2008-05-08 13:23:38 +04:00
/*
Samba Unix / Linux SMB client library
Distributed SMB / CIFS Server Management Utility
2001-12-03 07:39:23 +03:00
Copyright ( C ) 2001 Andrew Bartlett ( abartlet @ samba . org )
2002-07-15 14:35:28 +04:00
Copyright ( C ) 2002 Jim McDonough ( jmcd @ us . ibm . com )
2008-02-27 21:38:48 +03:00
Copyright ( C ) 2004 , 2008 Guenther Deschner ( gd @ samba . org )
2005-09-30 21:13:37 +04:00
Copyright ( C ) 2005 Jeremy Allison ( jra @ samba . org )
2006-09-22 03:57:32 +04:00
Copyright ( C ) 2006 Jelmer Vernooij ( jelmer @ samba . org )
2001-12-03 07:39:23 +03:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2001-12-03 07:39:23 +03:00
( at your option ) any later version .
2008-05-08 13:23:38 +04:00
2001-12-03 07:39:23 +03:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2008-05-08 13:23:38 +04:00
2001-12-03 07:39:23 +03:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>. */
2008-05-08 13:23:38 +04:00
2001-12-03 07:39:23 +03:00
# include "includes.h"
2004-10-07 08:01:18 +04:00
# include "utils/net.h"
2018-03-10 17:31:11 +03:00
# include "libsmb/namequery.h"
2011-02-28 12:19:44 +03:00
# include "rpc_client/cli_pipe.h"
2009-03-16 13:27:58 +03:00
# include "../libcli/auth/libcli_auth.h"
2011-01-18 13:34:33 +03:00
# include "../librpc/gen_ndr/ndr_samr_c.h"
2010-05-18 20:25:50 +04:00
# include "rpc_client/cli_samr.h"
2010-05-18 20:59:45 +04:00
# include "rpc_client/init_samr.h"
2011-01-18 19:25:02 +03:00
# include "../librpc/gen_ndr/ndr_lsa_c.h"
2010-05-18 20:26:16 +04:00
# include "rpc_client/cli_lsarpc.h"
2011-01-12 13:27:26 +03:00
# include "../librpc/gen_ndr/ndr_netlogon_c.h"
2011-01-12 15:11:41 +03:00
# include "../librpc/gen_ndr/ndr_srvsvc_c.h"
2011-01-19 00:53:59 +03:00
# include "../librpc/gen_ndr/ndr_spoolss.h"
2011-01-11 18:47:34 +03:00
# include "../librpc/gen_ndr/ndr_initshutdown_c.h"
2011-01-12 23:59:23 +03:00
# include "../librpc/gen_ndr/ndr_winreg_c.h"
2010-08-05 04:25:37 +04:00
# include "secrets.h"
2010-08-03 02:03:03 +04:00
# include "lib/netapi/netapi.h"
2010-11-21 12:40:50 +03:00
# include "lib/netapi/netapi_net.h"
2008-11-06 15:37:45 +03:00
# include "librpc/gen_ndr/libnet_join.h"
# include "libnet/libnet_join.h"
2010-08-20 01:15:22 +04:00
# include "rpc_client/init_lsa.h"
2010-10-12 08:27:50 +04:00
# include "../libcli/security/security.h"
2011-05-06 13:47:43 +04:00
# include "libsmb/libsmb.h"
2020-04-13 21:04:21 +03:00
# include "clirap2.h"
2011-02-25 00:30:16 +03:00
# include "nsswitch/libwbclient/wbclient.h"
2011-03-22 18:50:02 +03:00
# include "passdb.h"
2012-05-20 19:54:29 +04:00
# include "../libcli/smb/smbXcli_base.h"
2018-01-05 16:21:05 +03:00
# include "libsmb/dsgetdcname.h"
2020-08-07 21:17:34 +03:00
# include "lib/util/string_wrappers.h"
2001-12-03 07:39:23 +03:00
2005-06-24 03:23:16 +04:00
static int net_mode_share ;
2010-10-29 22:56:51 +04:00
static NTSTATUS sync_files ( struct copy_clistate * cp_clistate , const char * mask ) ;
2005-06-24 03:23:16 +04:00
2001-12-30 13:54:58 +03:00
/**
* @ file net_rpc . c
*
* @ brief RPC based subcommands for the ' net ' utility .
