]);
free_user_token(&tokens[i].token);
}
SAFE_FREE(tokens);
return 1;
}
int net_usersidlist_usage(int argc, const char **argv)
{
d_printf("net usersidlist\n"
"\tprints out a list of all users the running winbind knows\n"
"\tabout, together with all their SIDs. This is used as\n"
"\tinput to the 'net rpc share allowedusers' command.\n\n");
net_common_flags_usage(argc, argv);
return -1;
}
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/**
* 'net rpc share' entrypoint.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
int net_rpc_share(int argc, const char **argv)
{
struct functable func[] = {
{"add", rpc_share_add},
{"delete", rpc_share_delete},
r2935: This is a long-standing one in my patch-queue: A pair of net commands (usersidlist/allowedusers) to scan a file server's share and list all users who have permission to connect there. Volker (This used to be commit f7f84aa1ded70af3882e4122f34d5c7eed746993)
2004-10-12 15:58:01 +04:00
{"allowedusers", rpc_share_allowedusers},
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{"migrate", rpc_share_migrate},
r7632: Cleanup "net share migrate"-code. * Allow to copy share security descriptors to already existing shares separatly. * Added abstraction function to enum all or a single share info Guenther (This used to be commit 97097497ae42d7a03286bbe16bcffb8224137688)
2005-06-16 13:36:53 +04:00
{"list", rpc_share_list},
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{NULL, NULL}
};
if (argc == 0)
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_share_list_internals,
argc, argv);
return net_run_function(argc, argv, func, rpc_share_usage);
}
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
static NTSTATUS rpc_sh_share_list(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
return rpc_share_list_internals(ctx->domain_sid, ctx->domain_name,
ctx->cli, pipe_hnd, mem_ctx,
argc, argv);
}
static NTSTATUS rpc_sh_share_add(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if ((argc < 2) || (argc > 3)) {
d_fprintf(stderr, "usage: %s <share> <path> [comment]\n",
ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_share_add(
pipe_hnd, mem_ctx, argv[0], STYPE_DISKTREE,
(argc == 3) ? argv[2] : "",
0, 0, 0, argv[1], NULL, 2, NULL);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
return werror_to_ntstatus(result);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
}
static NTSTATUS rpc_sh_share_delete(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
WERROR result;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (argc != 1) {
d_fprintf(stderr, "usage: %s <share>\n", ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_share_del(pipe_hnd, mem_ctx, argv[0]);
return werror_to_ntstatus(result);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
}
static NTSTATUS rpc_sh_share_info(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_SHARE_INFO info;
SRV_SHARE_INFO_2 *info2 = &info.share.info2;
WERROR result;
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
if (argc != 1) {
d_fprintf(stderr, "usage: %s <share>\n", ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_share_get_info(
pipe_hnd, mem_ctx, argv[0], 2, &info);
if (!W_ERROR_IS_OK(result)) {
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
goto done;
}
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
d_printf("Name: %s\n",
rpcstr_pull_unistr2_talloc(mem_ctx,
&info2->info_2_str.uni_netname));
d_printf("Comment: %s\n",
rpcstr_pull_unistr2_talloc(mem_ctx,
&info2->info_2_str.uni_remark));
d_printf("Path: %s\n",
rpcstr_pull_unistr2_talloc(mem_ctx,
&info2->info_2_str.uni_path));
d_printf("Password: %s\n",
rpcstr_pull_unistr2_talloc(mem_ctx,
&info2->info_2_str.uni_passwd));
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
done:
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
return werror_to_ntstatus(result);
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
}
struct rpc_sh_cmd *net_rpc_share_cmds(TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx)
{
static struct rpc_sh_cmd cmds[] = {
{ "list", NULL, PI_SRVSVC, rpc_sh_share_list,
"List available shares" },
{ "add", NULL, PI_SRVSVC, rpc_sh_share_add,
"Add a share" },
{ "delete", NULL, PI_SRVSVC, rpc_sh_share_delete,
"Delete a share" },
{ "info", NULL, PI_SRVSVC, rpc_sh_share_info,
"Get information about a share" },
{ NULL, NULL, 0, NULL, NULL }
};
return cmds;
r15657: Fix some Tru64 warnings (This used to be commit a85dfb9eff222142eb1f9d89beb3d156661dd047)
2006-05-17 15:14:26 +04:00
}
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/****************************************************************************/
static int rpc_file_usage(int argc, const char **argv)
{
return net_help_file(argc, argv);
}
/**
* Close a file on a remote RPC server
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_file_close_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
return rpccli_srvsvc_NetFileClose(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
Fix svcctl callers. Guenther (This used to be commit 91bf2ac1af66acd8bcc831e758b3765fc94b2485)
2007-12-03 20:25:13 +03:00
atoi(argv[0]), NULL);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
/**
* Close a file on a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_file_close(int argc, const char **argv)
{
if (argc < 1) {
DEBUG(1, ("No fileid given on close\n"));
return(rpc_file_usage(argc, argv));
}
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_file_close_internals,
argc, argv);
}
/**
* Formatted print of open file info
*
* @param info3 FILE_INFO_3 contents
* @param str3 strings for FILE_INFO_3
**/
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
static void display_file_info_3( FILE_INFO_3 *info3 )
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
fstring user = "", path = "";
rpcstr_pull_unistr2_fstring(user, info3->user);
rpcstr_pull_unistr2_fstring(path, info3->path);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
info3->id, user, info3->perms, info3->num_locks, path);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
/**
* List open files on a remote RPC server
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid acquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_file_list_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
SRV_FILE_INFO_CTR ctr;
WERROR result;
ENUM_HND hnd;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
uint32 preferred_len = 0xffffffff, i;
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
const char *username=NULL;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
init_enum_hnd(&hnd, 0);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/* if argc > 0, must be user command */
if (argc > 0)
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
username = smb_xstrdup(argv[0]);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
result = rpccli_srvsvc_net_file_enum(pipe_hnd,
mem_ctx, 3, username, &ctr, preferred_len, &hnd);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
if (!W_ERROR_IS_OK(result))
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
goto done;
/* Display results */
d_printf(
"\nEnumerating open files on remote server:\n\n"\
"\nFileId Opened by Perms Locks Path"\
"\n------ --------- ----- ----- ---- \n");
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
for (i = 0; i < ctr.num_entries; i++)
display_file_info_3(&ctr.file.info3[i]);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
done:
[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch. (This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-11 00:34:30 +04:00
return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
}
/**
* List files for a user on a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
static int rpc_file_user(int argc, const char **argv)
{
if (argc < 1) {
DEBUG(1, ("No username given\n"));
return(rpc_file_usage(argc, argv));
}
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_file_list_internals,
argc, argv);
}
/**
* 'net rpc file' entrypoint.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
int net_rpc_file(int argc, const char **argv)
{
struct functable func[] = {
{"close", rpc_file_close},
{"user", rpc_file_user},
#if 0
{"info", rpc_file_info},
#endif
{NULL, NULL}
};
if (argc == 0)
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
return run_rpc_command(NULL, PI_SRVSVC, 0,
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
rpc_file_list_internals,
argc, argv);
return net_run_function(argc, argv, func, rpc_file_usage);
}
/**
Add shutdown abort try over initshutdown pipe first, then fall back to winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e660b04e8f2446bb8a6590e9afcb5ab49f90a701)
2003-10-24 18:03:18 +04:00
* ABORT the shutdown of a remote RPC Server over, initshutdown pipe
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
* argc, argv which are passed through.
*
* @param domain_sid The domain sid aquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on compleation of the function.
* @param argc Standard main() style argc
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* @param argv Standard main() style argv. Initial components are already
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
* stripped
*
* @return Normal NTSTATUS return.
**/
Add shutdown abort try over initshutdown pipe first, then fall back to winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e660b04e8f2446bb8a6590e9afcb5ab49f90a701)
2003-10-24 18:03:18 +04:00
static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Fix shutdown callers. Guenther (This used to be commit de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3)
2007-12-03 20:40:36 +03:00
result = rpccli_initshutdown_Abort(pipe_hnd, mem_ctx, NULL, NULL);
Add shutdown abort try over initshutdown pipe first, then fall back to winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e660b04e8f2446bb8a6590e9afcb5ab49f90a701)
2003-10-24 18:03:18 +04:00
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown successfully aborted\n");
Add shutdown abort try over initshutdown pipe first, then fall back to winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e660b04e8f2446bb8a6590e9afcb5ab49f90a701)
2003-10-24 18:03:18 +04:00
DEBUG(5,("cmd_shutdown_abort: query succeeded\n"));
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
} else
Add shutdown abort try over initshutdown pipe first, then fall back to winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e660b04e8f2446bb8a6590e9afcb5ab49f90a701)
2003-10-24 18:03:18 +04:00
DEBUG(5,("cmd_shutdown_abort: query failed\n"));
return result;
}
/**
* ABORT the shutdown of a remote RPC Server, over winreg pipe
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passed through.
*
* @param domain_sid The domain sid aquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on compleation of the function.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
static NTSTATUS rpc_reg_shutdown_abort_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add shutdown abort try over initshutdown pipe first, then fall back to winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e660b04e8f2446bb8a6590e9afcb5ab49f90a701)
2003-10-24 18:03:18 +04:00
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
Fix shutdown callers. Guenther (This used to be commit de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3)
2007-12-03 20:40:36 +03:00
result = rpccli_winreg_AbortSystemShutdown(pipe_hnd, mem_ctx, NULL, NULL);
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown successfully aborted\n");
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
DEBUG(5,("cmd_reg_abort_shutdown: query succeeded\n"));
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
} else
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
DEBUG(5,("cmd_reg_abort_shutdown: query failed\n"));
return result;
}
/**
* ABORT the Shut down of a remote RPC server
*
* @param argc Standard main() style argc
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
* @param argv Standard main() style argv. Initial components are already
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_shutdown_abort(int argc, const char **argv)
{
r18560: * Add in the winreg and initshutdown IDL files * rename PI_SHUTDOWN from include/smb.h to PI_INITSHUTDOWN for compatibility with pidl libndr output (This used to be commit 23a882861311d9d6ca45af1bfcc90d05846ba3a9)
2006-09-15 22:32:43 +04:00
int rc = run_rpc_command(NULL, PI_INITSHUTDOWN, 0,
Add shutdown abort try over initshutdown pipe first, then fall back to winreg pipe if it doesn't work. Fixes bug #534. I will go back and add the same logic for the shutdown itself, even though that works so far against win2k (haven't tested all win clients). (This used to be commit e660b04e8f2446bb8a6590e9afcb5ab49f90a701)
2003-10-24 18:03:18 +04:00
rpc_shutdown_abort_internals,
argc, argv);
if (rc == 0)
return rc;
DEBUG(1, ("initshutdown pipe didn't work, trying winreg pipe\n"));
return run_rpc_command(NULL, PI_WINREG, 0,
rpc_reg_shutdown_abort_internals,
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
argc, argv);
}
/**
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
* Shut down a remote RPC Server via initshutdown pipe
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
*
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function, except for
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
* argc, argv which are passes through.
