sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-12 20:58:37 +03:00
Code
samba-mirror/source4/utils/net/net_join.c

170 lines
4.8 KiB
C
Raw Normal View History

r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
/*
Samba Unix/Linux SMB client library
Distributed SMB/CIFS Server Management Utility
r4762: Store the results of a 'net join' in the LDB. Like Samba3, the storage of the primary domain password is keyed off the domain name, so we can join multiple domains, and just swap 'workgroup =' around. Andrew Bartlett (This used to be commit 54a231780e028c6433cac296f2fbc64e39632dfd)
2005-01-15 22:13:18 +00:00
Copyright (C) 2004 Stefan Metzmacher <metze@samba.org>
Copyright (C) 2005 Andrew Bartlett <abartlet@samba.org>
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-07-10 02:07:03 +00:00
the Free Software Foundation; either version 3 of the License, or
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
r23792: convert Samba4 to GPLv3 There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-07-10 02:07:03 +00:00
along with this program. If not, see <http://www.gnu.org/licenses/>.
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
*/
#include "includes.h"
#include "utils/net/net.h"
#include "libnet/libnet.h"
r15328: Move some functions around, remove dependencies. Remove some autogenerated headers (which had prototypes now autogenerated by pidl) Remove ndr_security.h from a few places - it's no longer necessary (This used to be commit c19c2b51d3e1ad347120b06a22bda5ec586c22e8)
2006-04-29 17:34:49 +00:00
#include "libcli/security/security.h"
r25026: Move param/param.h out of includes.h (This used to be commit abe8349f9b4387961ff3665d8c589d61cd2edf31)
2007-09-08 12:42:09 +00:00
#include "param/param.h"
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
r4762: Store the results of a 'net join' in the LDB. Like Samba3, the storage of the primary domain password is keyed off the domain name, so we can join multiple domains, and just swap 'workgroup =' around. Andrew Bartlett (This used to be commit 54a231780e028c6433cac296f2fbc64e39632dfd)
2005-01-15 22:13:18 +00:00
int net_join(struct net_context *ctx, int argc, const char **argv)
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
{
NTSTATUS status;
struct libnet_context *libnetctx;
r10486: This is a merge of Brad Henry's 'net join' rework, to better perform an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2005-09-25 12:26:07 +00:00
struct libnet_Join *r;
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
char *tmp;
const char *domain_name;
r4762: Store the results of a 'net join' in the LDB. Like Samba3, the storage of the primary domain password is keyed off the domain name, so we can join multiple domains, and just swap 'workgroup =' around. Andrew Bartlett (This used to be commit 54a231780e028c6433cac296f2fbc64e39632dfd)
2005-01-15 22:13:18 +00:00
enum netr_SchannelType secure_channel_type = SEC_CHAN_WKSTA;
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
switch (argc) {
case 0: /* no args -> fail */
r5400: Slightly better handling of help messages in net tool. rafal (This used to be commit 5cebb4feedf7d6542c497fe55763d66f51b1c989)
2005-02-15 01:11:20 +00:00
return net_join_usage(ctx, argc, argv);
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
case 1: /* only DOMAIN */
tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
break;
r4762: Store the results of a 'net join' in the LDB. Like Samba3, the storage of the primary domain password is keyed off the domain name, so we can join multiple domains, and just swap 'workgroup =' around. Andrew Bartlett (This used to be commit 54a231780e028c6433cac296f2fbc64e39632dfd)
2005-01-15 22:13:18 +00:00
case 2: /* DOMAIN and role */
tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
if (strcasecmp(argv[1], "BDC") == 0) {
secure_channel_type = SEC_CHAN_BDC;
} else if (strcasecmp(argv[1], "MEMBER") == 0) {
secure_channel_type = SEC_CHAN_WKSTA;
} else {
r19463: Make it clear what argument is incorrect Andrew Bartlett (This used to be commit a28a17c50853ccd4d7b2122497d3d18f0a6feed9)
2006-10-23 06:05:41 +00:00
d_fprintf(stderr, "net_join: Invalid 2nd argument (%s) must be MEMBER or BDC\n", argv[1]);
r5400: Slightly better handling of help messages in net tool. rafal (This used to be commit 5cebb4feedf7d6542c497fe55763d66f51b1c989)
2005-02-15 01:11:20 +00:00
return net_join_usage(ctx, argc, argv);