*
* This file should contain much of the functionality that used to
2018-11-28 01:10:17 +03:00
* be found in rpcclient , except that the commands should change
* less often , and the functionality should be sane ( the user is not
2001-12-30 13:54:58 +03:00
* expected to know a rid / sid before they conduct an operation etc . )
*
* @ todo Perhaps eventually these should be split out into a number
* of files , as this could get quite big .
* */
/**
* Many of the RPC functions need the domain sid . This function gets
2008-05-08 13:23:38 +04:00
* it at the start of every run
2001-12-30 13:54:58 +03:00
*
* @ param cli A cli_state already connected to the remote machine
*
* @ return The Domain SID of the remote machine .
2001-12-31 16:00:59 +03:00
* */
2001-12-05 03:26:36 +03:00
2006-02-04 01:19:41 +03:00
NTSTATUS net_get_remote_domain_sid ( struct cli_state * cli , TALLOC_CTX * mem_ctx ,
2010-05-21 05:25:01 +04:00
struct dom_sid * * domain_sid ,
2008-01-15 18:40:02 +03:00
const char * * domain_name )
2001-12-05 03:26:36 +03:00
{
2009-03-20 13:07:21 +03:00
struct rpc_pipe_client * lsa_pipe = NULL ;
2009-03-19 00:49:41 +03:00
struct policy_handle pol ;
2011-01-18 19:25:02 +03:00
NTSTATUS status , result ;
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation * info = NULL ;
2011-01-18 19:25:02 +03:00
struct dcerpc_binding_handle * b ;
2008-02-08 04:12:30 +03:00
2013-05-24 15:29:28 +04:00
status = cli_rpc_pipe_open_noauth ( cli , & ndr_table_lsarpc ,
2008-07-20 13:04:31 +04:00
& lsa_pipe ) ;
2011-01-18 19:25:02 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not initialise lsa pipe \n " ) ) ;
2011-01-18 19:25:02 +03:00
return status ;
2001-12-05 03:26:36 +03:00
}
2008-05-08 13:23:38 +04:00
2011-01-18 19:25:02 +03:00
b = lsa_pipe - > binding_handle ;
status = rpccli_lsa_open_policy ( lsa_pipe , mem_ctx , false ,
2009-04-15 03:12:13 +04:00
SEC_FLAG_MAXIMUM_ALLOWED ,
2001-12-05 03:26:36 +03:00
& pol ) ;
2011-01-18 19:25:02 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2010-01-19 13:43:54 +03:00
d_fprintf ( stderr , " open_policy %s: %s \n " ,
_ ( " failed " ) ,
2011-01-18 19:25:02 +03:00
nt_errstr ( status ) ) ;
return status ;
2001-12-05 03:26:36 +03:00
}
2011-01-18 19:25:02 +03:00
status = dcerpc_lsa_QueryInfoPolicy ( b , mem_ctx ,
2008-02-08 04:12:30 +03:00
& pol ,
LSA_POLICY_INFO_ACCOUNT_DOMAIN ,
2011-01-18 19:25:02 +03:00
& info ,
& result ) ;
2021-07-25 10:46:34 +03:00
if ( any_nt_status_not_ok ( status , result , & status ) ) {
2011-01-18 19:25:02 +03:00
d_fprintf ( stderr , " lsaquery %s: %s \n " ,
_ ( " failed " ) ,
nt_errstr ( status ) ) ;
return status ;
}
2001-12-05 03:26:36 +03:00
2008-02-08 04:12:30 +03:00
* domain_name = info - > account_domain . name . string ;
* domain_sid = info - > account_domain . sid ;
2011-01-18 19:25:02 +03:00
dcerpc_lsa_Close ( b , mem_ctx , & pol , & result ) ;
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( lsa_pipe ) ;
2001-12-05 03:26:36 +03:00
2006-02-04 01:19:41 +03:00
return NT_STATUS_OK ;
2001-12-05 03:26:36 +03:00
}
2001-12-30 13:54:58 +03:00
/**
* Run a single RPC command , from start to finish .
*
* @ param pipe_name the pipe to connect to ( usually a PIPE_ constant )
2008-05-08 13:23:38 +04:00
* @ param conn_flag a NET_FLAG_ combination . Passed to
2001-12-30 13:54:58 +03:00
* net_make_ipc_connection .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
* @ return A shell status integer ( 0 for success ) .