*
* @param domain_sid The domain sid aquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on compleation of the function.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
Actually implement reboot feature for net dom join/unjoin. Guenther (This used to be commit bbbeeba163f173d774937103a36560a4a4f49d4b)
2007-12-03 13:07:27 +03:00
NTSTATUS rpc_init_shutdown_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
struct initshutdown_String msg_string;
struct initshutdown_String_sub s;
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
if (opt_comment) {
msg = opt_comment;
}
if (opt_timeout) {
timeout = opt_timeout;
}
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
s.name = msg;
msg_string.name = &s;
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
/* create an entry */
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
result = rpccli_initshutdown_Init(pipe_hnd, mem_ctx, NULL,
Fix shutdown callers. Guenther (This used to be commit de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3)
2007-12-03 20:40:36 +03:00
&msg_string, timeout, opt_force, opt_reboot, NULL);
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
DEBUG(5,("Shutdown of remote machine succeeded\n"));
r10909: Give better shutdown messages (This used to be commit 8075b99b44085d107fa42d431300c60133ec53eb)
2005-10-11 22:42:25 +04:00
} else {
DEBUG(1,("Shutdown of remote machine failed!\n"));
}
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
return result;
}
/**
* Shut down a remote RPC Server via winreg pipe
*
* All parameters are provided by the run_rpc_command function, except for
* argc, argv which are passes through.
*
* @param domain_sid The domain sid aquired from the remote server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on compleation of the function.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return Normal NTSTATUS return.
**/
Actually implement reboot feature for net dom join/unjoin. Guenther (This used to be commit bbbeeba163f173d774937103a36560a4a4f49d4b)
2007-12-03 13:07:27 +03:00
NTSTATUS rpc_reg_shutdown_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
{
Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2003-01-03 11:28:12 +03:00
const char *msg = "This machine will be shutdown shortly";
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
uint32 timeout = 20;
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
struct initshutdown_String msg_string;
struct initshutdown_String_sub s;
NTSTATUS result;
Fix shutdown callers. Guenther (This used to be commit de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3)
2007-12-03 20:40:36 +03:00
WERROR werr;
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
if (opt_comment) {
msg = opt_comment;
}
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
s.name = msg;
msg_string.name = &s;
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
if (opt_timeout) {
timeout = opt_timeout;
}
/* create an entry */
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
result = rpccli_winreg_InitiateSystemShutdown(pipe_hnd, mem_ctx, NULL,
Fix shutdown callers. Guenther (This used to be commit de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3)
2007-12-03 20:40:36 +03:00
&msg_string, timeout, opt_force, opt_reboot, &werr);
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
if (NT_STATUS_IS_OK(result)) {
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
d_printf("\nShutdown of remote machine succeeded\n");
r10909: Give better shutdown messages (This used to be commit 8075b99b44085d107fa42d431300c60133ec53eb)
2005-10-11 22:42:25 +04:00
} else {
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "\nShutdown of remote machine failed\n");
Fix shutdown callers. Guenther (This used to be commit de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3)
2007-12-03 20:40:36 +03:00
if ( W_ERROR_EQUAL(werr, WERR_MACHINE_LOCKED) )
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "\nMachine locked, use -f switch to force\n");
r10909: Give better shutdown messages (This used to be commit 8075b99b44085d107fa42d431300c60133ec53eb)
2005-10-11 22:42:25 +04:00
else
Fix shutdown callers. Guenther (This used to be commit de2fdc6b5a78932f8ea5cf4c4715296f18dae4d3)
2007-12-03 20:40:36 +03:00
d_fprintf(stderr, "\nresult was: %s\n", dos_errstr(werr));
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
}
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
r18919: * Get the new rpccli_winreg_XXXX() functions into the tree There some broken functionality here that I'm still working on. * remove unneeded parsing routines (This used to be commit cbfe1a4b498593a48fc34f584754ed4a9ef72cc5)
2006-09-26 19:15:26 +04:00
return result;
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
}
/**
* Shut down a remote RPC server
*
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_shutdown(int argc, const char **argv)
{
r18560: * Add in the winreg and initshutdown IDL files * rename PI_SHUTDOWN from include/smb.h to PI_INITSHUTDOWN for compatibility with pidl libndr output (This used to be commit 23a882861311d9d6ca45af1bfcc90d05846ba3a9)
2006-09-15 22:32:43 +04:00
int rc = run_rpc_command(NULL, PI_INITSHUTDOWN, 0,
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
rpc_init_shutdown_internals,
argc, argv);
r10909: Give better shutdown messages (This used to be commit 8075b99b44085d107fa42d431300c60133ec53eb)
2005-10-11 22:42:25 +04:00
if (rc) {
DEBUG(1, ("initshutdown pipe failed, trying winreg pipe\n"));
rc = run_rpc_command(NULL, PI_WINREG, 0,
rpc_reg_shutdown_internals, argc, argv);
}
r3771: Fix bug #1952: no comment on XP shutdown Try INITSHUTDOWN pipe first, used by newer clients. If it fails, fall back to WINREG. (This used to be commit f05858df65d89950c739a739a9b9fa7a04db39c3)
2004-11-15 23:57:27 +03:00
r10909: Give better shutdown messages (This used to be commit 8075b99b44085d107fa42d431300c60133ec53eb)
2005-10-11 22:42:25 +04:00
return rc;
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/***************************************************************************
NT Domain trusts code (i.e. 'net rpc trustdom' functionality)
***************************************************************************/
/**
* Add interdomain trust account to the RPC server.
* All parameters (except for argc and argv) are passed by run_rpc_command
* function.
*
* @param domain_sid The domain sid acquired from the server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return normal NTSTATUS return code
*/
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
struct lsa_String lsa_acct_name;
r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16. * Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2006-02-27 13:32:45 +03:00
uint32 acb_info;
Forward ported version of Matt Geddes <musicalcarrion@gmail.com> patch for adding acct_flags to rpccli_samr_create_dom_user(). Jerry please test. Jeremy. (This used to be commit 7d94f97947b7edfcf3ec52f0125e4593d6d54c05)
2008-01-24 00:54:02 +03:00
uint32 acct_flags=0;
uint32 user_rid;
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
uint32_t access_granted = 0;
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
union samr_UserInfo info;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
Set the password for a newly created trustdom account. Tested against PDCs running NT4SP1, NT4SP6 and Samba 3.0. Volker (This used to be commit 2143446043b2c29027cf69554caddf41274df709)
2003-05-11 20:59:06 +04:00
if (argc != 2) {
d_printf("Usage: net rpc trustdom add <domain_name> <pw>\n");
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
return NT_STATUS_INVALID_PARAMETER;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
}
/*
* Make valid trusting domain account (ie. uppercased and with '$' appended)
*/
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (asprintf(&acct_name, "%s$", argv[0]) < 0) {
return NT_STATUS_NO_MEMORY;
}
Removed strupper/strlower macros that automatically map to strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03 23:11:31 +04:00
strupper_m(acct_name);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
init_lsa_String(&lsa_acct_name, acct_name);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* Get samr policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Create trusting domain's account */
Trying to avoid defining new SAMR acct creation flags when we already have them with different names. Matt, Jeremy, please check. Guenther (This used to be commit d4a9e46edf7336f673c001c559af96eb0ecf9f6f)
2008-01-25 03:00:51 +03:00
acb_info = ACB_NORMAL;
acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
SEC_STD_WRITE_DAC | SEC_STD_DELETE |
SAMR_USER_ACCESS_SET_PASSWORD |
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
Use rpccli_samr_CreateUser2() all over the place. Guenther (This used to be commit 701af69118c9634c7dc0d5c10152ce776787694d)
2008-02-01 16:21:54 +03:00
result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
&domain_pol,
&lsa_acct_name,
acb_info,
acct_flags,
&user_pol,
&access_granted,
&user_rid);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Set the password for a newly created trustdom account. Tested against PDCs running NT4SP1, NT4SP6 and Samba 3.0. Volker (This used to be commit 2143446043b2c29027cf69554caddf41274df709)
2003-05-11 20:59:06 +04:00
{
r5580: Fix "net rpc trustdom add". Much closer to what windows does. Also stop referencing unknown_6 from sam, because it's just fixed at 1260, the max len of LOGON_HRS. Need to go in and mark it as "remove me" from passdb. (This used to be commit ffac752875938d510446ebbeba6fc983f65cda1e)
2005-02-26 18:26:55 +03:00
NTTIME notime;
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
struct samr_LogonHours hours;
const int units_per_week = 168;
Set the password for a newly created trustdom account. Tested against PDCs running NT4SP1, NT4SP6 and Samba 3.0. Volker (This used to be commit 2143446043b2c29027cf69554caddf41274df709)
2003-05-11 20:59:06 +04:00
uchar pwbuf[516];
r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208)
2005-10-18 07:24:00 +04:00
encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
Set the password for a newly created trustdom account. Tested against PDCs running NT4SP1, NT4SP6 and Samba 3.0. Volker (This used to be commit 2143446043b2c29027cf69554caddf41274df709)
2003-05-11 20:59:06 +04:00
r5580: Fix "net rpc trustdom add". Much closer to what windows does. Also stop referencing unknown_6 from sam, because it's just fixed at 1260, the max len of LOGON_HRS. Need to go in and mark it as "remove me" from passdb. (This used to be commit ffac752875938d510446ebbeba6fc983f65cda1e)
2005-02-26 18:26:55 +03:00
ZERO_STRUCT(notime);
Use rpccli_samr_SetUserInfo2() in place of rpccli_samr_set_userinfo(). Guenther (This used to be commit 1b48b9d73d971ef18b8a2ea240e48902b703b74b)
2008-02-12 22:01:36 +03:00
ZERO_STRUCT(hours);
hours.bits = talloc_array(mem_ctx, uint8_t, units_per_week);
if (!hours.bits) {
result = NT_STATUS_NO_MEMORY;
goto done;
}
hours.units_per_week = units_per_week;
memset(hours.bits, 0xFF, units_per_week);
init_samr_user_info23(&info.info23,
notime, notime, notime,
notime, notime, notime,
NULL, NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, NULL,
0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS,
hours,
0, 0, 0, 0, 0, 0, 0,
pwbuf, 24);
SamOEMhashBlob(info.info23.password.data, 516,
&cli->user_session_key);
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
23,
&info);
Set the password for a newly created trustdom account. Tested against PDCs running NT4SP1, NT4SP6 and Samba 3.0. Volker (This used to be commit 2143446043b2c29027cf69554caddf41274df709)
2003-05-11 20:59:06 +04:00
if (!NT_STATUS_IS_OK(result)) {
Fix compile. (This used to be commit ca2e453c7838b6d0ed2d0a45124d162073bbbf99)
2003-05-12 03:49:36 +04:00
DEBUG(0,("Could not set trust account password: %s\n",
Set the password for a newly created trustdom account. Tested against PDCs running NT4SP1, NT4SP6 and Samba 3.0. Volker (This used to be commit 2143446043b2c29027cf69554caddf41274df709)
2003-05-11 20:59:06 +04:00
nt_errstr(result)));
goto done;
}
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
done:
SAFE_FREE(acct_name);
return result;
}
/**
* Create interdomain trust account for a remote domain.