r4762: Store the results of a 'net join' in the LDB. Like Samba3, the storage of the primary domain password is keyed off the domain name, so we can join multiple domains, and just swap 'workgroup =' around. Andrew Bartlett (This used to be commit 54a231780e028c6433cac296f2fbc64e39632dfd)
2005-01-15 22:13:18 +00:00
}
break;
default: /* too many args -> fail */
r5400: Slightly better handling of help messages in net tool. rafal (This used to be commit 5cebb4feedf7d6542c497fe55763d66f51b1c989)
2005-02-15 01:11:20 +00:00
return net_join_usage(ctx, argc, argv);
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
}
domain_name = tmp;
r26327: Explicit loadparm_context for RPC client functions. (This used to be commit eeb2251d22b3d6e0379444a73af69d1014692b07)
2007-12-07 02:37:04 +01:00
libnetctx = libnet_context_init(NULL, ctx->lp_ctx);
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
if (!libnetctx) {
return -1;
}
r7249: Cope with struct member rename (This used to be commit e7549f33f5fb06d8b2a8f31745545cc7b9c8d4f9)
2005-06-03 21:30:07 +00:00
libnetctx->cred = ctx->credentials;
r10486: This is a merge of Brad Henry's 'net join' rework, to better perform an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2005-09-25 12:26:07 +00:00
r = talloc(ctx->mem_ctx, struct libnet_Join);
if (!r) {
return -1;
}
r12423: Remove DEBUG(0) printouts in favor of more information to the caller. I assume this works better with SWAT and the like anyway. Andrew Bartlett (This used to be commit b11975703d5e32f6f3ad10079106b1345fa56b5c)
2005-12-22 06:58:26 +00:00
/* prepare parameters for the join */
r26295: Remove use of global_loadparm for net and wb_pam_auth. (This used to be commit 47696b42987ea67ae1c6c09a4bec5858e5db4542)
2007-12-04 19:33:00 +01:00
r->in.netbios_name = lp_netbios_name(ctx->lp_ctx);
r10486: This is a merge of Brad Henry's 'net join' rework, to better perform an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2005-09-25 12:26:07 +00:00
r->in.domain_name = domain_name;
r12886: Rename 'secure_channel_type' parameter to domain join as 'join_type'. Andrew Bartlett (This used to be commit a3b3e09a9acc66dff7baf1a4ba0ea913bccdbd7d)
2006-01-13 02:58:35 +00:00
r->in.join_type = secure_channel_type;
r10486: This is a merge of Brad Henry's 'net join' rework, to better perform an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2005-09-25 12:26:07 +00:00
r->in.level = LIBNET_JOIN_AUTOMATIC;
r->out.error_string = NULL;
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
/* do the domain join */
r10486: This is a merge of Brad Henry's 'net join' rework, to better perform an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2005-09-25 12:26:07 +00:00
status = libnet_Join(libnetctx, r, r);
r12421: Handle the case where we are a joining as different account types far better. Andrew Bartlett (This used to be commit 0ce82e8a41f0fdea9928e3e341680232cc640e18)
2005-12-22 06:47:00 +00:00
if (!NT_STATUS_IS_OK(status)) {
r13149: DEBUG is a bad choice for 'net', it should print to stderr Andrew Bartlett (This used to be commit 4dd6afa6d167fd04c1c3d4b4529b1cecf27eacaa)
2006-01-26 01:59:07 +00:00
d_fprintf(stderr, "Joining domain failed: %s\n",
r->out.error_string ? r->out.error_string : nt_errstr(status));
r10486: This is a merge of Brad Henry's 'net join' rework, to better perform an ADS join, particularly as a DC. This represents the bulk of his Google SOC work, and I'm very pleased to intergrate it into the tree. (Metze will intergrate the DRSUAPI work later). Both metze and myself have also put a lot of time into this patch, and in mentoring Brad in general. In return, Brad has been a very good student, and has taken the comments well. Since it's last appearance on samba-technical@, I have made correctness and valgrind fixups, as well as adding a new 'BINDING' mode to the libnet_rpc routines. This allows the exact binding string to be passed down from the torture code, including options and exact target host. Andrew Bartlett (This used to be commit d6fa105fdabbeb83a9b0e50dad49d1649afdb2a4)
2005-09-25 12:26:07 +00:00
talloc_free(r);
talloc_free(libnetctx);
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
return -1;
}
r12423: Remove DEBUG(0) printouts in favor of more information to the caller. I assume this works better with SWAT and the like anyway. Andrew Bartlett (This used to be commit b11975703d5e32f6f3ad10079106b1345fa56b5c)