2001-12-30 13:54:58 +03:00
*/
2001-12-05 03:26:36 +03:00
2008-05-10 01:22:12 +04:00
int run_rpc_command ( struct net_context * c ,
struct cli_state * cli_arg ,
2012-01-10 14:53:42 +04:00
const struct ndr_interface_table * table ,
2005-09-30 21:13:37 +04:00
int conn_flags ,
rpc_command_fn fn ,
int argc ,
2008-05-08 13:23:38 +04:00
const char * * argv )
2001-12-05 03:26:36 +03:00
{
2002-08-17 18:45:04 +04:00
struct cli_state * cli = NULL ;
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client * pipe_hnd = NULL ;
2001-12-05 03:26:36 +03:00
TALLOC_CTX * mem_ctx ;
NTSTATUS nt_status ;
2010-05-21 05:25:01 +04:00
struct dom_sid * domain_sid ;
2008-01-15 18:40:02 +03:00
const char * domain_name ;
2009-03-26 22:29:24 +03:00
int ret = - 1 ;
2001-12-30 13:54:58 +03:00
2002-08-17 18:45:04 +04:00
/* make use of cli_state handed over as an argument, if possible */
2005-09-30 21:13:37 +04:00
if ( ! cli_arg ) {
2008-05-10 01:22:12 +04:00
nt_status = net_make_ipc_connection ( c , conn_flags , & cli ) ;
2007-09-17 19:11:20 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 1 , ( " failed to make ipc connection: %s \n " ,
nt_errstr ( nt_status ) ) ) ;
return - 1 ;
}
2005-09-30 21:13:37 +04:00
} else {
2002-08-17 18:45:04 +04:00
cli = cli_arg ;
2005-09-30 21:13:37 +04:00
}
2002-08-17 18:45:04 +04:00
2001-12-30 13:54:58 +03:00
if ( ! cli ) {
return - 1 ;
}
2001-12-05 03:26:36 +03:00
/* Create mem_ctx */
2008-05-08 13:23:38 +04:00
2002-12-20 23:21:31 +03:00
if ( ! ( mem_ctx = talloc_init ( " run_rpc_command " ) ) ) {
2001-12-05 03:26:36 +03:00
DEBUG ( 0 , ( " talloc_init() failed \n " ) ) ;
2009-03-26 22:29:24 +03:00
goto fail ;
2001-12-05 03:26:36 +03:00
}
2008-05-08 13:23:38 +04:00
2006-02-04 01:19:41 +03:00
nt_status = net_get_remote_domain_sid ( cli , mem_ctx , & domain_sid ,
& domain_name ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2009-03-26 22:29:24 +03:00
goto fail ;
2006-02-04 01:19:41 +03:00
}
2004-01-16 18:07:28 +03:00
2004-02-08 13:59:09 +03:00
if ( ! ( conn_flags & NET_FLAGS_NO_PIPE ) ) {
2008-07-20 20:36:31 +04:00
if ( lp_client_schannel ( )
2012-01-10 14:53:42 +04:00
& & ( ndr_syntax_id_equal ( & table - > syntax_id ,
2008-07-20 20:36:31 +04:00
& ndr_table_netlogon . syntax_id ) ) ) {
2021-11-18 13:47:26 +03:00
const char * remote_name =
smbXcli_conn_remote_name ( cli - > conn ) ;
const struct sockaddr_storage * remote_sockaddr =
smbXcli_conn_remote_sockaddr ( cli - > conn ) ;
2005-09-30 21:13:37 +04:00
/* Always try and create an schannel netlogon pipe. */
2013-09-16 22:53:51 +04:00
TALLOC_FREE ( c - > netlogon_creds ) ;
2008-07-20 13:04:31 +04:00
nt_status = cli_rpc_pipe_open_schannel (
2013-09-16 22:53:51 +04:00
cli , c - > msg_ctx , table , NCACN_NP ,
2015-02-09 11:49:16 +03:00
domain_name ,
2021-11-18 13:47:26 +03:00
remote_name ,
remote_sockaddr ,
2013-09-16 22:53:51 +04:00
& pipe_hnd , c , & c - > netlogon_creds ) ;
2008-07-20 13:04:31 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2005-09-30 21:13:37 +04:00
DEBUG ( 0 , ( " Could not initialise schannel netlogon pipe. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2009-03-26 22:29:24 +03:00
goto fail ;
2005-09-30 21:13:37 +04:00
}
} else {
2008-06-24 12:34:16 +04:00
if ( conn_flags & NET_FLAGS_SEAL ) {
2019-11-11 15:58:37 +03:00
nt_status = cli_rpc_pipe_open_with_creds (
2012-01-10 14:53:42 +04:00
cli , table ,
2009-09-11 00:23:21 +04:00
( conn_flags & NET_FLAGS_TCP ) ?