*
* @param argc standard argc
* @param argv standard argv without initial components
*
* @return Integer status (0 means success)
**/
static int rpc_trustdom_add(int argc, const char **argv)
{
In case of 'net rpc trustdom add' without domain name we were silently asking for password without a piece of error message or explanation. rafal (This used to be commit d46793b33577f7e77b7632b016918e3ce175c238)
2003-08-16 01:57:59 +04:00
if (argc > 0) {
return run_rpc_command(NULL, PI_SAMR, 0, rpc_trustdom_add_internals,
argc, argv);
} else {
d_printf("Usage: net rpc trustdom add <domain>\n");
return -1;
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
}
r7415: * big change -- volker's new async winbindd from trunk (This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2005-06-09 02:10:34 +04:00
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
/**
r5594: Fix comment to read "remove" instead of "add" (This used to be commit 6884a2fa6e3d19a436edfb428056978ae127f442)
2005-02-28 14:17:13 +03:00
* Remove interdomain trust account from the RPC server.
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
* All parameters (except for argc and argv) are passed by run_rpc_command
* function.
*
* @param domain_sid The domain sid acquired from the server
* @param cli A cli_state connected to the server.
* @param mem_ctx Talloc context, destoyed on completion of the function.
* @param argc Standard main() style argc
* @param argc Standard main() style argv. Initial components are already
* stripped
*
* @return normal NTSTATUS return code
*/
static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
DOM_SID trust_acct_sid;
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
struct samr_Ids user_rids, name_types;
struct lsa_String lsa_acct_name;
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (argc != 1) {
d_printf("Usage: net rpc trustdom del <domain_name>\n");
return NT_STATUS_INVALID_PARAMETER;
}
/*
* Make valid trusting domain account (ie. uppercased and with '$' appended)
*/
r5954: Fix some compiler warnings and add missing exclude-block in "net rpc share migrate" (found by Lars Mueller <lmuelle@suse.de>). Guenther (This used to be commit 45a2a7bedb877745cd9677fe3124d5a2ad2c8853)
2005-03-22 18:45:38 +03:00
acct_name = talloc_asprintf(mem_ctx, "%s$", argv[0]);
if (acct_name == NULL)
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
return NT_STATUS_NO_MEMORY;
strupper_m(acct_name);
/* Get samr policy handle */
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
/* Get domain policy handle */
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
CONST_DISCARD(struct dom_sid2 *, domain_sid),
&domain_pol);
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
init_lsa_String(&lsa_acct_name, acct_name);
result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&user_rids,
&name_types);
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
user_rids.ids[0],
Use rpccli_samr_OpenUser() all over the place. Guenther (This used to be commit da90eb7653554d242da83ed98adae35ced3a2938)
2008-02-01 13:57:53 +03:00
&user_pol);
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* append the rid to the domain sid */
sid_copy(&trust_acct_sid, domain_sid);
Use rpccli_samr_LookupNames() in net rpc. Guenther (This used to be commit 38b635153466c160621a5444d37154369245809a)
2008-02-08 16:50:04 +03:00
if (!sid_append_rid(&trust_acct_sid, user_rids.ids[0])) {
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
goto done;
}
/* remove the sid */
Use rpccli_samr_RemoveMemberFromForeignDomain() in net. Guenther (This used to be commit 91c48ae15bea2235f8170170c2964bb1bae016ac)
2008-02-05 13:21:07 +03:00
result = rpccli_samr_RemoveMemberFromForeignDomain(pipe_hnd, mem_ctx,
&user_pol,
&trust_acct_sid);
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
/* Delete user */
Use rpccli_samr_DeleteUser() in net and rpcclient. Guenther (This used to be commit 5bd8f7067db8479ad4beb8e49d9106e43495ecec)
2008-02-01 03:26:36 +03:00
result = rpccli_samr_DeleteUser(pipe_hnd, mem_ctx,
&user_pol);
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0,("Could not set trust account password: %s\n",
nt_errstr(result)));
goto done;
}
done:
return result;
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/**
* Delete interdomain trust account for a remote domain.
*
* @param argc standard argc
* @param argv standard argv without initial components
*
* @return Integer status (0 means success)
**/
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
static int rpc_trustdom_del(int argc, const char **argv)
{
r5591: Implement "net rpc trustdom del", including client side of samr_remove_sid_from_foreign_domain. (This used to be commit 8360695fc02dfb09aff92a434bf9d411e65c478c)
2005-02-28 13:55:13 +03:00
if (argc > 0) {
return run_rpc_command(NULL, PI_SAMR, 0, rpc_trustdom_del_internals,
argc, argv);
} else {
d_printf("Usage: net rpc trustdom del <domain>\n");
return -1;
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
}
r7415: * big change -- volker's new async winbindd from trunk (This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2005-06-09 02:10:34 +04:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/**
* Establish trust relationship to a trusting domain.
* Interdomain account must already be created on remote PDC.
*
* @param argc standard argc
* @param argv standard argv without initial components
*
* @return Integer status (0 means success)
**/
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
static int rpc_trustdom_establish(int argc, const char **argv)
{
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct cli_state *cli = NULL;
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
struct sockaddr_storage server_ss;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client *pipe_hnd = NULL;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
POLICY_HND connect_hnd;
TALLOC_CTX *mem_ctx;
NTSTATUS nt_status;
This merges in my 'always use ADS' patch. Tested on a mix of NT and ADS domains, this patch ensures that we always use the ADS backend when security=ADS, and the remote server is capable. The routines used for this behaviour have been upgraded to modern Samba codeing standards. This is a change in behaviour for mixed mode domains, and if the trusted domain cannot be reached with our current krb5.conf file, we will show that domain as disconnected. This is in line with existing behaviour for native mode domains, and for our primary domain. As a consequence of testing this patch, I found that our kerberos error handling was well below par - we would often throw away useful error values. These changes move more routines to ADS_STATUS to return kerberos errors. Also found when valgrinding the setup, fix a few memory leaks. While sniffing the resultant connections, I noticed we would query our list of trusted domains twice - so I have reworked some of the code to avoid that. Andrew Bartlett (This used to be commit 7c34de8096b86d2869e7177420fe129bd0c7541d)
2004-01-08 11:19:18 +03:00
DOM_SID *domain_sid;
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
char* domain_name;
char* acct_name;
fstring pdc_name;
Remove pstring from clirap2 by completely rewriting the damn thing :-). Now with added paranoia. Jeremy. (This used to be commit b6b5f92bc9457220df384bdb13530c393d294ce7)
2007-12-04 01:09:48 +03:00
char *dc_name;
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation *info = NULL;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/*
* Connect to \\server\ipc$ as 'our domain' account with password
*/
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
if (argc != 1) {
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
d_printf("Usage: net rpc trustdom establish <domain_name>\n");
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
return -1;
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
domain_name = smb_xstrdup(argv[0]);
Removed strupper/strlower macros that automatically map to strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03 23:11:31 +04:00
strupper_m(domain_name);
Merge a bunch of trivial changes from HEAD. The difference remaining should actual functional differences between HEAD and 3.0. - Mostly reformatting - Removal of unecessary #include "smb.h" - Merge of dyn_DRIVERFILE removal - Silly bug fix for python code (This used to be commit d3998307adc50ba50defe610cb656c73799ae3b9)
2002-11-29 05:58:59 +03:00
/* account name used at first is our domain's name with '$' */
asprintf(&acct_name, "%s$", lp_workgroup());
Removed strupper/strlower macros that automatically map to strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03 23:11:31 +04:00
strupper_m(acct_name);
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/*
* opt_workgroup will be used by connection functions further,
* hence it should be set to remote domain name instead of ours
*/
if (opt_workgroup) {
opt_workgroup = smb_xstrdup(domain_name);
};
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
opt_user_name = acct_name;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/* find the domain controller */
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
if (!net_find_pdc(&server_ss, pdc_name, domain_name)) {
Small typo fix found while testing domain trusts. rafal (This used to be commit 033ee6e68708f687ccd053eab4a7dac16937354b)
2003-08-14 00:53:48 +04:00
DEBUG(0, ("Couldn't find domain controller for domain %s\n", domain_name));
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
return -1;
}
/* connect to ipc$ as username/password */
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
nt_status = connect_to_ipc(&cli, &server_ss, pdc_name);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
/* Is it trusting domain account for sure ? */
DEBUG(0, ("Couldn't verify trusting domain account. Error was %s\n",
Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-17 07:36:35 +03:00
nt_errstr(nt_status)));
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
return -1;
}
r13382: added server affinity cache stores for 'net rpc join' and trusted domain code (This used to be commit 9eb743584d32cdb67e0512ac915c34565bce1c01)
2006-02-08 07:03:47 +03:00
/* store who we connected to */
r14101: Fix a segfault in trustdom establish, cli is NULL here. (This used to be commit 1df58c7a00b00242ee3eda09de92335d5dabe9c4)
2006-03-10 00:07:15 +03:00
saf_store( domain_name, pdc_name );
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/*
* Connect to \\server\ipc$ again (this time anonymously)
*/
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
nt_status = connect_to_ipc_anonymous(&cli, &server_ss, (char*)pdc_name);
Remove pstring from clirap2 by completely rewriting the damn thing :-). Now with added paranoia. Jeremy. (This used to be commit b6b5f92bc9457220df384bdb13530c393d294ce7)
2007-12-04 01:09:48 +03:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't connect to domain %s controller. Error was %s.\n",
Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-17 07:36:35 +03:00
domain_name, nt_errstr(nt_status)));
r20917: Fix missing error returns pointed out by "Li, Ying (ESG)" <ying.li2@hp.com> Jeremy. (This used to be commit 78387b3cd2e4eff8f09b6c498ca37b016ed9ecbc)
2007-01-20 02:08:20 +03:00
return -1;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
}
/*
* Use NetServerEnum2 to make sure we're talking to a proper server
*/
Remove pstring from clirap2 by completely rewriting the damn thing :-). Now with added paranoia. Jeremy. (This used to be commit b6b5f92bc9457220df384bdb13530c393d294ce7)
2007-12-04 01:09:48 +03:00
if (!cli_get_pdc_name(cli, domain_name, &dc_name)) {
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\
for domain %s\n", domain_name));