2005-12-22 06:58:26 +00:00
d_printf("Joined domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx->mem_ctx, r->out.domain_sid));
r7633: this patch started as an attempt to make the dcerpc code use a given event_context for the socket_connect() call, so that when things that use dcerpc are running alongside anything else it doesn't block the whole process during a connect. Then of course I needed to change any code that created a dcerpc connection (such as the auth code) to also take an event context, and anything that called that and so on .... thus the size of the patch. There were 3 places where I punted: - abartlet wanted me to add a gensec_set_event_context() call instead of adding it to the gensec init calls. Andrew, my apologies for not doing this. I didn't do it as adding a new parameter allowed me to catch all the callers with the compiler. Now that its done, we could go back and use gensec_set_event_context() - the ejs code calls auth initialisation, which means it should pass in the event context from the web server. I punted on that. Needs fixing. - I used a NULL event context in dcom_get_pipe(). This is equivalent to what we did already, but should be fixed to use a callers event context. Jelmer, can you think of a clean way to do that? I also cleaned up a couple of things: - libnet_context_destroy() makes no sense. I removed it. - removed some unused vars in various places (This used to be commit 3a3025485bdb8f600ab528c0b4b4eef0c65e3fc9)
2005-06-16 11:36:09 +00:00
talloc_free(libnetctx);
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
return 0;
}
int net_join_usage(struct net_context *ctx, int argc, const char **argv)
{
r5400: Slightly better handling of help messages in net tool. rafal (This used to be commit 5cebb4feedf7d6542c497fe55763d66f51b1c989)
2005-02-15 01:11:20 +00:00
d_printf("net join <domain> [BDC | MEMBER] [options]\n");
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
return 0;
}
int net_join_help(struct net_context *ctx, int argc, const char **argv)
{
r5400: Slightly better handling of help messages in net tool. rafal (This used to be commit 5cebb4feedf7d6542c497fe55763d66f51b1c989)
2005-02-15 01:11:20 +00:00
d_printf("Joins domain as either member or backup domain controller.\n");
r4722: Start to add 'net join' to Samba4. Andrew Bartlett (This used to be commit a9b960609142e15ba5950eb1b22944eb6df18d9c)
2005-01-13 07:50:09 +00:00
return 0;
}
Link the new vampire code togeather. This adds in the newly attached secrets handling, as well as an interface to the command line 'net' tool. Andrew Bartlett (This used to be commit 1282e3c39479aa580124206814b493370d10690a)
2008-04-09 14:59:32 +10:00
int net_vampire(struct net_context *ctx, int argc, const char **argv)
{
NTSTATUS status;
struct libnet_context *libnetctx;
struct libnet_Vampire *r;
char *tmp, *targetdir = NULL;
const char *domain_name;
switch (argc) {
case 0: /* no args -> fail */
return net_vampire_usage(ctx, argc, argv);
case 1: /* only DOMAIN */
tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
break;
case 2: /* domain and target dir */
tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
targetdir = talloc_strdup(ctx->mem_ctx, argv[1]);
break;
default: /* too many args -> fail */
return net_vampire_usage(ctx, argc, argv);
}
domain_name = tmp;
libnetctx = libnet_context_init(NULL, ctx->lp_ctx);
if (!libnetctx) {
return -1;
}
libnetctx->cred = ctx->credentials;
r = talloc(ctx->mem_ctx, struct libnet_Vampire);
if (!r) {
return -1;
}
/* prepare parameters for the vampire */
r->in.netbios_name = lp_netbios_name(ctx->lp_ctx);
r->in.domain_name = domain_name;
r->in.targetdir = targetdir;
r->out.error_string = NULL;
/* do the domain vampire */
status = libnet_Vampire(libnetctx, r, r);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "Vampire of domain failed: %s\n",
r->out.error_string ? r->out.error_string : nt_errstr(status));
talloc_free(r);
talloc_free(libnetctx);
return -1;
}
d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx->mem_ctx, r->out.domain_sid));
talloc_free(libnetctx);
return 0;
}
int net_vampire_usage(struct net_context *ctx, int argc, const char **argv)
{
d_printf("net vampire <domain> [options]\n");
return 0;
}
int net_vampire_help(struct net_context *ctx, int argc, const char **argv)
{
d_printf("Vampires domain as either member or backup domain controller.\n");
return 0;
}
Copy Permalink