NCACN_IP_TCP : NCACN_NP ,
2012-01-02 05:51:06 +04:00
DCERPC_AUTH_TYPE_NTLMSSP ,
2009-09-14 22:39:54 +04:00
DCERPC_AUTH_LEVEL_PRIVACY ,
2012-05-19 19:31:50 +04:00
smbXcli_conn_remote_name ( cli - > conn ) ,
2021-11-18 13:43:08 +03:00
smbXcli_conn_remote_sockaddr ( cli - > conn ) ,
2021-01-19 09:49:26 +03:00
c - > creds , & pipe_hnd ) ;
2008-06-24 12:34:16 +04:00
} else {
2008-07-20 13:04:31 +04:00
nt_status = cli_rpc_pipe_open_noauth (
2013-05-24 15:29:28 +04:00
cli , table ,
2009-11-08 21:37:26 +03:00
& pipe_hnd ) ;
2008-06-24 12:34:16 +04:00
}
2008-07-20 13:04:31 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2005-09-30 21:13:37 +04:00
DEBUG ( 0 , ( " Could not initialise pipe %s. Error was %s \n " ,
2012-01-10 14:53:42 +04:00
table - > name ,
2005-09-30 21:13:37 +04:00
nt_errstr ( nt_status ) ) ) ;
2009-03-26 22:29:24 +03:00
goto fail ;
2005-09-30 21:13:37 +04:00
}
2004-02-08 13:59:09 +03:00
}
2001-12-05 03:26:36 +03:00
}
2008-05-08 13:23:38 +04:00
2008-05-10 01:22:12 +04:00
nt_status = fn ( c , domain_sid , domain_name , cli , pipe_hnd , mem_ctx , argc , argv ) ;
2008-05-08 13:23:38 +04:00
2001-12-31 16:00:59 +03:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2002-07-15 14:35:28 +04:00
DEBUG ( 1 , ( " rpc command function failed! (%s) \n " , nt_errstr ( nt_status ) ) ) ;
2001-12-31 16:00:59 +03:00
} else {
2009-03-26 22:29:24 +03:00
ret = 0 ;
2019-08-29 22:34:10 +03:00
DEBUG ( 5 , ( " rpc command function succeeded \n " ) ) ;
2001-12-31 16:00:59 +03:00
}
2008-05-08 13:23:38 +04:00
2004-02-08 13:59:09 +03:00
if ( ! ( conn_flags & NET_FLAGS_NO_PIPE ) ) {
2005-09-30 21:13:37 +04:00
if ( pipe_hnd ) {
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( pipe_hnd ) ;
2005-09-30 21:13:37 +04:00
}
2004-02-08 13:59:09 +03:00
}
2009-03-26 22:29:24 +03:00
fail :
2002-08-17 18:45:04 +04:00
/* close the connection only if it was opened here */
2005-09-30 21:13:37 +04:00
if ( ! cli_arg ) {
2002-08-17 18:45:04 +04:00
cli_shutdown ( cli ) ;
2005-09-30 21:13:37 +04:00
}
2008-05-08 13:23:38 +04:00
2001-12-05 03:26:36 +03:00
talloc_destroy ( mem_ctx ) ;
2009-03-26 22:29:24 +03:00
return ret ;
2001-12-05 03:26:36 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2018-11-28 01:10:17 +03:00
* Force a change of the trust account password .
2001-12-30 13:54:58 +03:00
*
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2001-12-30 13:54:58 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2001-12-30 13:54:58 +03:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-30 13:54:58 +03:00
*
* @ return Normal NTSTATUS return .