r20917: Fix missing error returns pointed out by "Li, Ying (ESG)" <ying.li2@hp.com> Jeremy. (This used to be commit 78387b3cd2e4eff8f09b6c498ca37b016ed9ecbc)
2007-01-20 02:08:20 +03:00
cli_shutdown(cli);
return -1;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
}
Remove pstring from clirap2 by completely rewriting the damn thing :-). Now with added paranoia. Jeremy. (This used to be commit b6b5f92bc9457220df384bdb13530c393d294ce7)
2007-12-04 01:09:48 +03:00
SAFE_FREE(dc_name);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
r5910: Partial fix for bug 2438. I'll leave the debug message in place, that fix is a bit more effort. The real fix for this would be to open an schannel netlogon connection to the remote DC and change the trust account password... Volker (This used to be commit ab8991c384d81d32ac13f89592e8b35208127b32)
2005-03-20 14:51:01 +03:00
if (!(mem_ctx = talloc_init("establishing trust relationship to "
"domain %s", domain_name))) {
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
DEBUG(0, ("talloc_init() failed\n"));
cli_shutdown(cli);
return -1;
}
r7415: * big change -- volker's new async winbindd from trunk (This used to be commit a0ac9a8ffd4af31a0ebc423b4acbb2f043d865b8)
2005-06-09 02:10:34 +04:00
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/*
* Call LsaOpenPolicy and LsaQueryInfo
*/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) ));
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE,
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
&connect_hnd);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-17 07:36:35 +03:00
nt_errstr(nt_status)));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
return -1;
}
/* Querying info level 5 */
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
nt_status = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
&connect_hnd,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
&info);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-17 07:36:35 +03:00
nt_errstr(nt_status)));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
return -1;
}
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
domain_sid = info->account_domain.sid;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/* There should be actually query info level 3 (following nt serv behaviour),
but I still don't know if it's _really_ necessary */
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
/*
* Store the password in secrets db
*/
r20824: Send access to the trusted domain passwords through the pdb backend, so that in the next step we can store them in LDAP to be replicated across DCs. Thanks to Michael Adam <ma@sernet.de> Volker (This used to be commit 3c879745cfc39be6128b63a88ecdbfa3d9ce6c2d)
2007-01-16 11:17:26 +03:00
if (!pdb_set_trusteddom_pw(domain_name, opt_password, domain_sid)) {
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
DEBUG(0, ("Storing password for trusted domain failed.\n"));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
return -1;
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/*
* Close the pipes and clean up
*/
r18747: replace rpccli_lsa_close() with rpccli_lsa_Close() (This used to be commit 50d74ce0488a9bd0980cdc6d523a210f6238ef74)
2006-09-21 02:49:02 +04:00
nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n",
Renamed get_nt_error_msg() to nt_errstr(). (This used to be commit 1f007d3ed41c1b71a89fa6be7d173e67e927c302)
2002-03-17 07:36:35 +03:00
nt_errstr(nt_status)));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
return -1;
}
r5910: Partial fix for bug 2438. I'll leave the debug message in place, that fix is a bit more effort. The real fix for this would be to open an schannel netlogon connection to the remote DC and change the trust account password... Volker (This used to be commit ab8991c384d81d32ac13f89592e8b35208127b32)
2005-03-20 14:51:01 +03:00
cli_shutdown(cli);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
talloc_destroy(mem_ctx);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
Two little annoyances: net rpc did not inform you if no smbd is running. I never liked the error message (!) Success! when we established a trust. Volker (This used to be commit 4191a434d48065a75f38752c4aa27219f36d602b)
2004-03-18 10:32:15 +03:00
d_printf("Trust to domain %s established\n", domain_name);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
return 0;
}
/**
* Revoke trust relationship to the remote domain
*
* @param argc standard argc
* @param argv standard argv without initial components
*
* @return Integer status (0 means success)
**/
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
static int rpc_trustdom_revoke(int argc, const char **argv)
{
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
char* domain_name;
r20824: Send access to the trusted domain passwords through the pdb backend, so that in the next step we can store them in LDAP to be replicated across DCs. Thanks to Michael Adam <ma@sernet.de> Volker (This used to be commit 3c879745cfc39be6128b63a88ecdbfa3d9ce6c2d)
2007-01-16 11:17:26 +03:00
int rc = -1;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
if (argc < 1) return -1;
/* generate upper cased domain name */
domain_name = smb_xstrdup(argv[0]);
Removed strupper/strlower macros that automatically map to strupper_m/strlower_m. I really want people to think about when they're using multibyte strings. Jeremy. (This used to be commit ff222716a08af65d26ad842ce4c2841cc6540959)
2003-07-03 23:11:31 +04:00
strupper_m(domain_name);
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/* delete password of the trust */
r20824: Send access to the trusted domain passwords through the pdb backend, so that in the next step we can store them in LDAP to be replicated across DCs. Thanks to Michael Adam <ma@sernet.de> Volker (This used to be commit 3c879745cfc39be6128b63a88ecdbfa3d9ce6c2d)
2007-01-16 11:17:26 +03:00
if (!pdb_del_trusteddom_pw(domain_name)) {
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
DEBUG(0, ("Failed to revoke relationship to the trusted domain %s\n",
domain_name));
r20824: Send access to the trusted domain passwords through the pdb backend, so that in the next step we can store them in LDAP to be replicated across DCs. Thanks to Michael Adam <ma@sernet.de> Volker (This used to be commit 3c879745cfc39be6128b63a88ecdbfa3d9ce6c2d)
2007-01-16 11:17:26 +03:00
goto done;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
};
r20824: Send access to the trusted domain passwords through the pdb backend, so that in the next step we can store them in LDAP to be replicated across DCs. Thanks to Michael Adam <ma@sernet.de> Volker (This used to be commit 3c879745cfc39be6128b63a88ecdbfa3d9ce6c2d)
2007-01-16 11:17:26 +03:00
rc = 0;
done:
SAFE_FREE(domain_name);
return rc;
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
}
/**
* Usage for 'net rpc trustdom' command
*
* @param argc standard argc
* @param argv standard argv without inital components
*
* @return Integer status returned to shell
**/
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
static int rpc_trustdom_usage(int argc, const char **argv)
{
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
d_printf(" net rpc trustdom add \t\t add trusting domain's account\n");
d_printf(" net rpc trustdom del \t\t delete trusting domain's account\n");
d_printf(" net rpc trustdom establish \t establish relationship to trusted domain\n");
d_printf(" net rpc trustdom revoke \t abandon relationship to trusted domain\n");
d_printf(" net rpc trustdom list \t show current interdomain trust relationships\n");
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
d_printf(" net rpc trustdom vampire \t vampire interdomain trust relationships from remote server\n");
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
return -1;
}
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
static NTSTATUS rpc_query_domain_sid(const DOM_SID *domain_sid,
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
{
fstring str_sid;
s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-16 00:47:30 +03:00
sid_to_fstring(str_sid, domain_sid);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
d_printf("%s\n", str_sid);
return NT_STATUS_OK;
fix some warnings found by the Sun C compiler (This used to be commit e1fac713e25692a5790c3261ba323732930f5249)
2003-09-22 21:53:59 +04:00
}
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
static void print_trusted_domain(DOM_SID *dom_sid, const char *trusted_dom_name)
{
fstring ascii_sid, padding;
int pad_len, col_len = 20;
/* convert sid into ascii string */
s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546)
2007-12-16 00:47:30 +03:00
sid_to_fstring(ascii_sid, dom_sid);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
/* calculate padding space for d_printf to look nicer */
pad_len = col_len - strlen(trusted_dom_name);
padding[pad_len] = 0;
do padding[--pad_len] = ' '; while (pad_len);
d_printf("%s%s%s\n", trusted_dom_name, padding, ascii_sid);
}
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
static NTSTATUS vampire_trusted_domain(struct rpc_pipe_client *pipe_hnd,
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
TALLOC_CTX *mem_ctx,
POLICY_HND *pol,
DOM_SID dom_sid,
const char *trusted_dom_name)
{
NTSTATUS nt_status;
Use pidl generated rpccli_lsa_QueryTrustedDomainInfoBySid when vampiring trusted domain secrets. Guenther (This used to be commit aa3de6f9f5b5375ca9f1e8a60a378afba1c0848b)
2008-01-14 17:33:26 +03:00
union lsa_TrustedDomainInfo info;
r8833: Fix some uninitialized variables. Volker (This used to be commit 503a58b6be1972bea0804fab82aee1d814f6d522)
2005-07-28 19:01:29 +04:00
char *cleartextpwd = NULL;
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
DATA_BLOB data;
Use pidl generated rpccli_lsa_QueryTrustedDomainInfoBySid when vampiring trusted domain secrets. Guenther (This used to be commit aa3de6f9f5b5375ca9f1e8a60a378afba1c0848b)
2008-01-14 17:33:26 +03:00
nt_status = rpccli_lsa_QueryTrustedDomainInfoBySid(pipe_hnd, mem_ctx,
pol,
&dom_sid,
LSA_TRUSTED_DOMAIN_INFO_PASSWORD,
&info);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0,("Could not query trusted domain info. Error was %s\n",
nt_errstr(nt_status)));
goto done;
}
Use pidl generated rpccli_lsa_QueryTrustedDomainInfoBySid when vampiring trusted domain secrets. Guenther (This used to be commit aa3de6f9f5b5375ca9f1e8a60a378afba1c0848b)
2008-01-14 17:33:26 +03:00
data = data_blob(NULL, info.password.password->length);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
Use pidl generated rpccli_lsa_QueryTrustedDomainInfoBySid when vampiring trusted domain secrets. Guenther (This used to be commit aa3de6f9f5b5375ca9f1e8a60a378afba1c0848b)
2008-01-14 17:33:26 +03:00
memcpy(data.data,
info.password.password->data,
info.password.password->length);
data.length = info.password.password->length;
cleartextpwd = decrypt_trustdom_secret(pipe_hnd->cli->pwd.password,
&data);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
if (cleartextpwd == NULL) {
DEBUG(0,("retrieved NULL password\n"));
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
r20824: Send access to the trusted domain passwords through the pdb backend, so that in the next step we can store them in LDAP to be replicated across DCs. Thanks to Michael Adam <ma@sernet.de> Volker (This used to be commit 3c879745cfc39be6128b63a88ecdbfa3d9ce6c2d)
2007-01-16 11:17:26 +03:00
if (!pdb_set_trusteddom_pw(trusted_dom_name, cleartextpwd, &dom_sid)) {
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
DEBUG(0, ("Storing password for trusted domain failed.\n"));
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
r12338: add ifdef DEBUG_PASSWORD before printing clear text password. Guenther (This used to be commit e0be0e052380b38235d4f34d366f48707ed59df7)
2005-12-19 05:22:13 +03:00
#ifdef DEBUG_PASSWORD
Replace sid_string_static by sid_string_dbg in DEBUGs (This used to be commit bb35e794ec129805e874ceba882bcc1e84791a09)
2007-12-15 23:11:36 +03:00
DEBUG(100,("sucessfully vampired trusted domain [%s], sid: [%s], "
"password: [%s]\n", trusted_dom_name,
sid_string_dbg(&dom_sid), cleartextpwd));
r12338: add ifdef DEBUG_PASSWORD before printing clear text password. Guenther (This used to be commit e0be0e052380b38235d4f34d366f48707ed59df7)
2005-12-19 05:22:13 +03:00
#endif
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
done:
SAFE_FREE(cleartextpwd);
data_blob_free(&data);
return nt_status;
}
static int rpc_trustdom_vampire(int argc, const char **argv)
{
/* common variables */
TALLOC_CTX* mem_ctx;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct cli_state *cli = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
NTSTATUS nt_status;
const char *domain_name = NULL;
DOM_SID *queried_dom_sid;
POLICY_HND connect_hnd;
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation *info = NULL;
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
/* trusted domains listing variables */
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
unsigned int enum_ctx = 0;
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
int i;
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
struct lsa_DomainList dom_list;
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
fstring pdc_name;
/*
* Listing trusted domains (stored in secrets.tdb, if local)
*/
mem_ctx = talloc_init("trust relationships vampire");
/*
* set domain and pdc name to local samba server (default)
* or to remote one given in command line
*/
if (StrCaseCmp(opt_workgroup, lp_workgroup())) {
domain_name = opt_workgroup;
opt_target_workgroup = opt_workgroup;
} else {
fstrcpy(pdc_name, global_myname());
domain_name = talloc_strdup(mem_ctx, lp_workgroup());
opt_target_workgroup = domain_name;
};
/* open \PIPE\lsarpc and open policy handle */
r25197: Change net_make_ipc_connection() and net_make_ipc_connection_ex() to return NTSTATUS to allow for better error propagation. Michael (This used to be commit 46093004a788dae83a4ddb888ca5d72f555c236c)
2007-09-17 19:11:20 +04:00
nt_status = net_make_ipc_connection(NET_FLAGS_PDC, &cli);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't connect to domain controller: %s\n",
nt_errstr(nt_status)));
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
return -1;
};
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
nt_errstr(nt_status) ));
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
return -1;
};
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, False, SEC_RIGHTS_QUERY_VALUE,
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
return -1;
};
/* query info level 5 to obtain sid of a domain being queried */
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
nt_status = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
&connect_hnd,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
&info);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
return -1;
}
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
queried_dom_sid = info->account_domain.sid;
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
/*
* Keep calling LsaEnumTrustdom over opened pipe until
* the end of enumeration is reached
*/
d_printf("Vampire trusted domains:\n\n");
do {
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
nt_status = rpccli_lsa_EnumTrustDom(pipe_hnd, mem_ctx,
&connect_hnd,
&enum_ctx,
&dom_list,
(uint32_t)-1);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
return -1;
};
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
for (i = 0; i < dom_list.count; i++) {
print_trusted_domain(dom_list.domains[i].sid,
dom_list.domains[i].name.string);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_status = vampire_trusted_domain(pipe_hnd, mem_ctx, &connect_hnd,
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
*dom_list.domains[i].sid,
dom_list.domains[i].name.string);
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
if (!NT_STATUS_IS_OK(nt_status)) {
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
return -1;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
}
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
};
/*
* in case of no trusted domains say something rather
* than just display blank line
*/
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
if (!dom_list.count) d_printf("none\n");
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close this connection before doing next one */
r18747: replace rpccli_lsa_close() with rpccli_lsa_Close() (This used to be commit 50d74ce0488a9bd0980cdc6d523a210f6238ef74)
2006-09-21 02:49:02 +04:00
nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
return -1;
};
/* close lsarpc pipe and connection to IPC$ */
cli_shutdown(cli);
talloc_destroy(mem_ctx);
return 0;
}
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
static int rpc_trustdom_list(int argc, const char **argv)
{
/* common variables */
TALLOC_CTX* mem_ctx;
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
struct cli_state *cli = NULL, *remote_cli = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
NTSTATUS nt_status;
Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2003-01-03 11:28:12 +03:00
const char *domain_name = NULL;
This merges in my 'always use ADS' patch. Tested on a mix of NT and ADS domains, this patch ensures that we always use the ADS backend when security=ADS, and the remote server is capable. The routines used for this behaviour have been upgraded to modern Samba codeing standards. This is a change in behaviour for mixed mode domains, and if the trusted domain cannot be reached with our current krb5.conf file, we will show that domain as disconnected. This is in line with existing behaviour for native mode domains, and for our primary domain. As a consequence of testing this patch, I found that our kerberos error handling was well below par - we would often throw away useful error values. These changes move more routines to ADS_STATUS to return kerberos errors. Also found when valgrinding the setup, fix a few memory leaks. While sniffing the resultant connections, I noticed we would query our list of trusted domains twice - so I have reworked some of the code to avoid that. Andrew Bartlett (This used to be commit 7c34de8096b86d2869e7177420fe129bd0c7541d)
2004-01-08 11:19:18 +03:00
DOM_SID *queried_dom_sid;
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
fstring padding;
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
int ascii_dom_name_len;
POLICY_HND connect_hnd;
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation *info = NULL;
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* trusted domains listing variables */
get rid of more compiler warnings (This used to be commit 398bd14fc6e2f8ab2f34211270e179b8928a6669)
2003-08-15 08:42:05 +04:00
unsigned int num_domains, enum_ctx = 0;
int i, pad_len, col_len = 20;
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
struct lsa_DomainList dom_list;
This merges in my 'always use ADS' patch. Tested on a mix of NT and ADS domains, this patch ensures that we always use the ADS backend when security=ADS, and the remote server is capable. The routines used for this behaviour have been upgraded to modern Samba codeing standards. This is a change in behaviour for mixed mode domains, and if the trusted domain cannot be reached with our current krb5.conf file, we will show that domain as disconnected. This is in line with existing behaviour for native mode domains, and for our primary domain. As a consequence of testing this patch, I found that our kerberos error handling was well below par - we would often throw away useful error values. These changes move more routines to ADS_STATUS to return kerberos errors. Also found when valgrinding the setup, fix a few memory leaks. While sniffing the resultant connections, I noticed we would query our list of trusted domains twice - so I have reworked some of the code to avoid that. Andrew Bartlett (This used to be commit 7c34de8096b86d2869e7177420fe129bd0c7541d)
2004-01-08 11:19:18 +03:00
fstring pdc_name;
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* trusting domains listing variables */
POLICY_HND domain_hnd;
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
struct samr_SamArray *trusts = NULL;
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/*
* Listing trusted domains (stored in secrets.tdb, if local)
*/
Forward port the change to talloc_init() to make all talloc contexts named. Ensure we can query them. Jeremy. (This used to be commit 09a218a9f6fb0bd922940467bf8500eb4f1bcf84)
2002-12-20 23:21:31 +03:00
mem_ctx = talloc_init("trust relationships listing");
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/*
* set domain and pdc name to local samba server (default)
* or to remote one given in command line
*/
Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2003-01-03 11:28:12 +03:00
if (StrCaseCmp(opt_workgroup, lp_workgroup())) {
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
domain_name = opt_workgroup;
opt_target_workgroup = opt_workgroup;
} else {
Merge from HEAD - make Samba compile with -Wwrite-strings without additional warnings. (Adds a lot of const). Andrew Bartlett (This used to be commit 3a7458f9472432ef12c43008414925fd1ce8ea0c)
2003-01-03 11:28:12 +03:00
fstrcpy(pdc_name, global_myname());
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
domain_name = talloc_strdup(mem_ctx, lp_workgroup());
opt_target_workgroup = domain_name;
};
/* open \PIPE\lsarpc and open policy handle */
r25197: Change net_make_ipc_connection() and net_make_ipc_connection_ex() to return NTSTATUS to allow for better error propagation. Michael (This used to be commit 46093004a788dae83a4ddb888ca5d72f555c236c)
2007-09-17 19:11:20 +04:00
nt_status = net_make_ipc_connection(NET_FLAGS_PDC, &cli);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't connect to domain controller: %s\n",
nt_errstr(nt_status)));
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
nt_errstr(nt_status) ));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, False, SEC_RIGHTS_QUERY_VALUE,
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
/* query info level 5 to obtain sid of a domain being queried */
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
nt_status = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
&connect_hnd,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
&info);
Merge of bugfix for cli_lsa_query_info_policy() usage. (This used to be commit ab64a0b1e7666b6612659b5720eda451c0ab4857)
2003-04-14 08:00:15 +04:00
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
}
Use rpccli_lsa_QueryInfoPolicy() all over the place. Guenther (This used to be commit ce22abcea3446e4ad42e8e04654b9855b173c5a1)
2008-02-08 04:12:30 +03:00
queried_dom_sid = info->account_domain.sid;
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/*
* Keep calling LsaEnumTrustdom over opened pipe until
* the end of enumeration is reached
*/
d_printf("Trusted domains list:\n\n");
do {
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
nt_status = rpccli_lsa_EnumTrustDom(pipe_hnd, mem_ctx,
&connect_hnd,
&enum_ctx,
&dom_list,
(uint32_t)-1);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
for (i = 0; i < dom_list.count; i++) {
print_trusted_domain(dom_list.domains[i].sid,
dom_list.domains[i].name.string);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
};
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
/*
* in case of no trusted domains say something rather
* than just display blank line
*/
Use rpccli_lsa_EnumTrustDom all over the place. Guenther (This used to be commit a25e7ffbca9c2c97dd36b0596e7cb38a72aaf9d9)
2008-02-13 02:25:40 +03:00
if (!dom_list.count) d_printf("none\n");