* */
2001-12-05 03:26:36 +03:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_changetrustpw_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
const char * * argv )
{
2009-10-05 15:01:53 +04:00
NTSTATUS status ;
2017-05-22 16:36:29 +03:00
const char * dcname = NULL ;
if ( cli = = NULL ) {
return NT_STATUS_INTERNAL_ERROR ;
}
dcname = smbXcli_conn_remote_name ( cli - > conn ) ;
2008-05-08 13:23:38 +04:00
2013-09-16 20:34:48 +04:00
status = trust_pw_change ( c - > netlogon_creds ,
c - > msg_ctx ,
pipe_hnd - > binding_handle ,
c - > opt_target_workgroup ,
2017-05-22 16:36:29 +03:00
dcname ,
2013-09-16 20:34:48 +04:00
true ) ; /* force */
2009-10-05 15:01:53 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Failed to change machine account password: %s \n " ) ,
nt_errstr ( status ) ) ;
return status ;
}
return NT_STATUS_OK ;
2001-12-05 14:00:26 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2018-11-28 01:10:17 +03:00
* Force a change of the trust account password .
2001-12-30 13:54:58 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-30 13:54:58 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2001-12-30 13:54:58 +03:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc_changetrustpw ( struct net_context * c , int argc , const char * * argv )
2001-12-05 14:00:26 +03:00
{
2018-12-17 19:26:11 +03:00
int conn_flags = NET_FLAGS_PDC ;
2024-03-07 15:43:13 +03:00
if ( ! c - > explicit_credentials ) {
2018-12-17 19:26:11 +03:00
conn_flags | = NET_FLAGS_ANONYMOUS ;
}
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc changetrustpw \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Change the machine trust password " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_netlogon ,
2018-12-17 19:26:11 +03:00
conn_flags ,
2004-02-08 13:59:09 +03:00
rpc_changetrustpw_internals ,
2001-12-05 14:00:26 +03:00
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-11-06 15:37:45 +03:00
* Join a domain , the old way . This function exists to allow
* the message to be displayed when oldjoin was explicitly
* requested , but not when it was implied by " net rpc join " .
2001-12-30 13:54:58 +03:00
*
2018-11-28 01:10:17 +03:00
* This uses ' machinename ' as the initial password , and changes it .
2001-12-30 13:54:58 +03:00
*
2003-04-14 08:00:15 +04:00
* The password should be created with ' server manager ' or equiv first .
2001-12-30 13:54:58 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-30 13:54:58 +03:00
*
2008-11-06 15:37:45 +03:00
* @ return A shell status integer ( 0 for success ) .
2001-12-30 13:54:58 +03:00
* */
2008-11-06 15:37:45 +03:00
static int net_rpc_oldjoin ( struct net_context * c , int argc , const char * * argv )
2005-09-30 21:13:37 +04:00
{
2008-11-06 15:37:45 +03:00
struct libnet_JoinCtx * r = NULL ;
TALLOC_CTX * mem_ctx ;
WERROR werr ;
const char * domain = lp_workgroup ( ) ; /* FIXME */
bool modify_config = lp_config_backend_is_registry ( ) ;
enum netr_SchannelType sec_chan_type ;
char * pw = NULL ;
2008-05-08 13:23:38 +04:00
2008-11-06 15:37:45 +03:00
if ( c - > display_usage ) {
d_printf ( " Usage: \n "
" net rpc oldjoin \n "
" Join a domain the old way \n " ) ;
return 0 ;
}
2001-12-05 14:00:26 +03:00
2022-11-30 18:16:05 +03:00
net_warn_member_options ( ) ;
2008-11-06 15:37:45 +03:00
mem_ctx = talloc_init ( " net_rpc_oldjoin " ) ;
if ( ! mem_ctx ) {
return - 1 ;
}
werr = libnet_init_JoinCtx ( mem_ctx , & r ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
goto fail ;
2005-09-30 21:13:37 +04:00
}
2008-05-08 13:23:38 +04:00
/*
2018-11-28 01:10:17 +03:00
check what type of join - if the user wants to join as
2003-05-01 06:51:49 +04:00
a BDC , the server must agree that we are a BDC .
*/
if ( argc > = 0 ) {
2008-11-06 15:37:45 +03:00
sec_chan_type = get_sec_channel_type ( argv [ 0 ] ) ;
2003-05-01 06:51:49 +04:00
} else {
2008-11-06 15:37:45 +03:00
sec_chan_type = get_sec_channel_type ( NULL ) ;
2003-05-01 06:51:49 +04:00
}
2008-05-08 13:23:38 +04:00
2008-11-06 15:37:45 +03:00
if ( ! c - > msg_ctx ) {
d_fprintf ( stderr , _ ( " Could not initialise message context. "
" Try running as root \n " ) ) ;
werr = WERR_ACCESS_DENIED ;
goto fail ;
2012-12-10 20:36:39 +04:00
}
2002-07-15 14:35:28 +04:00
2008-11-06 15:37:45 +03:00
pw = talloc_strndup ( r , lp_netbios_name ( ) , 14 ) ;
if ( pw = = NULL ) {
2015-12-03 17:24:17 +03:00
werr = WERR_NOT_ENOUGH_MEMORY ;
2008-11-06 15:37:45 +03:00
goto fail ;
}
2003-04-21 18:09:03 +04:00
2008-11-06 15:37:45 +03:00
r - > in . msg_ctx = c - > msg_ctx ;
r - > in . domain_name = domain ;
r - > in . secure_channel_type = sec_chan_type ;
r - > in . dc_name = c - > opt_host ;
2022-04-28 18:59:00 +03:00
r - > in . passed_machine_password = strlower_talloc ( r , pw ) ;
if ( r - > in . passed_machine_password = = NULL ) {
2015-12-03 17:24:17 +03:00
werr = WERR_NOT_ENOUGH_MEMORY ;
2008-11-06 15:37:45 +03:00
goto fail ;
}
r - > in . debug = true ;
r - > in . modify_config = modify_config ;
r - > in . join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
WKSSVC_JOIN_FLAGS_JOIN_UNSECURE |
WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED ;
werr = libnet_Join ( mem_ctx , r ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
goto fail ;
2003-04-21 18:09:03 +04:00
}
2002-09-25 19:19:00 +04:00
2008-11-06 15:37:45 +03:00
/* Check the short name of the domain */
2001-12-05 14:00:26 +03:00
2008-11-06 15:37:45 +03:00
if ( ! modify_config & & ! strequal ( lp_workgroup ( ) , r - > out . netbios_domain_name ) ) {
d_printf ( " The workgroup in %s does not match the short \n " , get_dyn_CONFIGFILE ( ) ) ;
d_printf ( " domain name obtained from the server. \n " ) ;
d_printf ( " Using the name [%s] from the server. \n " , r - > out . netbios_domain_name ) ;
d_printf ( " You should set \" workgroup = %s \" in %s. \n " ,
r - > out . netbios_domain_name , get_dyn_CONFIGFILE ( ) ) ;
}
2003-04-21 18:09:03 +04:00
2008-11-06 15:37:45 +03:00
d_printf ( " Using short domain name -- %s \n " , r - > out . netbios_domain_name ) ;
2001-12-05 14:00:26 +03:00
2008-11-06 15:37:45 +03:00
if ( r - > out . dns_domain_name ) {
d_printf ( " Joined '%s' to realm '%s' \n " , r - > in . machine_name ,
r - > out . dns_domain_name ) ;
} else {
d_printf ( " Joined '%s' to domain '%s' \n " , r - > in . machine_name ,
r - > out . netbios_domain_name ) ;
}
2004-01-16 18:07:28 +03:00
2016-06-15 17:04:29 +03:00
/* print out informative error string in case there is one */
if ( r - > out . error_string ! = NULL ) {
d_printf ( " %s \n " , r - > out . error_string ) ;
}
2008-11-06 15:37:45 +03:00
TALLOC_FREE ( mem_ctx ) ;
2008-05-21 12:27:59 +04:00
2008-11-06 15:37:45 +03:00
return 0 ;
2008-05-21 12:27:59 +04:00
2008-11-06 15:37:45 +03:00
fail :
2013-07-15 15:28:34 +04:00
if ( c - > opt_flags & NET_FLAGS_EXPECT_FALLBACK ) {
goto cleanup ;
}
2008-11-06 15:37:45 +03:00
/* issue an overall failure message at the end. */
d_fprintf ( stderr , _ ( " Failed to join domain: %s \n " ) ,