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close this connection before doing next one */
r18747: replace rpccli_lsa_close() with rpccli_lsa_Close() (This used to be commit 50d74ce0488a9bd0980cdc6d523a210f6238ef74)
2006-09-21 02:49:02 +04:00
nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
cli_rpc_pipe_close(pipe_hnd);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/*
* Listing trusting domains (stored in passdb backend, if local)
*/
d_printf("\nTrusting domains list:\n\n");
/*
* Open \PIPE\samr and get needed policy handles
*/
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
Use rpccli_samr_Connect2() all over the place. Guenther (This used to be commit bdf8d562621e1a09bf83e2009dec24966e7fdf22)
2008-02-04 21:43:07 +03:00
/* SamrConnect2 */
nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->cli->desthost,
SA_RIGHT_SAM_OPEN_DOMAIN,
&connect_hnd);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* SamrOpenDomain - we have to open domain policy handle in order to be
able to enumerate accounts*/
Use rpccli_samr_OpenDomain() all over the place. Guenther (This used to be commit e4e9d72724d547e1405b2ed4cec509d50ec88c8d)
2008-02-01 13:12:05 +03:00
nt_status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_hnd,
SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
queried_dom_sid,
&domain_hnd);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open domain object. Error was %s\n",
nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
/*
* perform actual enumeration
*/
enum_ctx = 0; /* reset enumeration context from last enumeration */
do {
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
nt_status = rpccli_samr_EnumDomainUsers(pipe_hnd, mem_ctx,
&domain_hnd,
&enum_ctx,
ACB_DOMTRUST,
&trusts,
0xffff,
&num_domains);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n",
nt_errstr(nt_status)));
r21755: Memory leak fixes from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit 02d08ca0be8c374e30c3c0e665853fa9e57f043a)
2007-03-08 01:29:21 +03:00
cli_shutdown(cli);
r21609: Fix memory leaks in error code paths (and one in winbindd_group.c). Patch from Zack Kirsch <zack.kirsch@isilon.com>. Jeremy. (This used to be commit df07a662e32367a52c1e8473475423db2ff5bc51)
2007-03-01 05:43:33 +03:00
talloc_destroy(mem_ctx);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
return -1;
};
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
for (i = 0; i < num_domains; i++) {
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
char *str = CONST_DISCARD(char *, trusts->entries[i].name.string);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/*
* get each single domain's sid (do we _really_ need this ?):
* 1) connect to domain's pdc
* 2) query the pdc for domain's sid
*/
/* get rid of '$' tail */
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
ascii_dom_name_len = strlen(str);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (ascii_dom_name_len && ascii_dom_name_len < FSTRING_LEN)
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
str[ascii_dom_name_len - 1] = '\0';
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* calculate padding space for d_printf to look nicer */
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
pad_len = col_len - strlen(str);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
padding[pad_len] = 0;
do padding[--pad_len] = ' '; while (pad_len);
/* set opt_* variables to remote domain */
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
strupper_m(str);
opt_workgroup = talloc_strdup(mem_ctx, str);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
opt_target_workgroup = opt_workgroup;
Use rpccli_samr_EnumDomainUsers in net and rpcclient. Guenther (This used to be commit bcf2cd324c2898bda38515036a205c8d0982494f)
2008-02-12 13:36:33 +03:00
d_printf("%s%s", str, padding);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* connect to remote domain controller */
r25197: Change net_make_ipc_connection() and net_make_ipc_connection_ex() to return NTSTATUS to allow for better error propagation. Michael (This used to be commit 46093004a788dae83a4ddb888ca5d72f555c236c)
2007-09-17 19:11:20 +04:00
nt_status = net_make_ipc_connection(
NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS,
&remote_cli);
if (NT_STATUS_IS_OK(nt_status)) {
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
/* query for domain's sid */
merge of new client side support the Win2k LSARPC UUID in rpcbind from APP_HEAD (This used to be commit 1cfd2ee433305e91e87804dd55d10e025d30a69e)
2002-10-04 08:10:23 +04:00
if (run_rpc_command(remote_cli, PI_LSARPC, 0, rpc_query_domain_sid, argc, argv))
r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb)
2006-01-18 00:22:00 +03:00
d_fprintf(stderr, "couldn't get domain's sid\n");
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
cli_shutdown(remote_cli);
} else {
r25197: Change net_make_ipc_connection() and net_make_ipc_connection_ex() to return NTSTATUS to allow for better error propagation. Michael (This used to be commit 46093004a788dae83a4ddb888ca5d72f555c236c)
2007-09-17 19:11:20 +04:00
d_fprintf(stderr, "domain controller is not "
"responding: %s\n",
nt_errstr(nt_status));
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
};
};
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
if (!num_domains) d_printf("none\n");
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close opened samr and domain policy handles */
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
nt_status = rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_hnd);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't properly close domain policy handle for domain %s\n", domain_name));
};
Remove rpccli_samr_close and use pidl generated function instead. Guenther (This used to be commit 64f0889401855ab76953bfae5db4fe4df19ad8a5)
2008-01-30 14:39:20 +03:00
nt_status = rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_hnd);
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't properly close samr policy handle for domain %s\n", domain_name));
};
/* close samr pipe and connection to IPC$ */
cli_shutdown(cli);
talloc_destroy(mem_ctx);
return 0;
}
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
/**
* Entrypoint for 'net rpc trustdom' code
*
* @param argc standard argc
* @param argv standard argv without initial components
*
* @return Integer status (0 means success)
*/
static int rpc_trustdom(int argc, const char **argv)
{
struct functable func[] = {
{"add", rpc_trustdom_add},
{"del", rpc_trustdom_del},
{"establish", rpc_trustdom_establish},
{"revoke", rpc_trustdom_revoke},
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
{"help", rpc_trustdom_usage},
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
{"list", rpc_trustdom_list},
r7391: - Added client-support for various lsa_query_trust_dom_info-calls and a rpcclient-tester for some info-levels. Jerry, I tried to adopt to prs_pointer() where possible and to not interfere with your work for usrmgr. - Add "net rpc trustdom vampire"-tool. This allows to retrieve Interdomain Trust(ed)-Relationships from NT4-Servers including cleartext-passwords (still stored in the local secrets.tdb). The net-hook was done in cooperation with Lars Mueller <lmuelle@suse.de>. To vampire trusted domains simply call: net rpc trustdom vampire -S nt4dc -Uadmin%pass Guenther (This used to be commit 512585293963a1737f831af697ea1dc092d63cb0)
2005-06-08 17:59:03 +04:00
{"vampire", rpc_trustdom_vampire},
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
{NULL, NULL}
};
if (argc == 0) {
rpc_trustdom_usage(argc, argv);
return -1;
}
return (net_run_function(argc, argv, func, rpc_user_usage));
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
/**
* Check if a server will take rpc commands
* @param flags Type of server to connect to (PDC, DMB, localhost)
* if the host is not explicitly specified
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
* @return bool (true means rpc supported)
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
*/
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool net_rpc_check(unsigned flags)
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
{
r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2006-07-11 22:01:26 +04:00
struct cli_state *cli;
RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-19 04:40:25 +04:00
bool ret = False;
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
struct sockaddr_storage server_ss;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
char *server_name = NULL;
r23554: Fix bug #4711 by makeing cli_connect return an NTSTATUS. Long overdue fix.... Jeremy. (This used to be commit 073fdc5a58139796dbaa7ea9833dca5308f11282)
2007-06-20 21:38:42 +04:00
NTSTATUS status;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
/* flags (i.e. server type) may depend on command */
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
if (!net_find_server(NULL, flags, &server_ss, &server_name))
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
return False;
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2006-07-11 22:01:26 +04:00
if ((cli = cli_initialise()) == NULL) {
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
return False;
r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2006-07-11 22:01:26 +04:00
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
status = cli_connect(cli, server_name, &server_ss);
r23554: Fix bug #4711 by makeing cli_connect return an NTSTATUS. Long overdue fix.... Jeremy. (This used to be commit 073fdc5a58139796dbaa7ea9833dca5308f11282)
2007-06-20 21:38:42 +04:00
if (!NT_STATUS_IS_OK(status))
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
goto done;
This is a large patch (sorry). Migrate from struct in_addr to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-25 01:16:54 +04:00
if (!attempt_netbios_session_request(&cli, global_myname(),
server_name, &server_ss))
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
goto done;
r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2006-07-11 22:01:26 +04:00
if (!cli_negprot(cli))
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
goto done;
r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2006-07-11 22:01:26 +04:00
if (cli->protocol < PROTOCOL_NT1)
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
goto done;
ret = True;
done:
r16945: Sync trunk -> 3.0 for 3.0.24 code. Still need to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2006-07-11 22:01:26 +04:00
cli_shutdown(cli);
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
return ret;
}
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
/* dump sam database via samsync rpc calls */
static int rpc_samdump(int argc, const char **argv) {
r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2005-09-30 21:13:37 +04:00
return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS, rpc_samdump_internals,
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
argc, argv);
}
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
Make it possible to 'net rpc samdump' of any domain you are currently joined to, despite any smb.conf settings. Work to allow the same for 'net rpc vampire', but instead give a clear error message on what is incorrect. Andrew Bartlett (This used to be commit 6b629344c5a4061d6052fa91f8429b337bab95fb)
2004-02-08 13:59:09 +03:00
/* syncronise sam database via samsync rpc calls */
static int rpc_vampire(int argc, const char **argv) {
return run_rpc_command(NULL, PI_NETLOGON, NET_FLAGS_ANONYMOUS, rpc_vampire_internals,
argc, argv);
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
/**
* Migrate everything from a print-server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
*
* The order is important !
* To successfully add drivers the print-queues have to exist !