r & & r - > out . error_string ? r - > out . error_string :
get_friendly_werror_msg ( werr ) ) ;
2004-01-16 18:07:28 +03:00
2013-07-15 15:28:34 +04:00
cleanup :
2008-11-06 15:37:45 +03:00
TALLOC_FREE ( mem_ctx ) ;
2004-01-21 17:48:02 +03:00
2008-11-06 15:37:45 +03:00
return - 1 ;
2004-01-16 18:07:28 +03:00
}
2009-02-03 22:10:05 +03:00
/**
* check that a join is OK
*
* @ return A shell status integer ( 0 for success )
*
* */
int net_rpc_testjoin ( struct net_context * c , int argc , const char * * argv )
{
NTSTATUS status ;
TALLOC_CTX * mem_ctx ;
const char * domain = c - > opt_target_workgroup ;
const char * dc = c - > opt_host ;
2022-04-28 18:59:00 +03:00
enum credentials_use_kerberos kerberos_state =
cli_credentials_get_kerberos_state ( c - > creds ) ;
2009-02-03 22:10:05 +03:00
if ( c - > display_usage ) {
d_printf ( " Usage \n "
" net rpc testjoin \n "
" Test if a join is OK \n " ) ;
return 0 ;
}
2022-11-30 18:16:05 +03:00
net_warn_member_options ( ) ;
2009-02-03 22:10:05 +03:00
mem_ctx = talloc_init ( " net_rpc_testjoin " ) ;
if ( ! mem_ctx ) {
return - 1 ;
}
if ( ! dc ) {
struct netr_DsRGetDCNameInfo * info ;
if ( ! c - > msg_ctx ) {
d_fprintf ( stderr , _ ( " Could not initialise message context. "
" Try running as root \n " ) ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
}
status = dsgetdcname ( mem_ctx ,
c - > msg_ctx ,
domain ,
NULL ,
NULL ,
DS_RETURN_DNS_NAME ,
& info ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
talloc_destroy ( mem_ctx ) ;
return - 1 ;
}
dc = strip_hostname ( info - > dc_unc ) ;
}
/* Display success or failure */
2013-09-02 21:32:23 +04:00
status = libnet_join_ok ( c - > msg_ctx ,
c - > opt_workgroup ,
dc ,
2022-04-28 18:59:00 +03:00
kerberos_state ) ;
2009-02-03 22:10:05 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
fprintf ( stderr , " Join to domain '%s' is not valid: %s \n " ,
domain , nt_errstr ( status ) ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
}
printf ( " Join to '%s' is OK \n " , domain ) ;
talloc_destroy ( mem_ctx ) ;
return 0 ;
}
2009-02-03 22:21:05 +03:00
/**
* Join a domain using the administrator username and password
*
* @ param argc Standard main ( ) style argc
* @ param argc Standard main ( ) style argv . Initial components are already
* stripped . Currently not used .
* @ return A shell status integer ( 0 for success )
*
* */
2013-07-15 15:28:34 +04:00
static int net_rpc_join_newstyle ( struct net_context * c , int argc , const char * * argv )
2009-02-03 22:21:05 +03:00
{
struct libnet_JoinCtx * r = NULL ;
TALLOC_CTX * mem_ctx ;
WERROR werr ;
const char * domain = lp_workgroup ( ) ; /* FIXME */
bool modify_config = lp_config_backend_is_registry ( ) ;
enum netr_SchannelType sec_chan_type ;
if ( c - > display_usage ) {
d_printf ( " Usage: \n "
" net rpc join \n "
" Join a domain the new way \n " ) ;
return 0 ;
}
2022-11-30 18:16:05 +03:00
net_warn_member_options ( ) ;
2009-02-03 22:21:05 +03:00
mem_ctx = talloc_init ( " net_rpc_join_newstyle " ) ;
if ( ! mem_ctx ) {
return - 1 ;
}
werr = libnet_init_JoinCtx ( mem_ctx , & r ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
goto fail ;
}
/*
2018-11-28 01:10:17 +03:00
check what type of join - if the user wants to join as
2009-02-03 22:21:05 +03:00
a BDC , the server must agree that we are a BDC .