* Applying ACLs should be the last step, because you're easily locked out
*
**/
static int rpc_printer_migrate_all(int argc, const char **argv)
{
int ret;
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
ret = run_rpc_command(NULL, PI_SPOOLSS, 0, rpc_printer_migrate_printers_internals, argc, argv);
if (ret)
return ret;
ret = run_rpc_command(NULL, PI_SPOOLSS, 0, rpc_printer_migrate_drivers_internals, argc, argv);
if (ret)
return ret;
ret = run_rpc_command(NULL, PI_SPOOLSS, 0, rpc_printer_migrate_forms_internals, argc, argv);
if (ret)
return ret;
ret = run_rpc_command(NULL, PI_SPOOLSS, 0, rpc_printer_migrate_settings_internals, argc, argv);
if (ret)
return ret;
return run_rpc_command(NULL, PI_SPOOLSS, 0, rpc_printer_migrate_security_internals, argc, argv);
}
/**
* Migrate print-drivers from a print-server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_migrate_drivers(int argc, const char **argv)
{
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_migrate_drivers_internals,
argc, argv);
}
/**
* Migrate print-forms from a print-server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_migrate_forms(int argc, const char **argv)
{
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_migrate_forms_internals,
argc, argv);
}
/**
* Migrate printers from a print-server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_migrate_printers(int argc, const char **argv)
{
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_migrate_printers_internals,
argc, argv);
}
/**
* Migrate printer-ACLs from a print-server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_migrate_security(int argc, const char **argv)
{
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_migrate_security_internals,
argc, argv);
}
/**
* Migrate printer-settings from a print-server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_migrate_settings(int argc, const char **argv)
{
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
if (!opt_host) {
printf("no server to migrate\n");
return -1;
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_migrate_settings_internals,
argc, argv);
}
/**
* 'net rpc printer' entrypoint.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
int rpc_printer_migrate(int argc, const char **argv)
{
/* ouch: when addriver and setdriver are called from within
rpc_printer_migrate_drivers_internals, the printer-queue already
*has* to exist */
struct functable func[] = {
{"all", rpc_printer_migrate_all},
{"drivers", rpc_printer_migrate_drivers},
{"forms", rpc_printer_migrate_forms},
{"help", rpc_printer_usage},
{"printers", rpc_printer_migrate_printers},
{"security", rpc_printer_migrate_security},
{"settings", rpc_printer_migrate_settings},
{NULL, NULL}
};
return net_run_function(argc, argv, func, rpc_printer_usage);
}
/**
* List printers on a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_list(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_list_internals,
argc, argv);
}
/**
* List printer-drivers on a remote RPC server
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_driver_list(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_driver_list_internals,
argc, argv);
}
r2942: Add client-side support of triggering ads printer publishing over msrpc setprinter calls inside the net-tool. This is usefull to mimic the same queries a windows-client does. At least win2k returns WERR_IO_PENDING when printer is published via setprinter, samba returns WERR_OK but this does not hurt. Guenther (This used to be commit 69b745fb98b8054d1f52e8a3fe3b933fb04336db)
2004-10-13 05:40:35 +04:00
/**
* Publish printer in ADS via MSRPC
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_publish_publish(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_publish_publish_internals,
argc, argv);
}
/**
* Update printer in ADS via MSRPC
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_publish_update(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_publish_update_internals,
argc, argv);
}
/**
* UnPublish printer in ADS via MSRPC
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_publish_unpublish(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_publish_unpublish_internals,
argc, argv);
}
/**
* List published printers via MSRPC
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_publish_list(int argc, const char **argv)
{
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_publish_list_internals,
argc, argv);
}
/**
* Publish printer in ADS
*
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
*
* @return A shell status integer (0 for success)
**/
static int rpc_printer_publish(int argc, const char **argv)
{
struct functable func[] = {
{"publish", rpc_printer_publish_publish},
{"update", rpc_printer_publish_update},
{"unpublish", rpc_printer_publish_unpublish},
{"list", rpc_printer_publish_list},
{"help", rpc_printer_usage},
{NULL, NULL}
};
if (argc == 0)
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_publish_list_internals,
argc, argv);
return net_run_function(argc, argv, func, rpc_printer_usage);
}
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
/**
* Display rpc printer help page.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
int rpc_printer_usage(int argc, const char **argv)
{
return net_help_printer(argc, argv);
}
/**
* 'net rpc printer' entrypoint.
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
int net_rpc_printer(int argc, const char **argv)
{
struct functable func[] = {
{"list", rpc_printer_list},
{"migrate", rpc_printer_migrate},
{"driver", rpc_printer_driver_list},
r2942: Add client-side support of triggering ads printer publishing over msrpc setprinter calls inside the net-tool. This is usefull to mimic the same queries a windows-client does. At least win2k returns WERR_IO_PENDING when printer is published via setprinter, samba returns WERR_OK but this does not hurt. Guenther (This used to be commit 69b745fb98b8054d1f52e8a3fe3b933fb04336db)
2004-10-13 05:40:35 +04:00
{"publish", rpc_printer_publish},
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{NULL, NULL}
};
if (argc == 0)
return run_rpc_command(NULL, PI_SPOOLSS, 0,
rpc_printer_list_internals,
argc, argv);
return net_run_function(argc, argv, func, rpc_printer_usage);
}
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
/****************************************************************************/
/**
* Basic usage function for 'net rpc'
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* @param argc Standard main() style argc
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
* @param argv Standard main() style argv. Initial components are already
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* stripped
**/
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
int net_rpc_usage(int argc, const char **argv)
{
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
d_printf(" net rpc info \t\t\tshow basic info about a domain \n");
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
d_printf(" net rpc join \t\t\tto join a domain \n");
r25481: Fix some typos, don't panic as non-root on net getdomainsid Thanks to Karolin Seeger <ks@sernet.de> (This used to be commit 5ae4b2739853e2cd91e839909eb868dbb56be431)
2007-10-03 16:55:45 +04:00
d_printf(" net rpc oldjoin \t\tto join a domain created in server manager\n");
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
d_printf(" net rpc testjoin \t\ttests that a join is valid\n");
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
d_printf(" net rpc user \t\t\tto add, delete and list users\n");
r2746: Fix typos in net's usage-output. Guenther (This used to be commit 4886d6663d7479978e2c395602392accb5939fa0)
2004-09-29 13:56:35 +04:00
d_printf(" net rpc password <username> [<password>] -Uadmin_username%%admin_pass\n");
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
d_printf(" net rpc group \t\tto list groups\n");
r1966: further work on and cleanup of the net-migration-tool. It's now possible to migrate files preserving dos-attributes and correct timestamps. Also added some small docu- and syntax-fixes. Guenther (This used to be commit 0e990582a0416933a8671ca660d22e980f828402)
2004-08-21 00:13:05 +04:00
d_printf(" net rpc share \t\tto add, delete, list and migrate shares\n");
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
d_printf(" net rpc printer \t\tto list and migrate printers\n");
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
d_printf(" net rpc file \t\t\tto list open files\n");
OK. Smbpasswd -j is DEAD. This moves the rest of the functionality into the 'net rpc join' code. Futhermore, this moves that entire area over to the libsmb codebase, rather than the crufty old rpc_client stuff. I have also fixed up the smbpasswd -a -m bug in the process. We also have a new 'net rpc changetrustpw' that can be called from a cron-job to regularly change the trust account password, for sites that run winbind but not smbd. With a little more work, we can kill rpc_client from smbd entirly! (It is mostly the domain auth stuff - which I can rework - and the spoolss stuff that sombody else will need to look over). Andrew Bartlett (This used to be commit 575897e879fc175ba702adf245384033342c903d)
2001-12-05 14:00:26 +03:00
d_printf(" net rpc changetrustpw \tto change the trust account password\n");
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n");
Updates from HEAD: - const for PACKS() in lanman.c - change auth to 'account before password' - add help to net rpc {vampire,samsync} - configure updates for sun workshop cc - become_root() around pdb_ calls in auth_util for guest login. Andrew Bartlett (This used to be commit 43e90eb6e331d478013a9c038292f245edc51bd0)
2002-11-16 00:43:57 +03:00
d_printf(" net rpc vampire \t\tsyncronise an NT PDC's users and groups into the local passdb\n");
r25481: Fix some typos, don't panic as non-root on net getdomainsid Thanks to Karolin Seeger <ks@sernet.de> (This used to be commit 5ae4b2739853e2cd91e839909eb868dbb56be431)
2007-10-03 16:55:45 +04:00
d_printf(" net rpc samdump \t\tdisplay an NT PDC's users, groups and other data\n");
r4820: add beginnings of 'net rpc rights' for managing privilege assignments (This used to be commit 164f94e52929330bd638f19bcf3bfce50303269e)
2005-01-18 17:46:24 +03:00
d_printf(" net rpc trustdom \t\tto create trusting domain's account or establish trust\n");
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n");
d_printf(" net rpc shutdown \t\tto shutdown a remote server\n");
r4820: add beginnings of 'net rpc rights' for managing privilege assignments (This used to be commit 164f94e52929330bd638f19bcf3bfce50303269e)
2005-01-18 17:46:24 +03:00
d_printf(" net rpc rights\t\tto manage privileges assigned to SIDs\n");
r6943: missed in last sync (This used to be commit 3002aa22505d4604f7919bf7207477e737372404)
2005-05-23 20:28:28 +04:00
d_printf(" net rpc registry\t\tto manage registry hives\n");
r9787: BUG 2998: patch from Humberto Diogenes <virtual.spirit@digizap.com.br> to include 'net rpc service' help in net rpc usage output (This used to be commit ace8556b6525959114bea47d3be3b1b40756b058)
2005-08-30 15:31:49 +04:00
d_printf(" net rpc service\t\tto start, stop and query services\n");
r15198: Mention the auditing tool in "net rpc help". Guenther (This used to be commit e55e1e1e96e1a1e6d2bcc5897a44828ddc2c9f3b)
2006-04-24 16:01:14 +04:00
d_printf(" net rpc audit\t\t\tto modify global auditing settings\n");
r16345: Improve the chance that our users can discover one of the coolest 'net' features. Guenther (This used to be commit 446d79a0007d3d99c73eb758216f18f64036f11d)
2006-06-19 14:01:02 +04:00
d_printf(" net rpc shell\t\t\tto open an interactive shell for remote server/account management\n");
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
d_printf("\n");
d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */
d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n");
d_printf("\t-f or --force\trequest the remote server force its shutdown\n");
d_printf("\t-t or --timeout=<timeout>\tnumber of seconds before shutdown\n");
r10247: Fix help text for net rpc shutdown. (This used to be commit 7af7343d9c7047998e4d54e07730ae1d87de3942)
2005-09-16 00:39:57 +04:00
d_printf("\t-C or --comment=<message>\ttext message to display on impending shutdown\n");
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
return -1;
}
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
/**
* Help function for 'net rpc'. Calls command specific help if requested
* or displays usage of net rpc
* @param argc Standard main() style argc
* @param argv Standard main() style argv. Initial components are already
* stripped
**/
Change net rpc join several ways: \n\t1) expose \n\t2) eliminate oldstyle subcommand \n\t3) try oldstyle first, then more secure method\n to allow for autodetect between ads and rpc on net join (This used to be commit c8a4a09b5648af2f1669a5a30acdf0a088077af9)
2002-03-16 01:09:18 +03:00
int net_rpc_help(int argc, const char **argv)
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
{
struct functable func[] = {
{"join", rpc_join_usage},
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{"user", rpc_user_usage},
{"group", rpc_group_usage},
{"share", rpc_share_usage},
Don't use // even temporarily, lest ye forget it and check it in... (This used to be commit 936df31df5bad9d457d3775d11b4e96a58093282)
2002-03-16 04:14:58 +03:00
/*{"changetrustpw", rpc_changetrustpw_usage}, */
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
{"trustdom", rpc_trustdom_usage},
Don't use // even temporarily, lest ye forget it and check it in... (This used to be commit 936df31df5bad9d457d3775d11b4e96a58093282)
2002-03-16 04:14:58 +03:00
/*{"abortshutdown", rpc_shutdown_abort_usage},*/
/*{"shutdown", rpc_shutdown_usage}, */
r8189: commit vampire ldif patch, mostly from Don Watson (dwatson@us.ibm.com). Yes, that's my copyright...that's just how we have to do things at big blue. Adds subcommand to vampire to allow data to be put into an ldif file instead of actually writing to the passdb. See "net rpc help vampire" for usage info. This should be added to docs as well. (This used to be commit cb5634a305256a70daa2fcbd85d9a5459b4aeaa3)
2005-07-07 01:02:43 +04:00
{"vampire", rpc_vampire_usage},
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
{NULL, NULL}
};
if (argc == 0) {
net_rpc_usage(argc, argv);
return -1;
}
return (net_run_function(argc, argv, func, rpc_user_usage));
}
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
/**
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
* 'net rpc' entrypoint.
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* @param argc Standard main() style argc
Some help cleanups. Formatting and consistency issues. Line up text nicely, and make 'net help rap user' the same as 'net rap user help'...stuff like that (This used to be commit 17775dae28c724b11cc73f2aeac5f07f9656046c)
2002-03-15 23:03:07 +03:00
* @param argv Standard main() style argv. Initial components are already
Add a pile of doxygen style comments to various parts of Samba. Many of these probably will never actually be genearted, but I like the style in any case. Also fix a segfault in 'net rpc' when the login failed and a small memory leak on failure in the auth_info.c code. Andrew Bartlett (This used to be commit 2efae7cc522651c22fb120835bc800645559b63e)
2001-12-30 13:54:58 +03:00
* stripped
**/
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
int net_rpc(int argc, const char **argv)
{
struct functable func[] = {
r15041: Adding rpc client calls to manipulate auditing policies on remote CIFS servers. Also add a new "net rpc audit" tool. The lsa query infolevels were taken from samb4 IDL, the lsa policy flags and categories are partly documented on msdn. I need to cleanup the double lsa_query_info_policy{2}{_new} calls next. Guenther (This used to be commit 0fed66926f4b72444abfc8ffb8c46cca8d0600aa)
2006-04-11 19:47:24 +04:00
{"audit", net_rpc_audit},
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{"info", net_rpc_info},
Change net rpc join several ways: \n\t1) expose \n\t2) eliminate oldstyle subcommand \n\t3) try oldstyle first, then more secure method\n to allow for autodetect between ads and rpc on net join (This used to be commit c8a4a09b5648af2f1669a5a30acdf0a088077af9)
2002-03-16 01:09:18 +03:00
{"join", net_rpc_join},
Merge from HEAD - save the type of channel used to contact the DC. This allows us to join as a BDC, without appearing on the network as one until we have the database replicated, and the admin changes the configuration. This also change the SID retreval order from secrets.tdb, so we no longer require a 'net rpc getsid' - the sid fetch during the domain join is sufficient. Also minor fixes to 'net'. Andrew Bartlett (This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 18:09:03 +04:00
{"oldjoin", net_rpc_oldjoin},
sync 3.0 branch with HEAD (This used to be commit 1b83b78e332b9d28914eff155530e81cf2073a58)
2002-08-17 18:45:04 +04:00
{"testjoin", net_rpc_testjoin},
Lots more net consistency work: - Added net_help.c for unified help when possible - Added net rpc user listing, delete, info commands - Unified net user command to autodetect ads/rpc/rap (try in that order) - Added generic routine for detecting rpc (protocol > PROTOCOL_NT1) - I'm sure I forgot something. (This used to be commit 9daa5788c822cf1ad20dc703e7f03b9ee82987bf)
2002-04-05 05:36:28 +04:00
{"user", net_rpc_user},
I should have done this years ago... This adds the very simple 'admin set password' capability to 'net rpc', much as we have it for 'net ads'. Andrew Bartlett (This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
2004-02-07 06:54:39 +03:00
{"password", rpc_user_password},
updated the 3.0 branch from the head branch - ready for alpha18 (This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 14:35:28 +04:00
{"group", net_rpc_group},
{"share", net_rpc_share},
{"file", net_rpc_file},
r1692: first commit :) * add IA64 to the architecture table of printer-drivers * add new "net"-subcommands: net rpc printer migrate {drivers|printers|forms|security|settings|all} [printer] net rpc share migrate {shares|files|all} [share] this is the first part of the migration suite. this will will (once feature-complete) allow to do 1:1 server-cloning in the best possible way by making heavy use of samba's rpc_client-functions. all migration-steps are implemented as rpc/smb-client-calls; net communicates via rpc/smb with two servers at the same time (a remote, source server and a destination server that currently defaults to the local smbd). this allows e. g. printer-driver migration including driverfiles, recursive mirroring of file-shares including file-acls, etc. almost any migration step can be called with a migrate-subcommand to provide more flexibility during a migration process (at the cost of quite some redundancy :) ). "net rpc printer migrate settings" is still in a bad condition (many open questions that hopefully can be adressed soon). "net rpc share migrate security" as an isolated call to just migrate share-ACLs will be added later. Before playing with it, make sure to use a test-server. Migration is a serious business and this tool-set can perfectly overwrite your existing file/print-shares. * along with the migration functions had to make I the following changes: - implement setprinter level 3 client-side - implement net_add_share level 502 client-side - allow security descriptor to be set in setprinterdata level 2 serverside guenther (This used to be commit 8f1716a29b7e85baf738bc14df7dabf03762f723)
2004-08-10 18:27:17 +04:00
{"printer", net_rpc_printer},
- Change ADS CHOSTPASS -> ADS CHANGETRUSTPW - Add general CHANGETRUSTPW function that calls ADS CHANGETRUSTPW or RPC CHANGETRUSTPW (Merged from HEAD) (This used to be commit f0982e1102276453d79e438ffb90c9fa305ff98b)
2003-04-15 02:27:09 +04:00
{"changetrustpw", net_rpc_changetrustpw},
The beginning of trusted and trusting domain support from Rafal Szczesniak <mimir@diament.ists.pwr.wroc.pl> This adds the 'net' tools to manipulate the trusted domains. Andrew Bartlett (This used to be commit 770c8a31d9804d3339ffa0de8b5072a5c7eb02df)
2002-03-01 05:56:35 +03:00
{"trustdom", rpc_trustdom},
Add 'net rpc shutdown' and 'net rpc abortshutdown'. These two little features are very useful, but the passing of options about needs some serious work. The popt stuff in the shutdown code is #ifdef'ed out until the main popt loop can be convinced not to chew on the options :-( Andrew Bartlett (This used to be commit 51c985be7fbfe5627c5b2590e7610653e7be98e3)
2001-12-31 16:00:59 +03:00
{"abortshutdown", rpc_shutdown_abort},
{"shutdown", rpc_shutdown},
sync'ing up for 3.0alpha20 release (This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
2002-09-25 19:19:00 +04:00
{"samdump", rpc_samdump},
{"vampire", rpc_vampire},
{"getsid", net_rpc_getsid},
r4820: add beginnings of 'net rpc rights' for managing privilege assignments (This used to be commit 164f94e52929330bd638f19bcf3bfce50303269e)
2005-01-18 17:46:24 +03:00
{"rights", net_rpc_rights},
r6029: adding files necessary to support 'net rpc service' functions; will fill in tomorrow (This used to be commit 6bbd61cfd1ca2dbe8d96d894f90f263b8f24571f)
2005-03-24 07:25:49 +03:00
{"service", net_rpc_service},
r6943: missed in last sync (This used to be commit 3002aa22505d4604f7919bf7207477e737372404)
2005-05-23 20:28:28 +04:00
{"registry", net_rpc_registry},
r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2006-02-04 01:19:41 +03:00
{"shell", net_rpc_shell},
Change net rpc join several ways: \n\t1) expose \n\t2) eliminate oldstyle subcommand \n\t3) try oldstyle first, then more secure method\n to allow for autodetect between ads and rpc on net join (This used to be commit c8a4a09b5648af2f1669a5a30acdf0a088077af9)
2002-03-16 01:09:18 +03:00
{"help", net_rpc_help},
This is another major rework of the 'net' command. This time, all the existing functionality has been moved into 'net rap', ready for new commands in the 'net ads' and 'net rpc' categories. In particular, we hope to have the abilty to autoselect the appropriate backend to use based on smb.conf or other paramaters. This will allow 'net user' to work no matter what the remote server. The new 'net rpc' command will soon gain a 'net rpc join' and a 'net rpc user' based on the existing samba code. Also in this commit, the connection establishment code has been almost entirly reworked, and now has some minor sense of sainity to it. In particular, we can now connect to hosts *other* than localhost! We also have the ability to state on a per-command basis whether the 'localhost' is a sane default value. (A net join, for example, would not be sane against localhost). Unfortunetly we have had to make the basic paramaters global variables, but the 'cli' is not opened and closed on a per-command basis. Andrew Bartlett (This used to be commit 8739d426caabe3794a018dd28ab139b08f88b603)
2001-12-03 07:39:23 +03:00
{NULL, NULL}
};
return net_run_function(argc, argv, func, net_rpc_usage);
}
Copy Permalink