*/
if ( argc > = 0 ) {
sec_chan_type = get_sec_channel_type ( argv [ 0 ] ) ;
} else {
sec_chan_type = get_sec_channel_type ( NULL ) ;
}
if ( ! c - > msg_ctx ) {
d_fprintf ( stderr , _ ( " Could not initialise message context. "
" Try running as root \n " ) ) ;
werr = WERR_ACCESS_DENIED ;
goto fail ;
}
r - > in . msg_ctx = c - > msg_ctx ;
r - > in . domain_name = domain ;
r - > in . secure_channel_type = sec_chan_type ;
r - > in . dc_name = c - > opt_host ;
2022-04-28 18:59:00 +03:00
r - > in . admin_credentials = c - > creds ;
2009-02-03 22:21:05 +03:00
r - > in . debug = true ;
r - > in . modify_config = modify_config ;
r - > in . join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |
WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED ;
werr = libnet_Join ( mem_ctx , r ) ;
if ( ! W_ERROR_IS_OK ( werr ) ) {
goto fail ;
}
/* Check the short name of the domain */
if ( ! modify_config & & ! strequal ( lp_workgroup ( ) , r - > out . netbios_domain_name ) ) {
d_printf ( " The workgroup in %s does not match the short \n " , get_dyn_CONFIGFILE ( ) ) ;
d_printf ( " domain name obtained from the server. \n " ) ;
d_printf ( " Using the name [%s] from the server. \n " , r - > out . netbios_domain_name ) ;
d_printf ( " You should set \" workgroup = %s \" in %s. \n " ,
r - > out . netbios_domain_name , get_dyn_CONFIGFILE ( ) ) ;
}
d_printf ( " Using short domain name -- %s \n " , r - > out . netbios_domain_name ) ;
if ( r - > out . dns_domain_name ) {
d_printf ( " Joined '%s' to realm '%s' \n " , r - > in . machine_name ,
r - > out . dns_domain_name ) ;
} else {
d_printf ( " Joined '%s' to domain '%s' \n " , r - > in . machine_name ,
r - > out . netbios_domain_name ) ;
}
2016-06-15 17:04:29 +03:00
/* print out informative error string in case there is one */
if ( r - > out . error_string ! = NULL ) {
d_printf ( " %s \n " , r - > out . error_string ) ;
}
2009-02-03 22:21:05 +03:00
TALLOC_FREE ( mem_ctx ) ;
return 0 ;
fail :
/* issue an overall failure message at the end. */
d_printf ( " Failed to join domain: %s \n " ,
r & & r - > out . error_string ? r - > out . error_string :
get_friendly_werror_msg ( werr ) ) ;
TALLOC_FREE ( mem_ctx ) ;
return - 1 ;
}
2008-05-08 13:23:38 +04:00
/**
2001-12-30 13:54:58 +03:00
* ' net rpc join ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
2001-12-30 13:54:58 +03:00
* stripped
*
2008-05-08 13:23:38 +04:00
* Main ' net_rpc_join ( ) ' ( where the admin username / password is used ) is
2008-06-12 12:55:55 +04:00
* in net_rpc_join . c .
2003-05-01 06:51:49 +04:00
* Try to just change the password , but if that doesn ' t work , use / prompt
* for a username / password .
2001-12-30 13:54:58 +03:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc_join ( struct net_context * c , int argc , const char * * argv )
2001-12-05 14:00:26 +03:00
{
2013-07-15 15:28:34 +04:00
int ret ;
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc join -U <username>[%%password] <type> \n "
2009-08-04 10:28:50 +04:00
" Join a domain \n "
" username \t Name of the admin user "
" password \t Password of the admin user, will "
" prompt if not specified \n "
" type \t Can be one of the following: \n "
" \t \t MEMBER \t Join as member server (default) \n "
" \t \t BDC \t Join as BDC \n "
" \t \t PDC \t Join as PDC \n " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2006-04-24 14:09:45 +04:00
if ( lp_server_role ( ) = = ROLE_STANDALONE ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " cannot join as standalone machine \n " ) ) ;
2006-04-18 17:22:14 +04:00
return - 1 ;
}
2022-11-30 18:16:05 +03:00
net_warn_member_options ( ) ;
2011-06-09 09:31:03 +04:00
if ( strlen ( lp_netbios_name ( ) ) > 15 ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Our netbios name can be at most 15 chars long, "
" \" %s \" is %u chars long \n " ) ,
2011-06-09 09:31:03 +04:00
lp_netbios_name ( ) , ( unsigned int ) strlen ( lp_netbios_name ( ) ) ) ;
2006-04-19 19:43:48 +04:00
return - 1 ;
}
2013-07-15 15:28:34 +04:00
c - > opt_flags | = NET_FLAGS_EXPECT_FALLBACK ;
ret = net_rpc_oldjoin ( c , argc , argv ) ;
c - > opt_flags & = ~ NET_FLAGS_EXPECT_FALLBACK ;
if ( ret = = 0 ) {
2003-04-21 18:09:03 +04:00
return 0 ;
2013-07-15 15:28:34 +04:00
}
2008-05-08 13:23:38 +04:00
2008-05-10 01:22:12 +04:00
return net_rpc_join_newstyle ( c , argc , argv ) ;
2001-12-05 14:00:26 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2002-07-15 14:35:28 +04:00
* display info about a rpc domain
*
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function , except for
2008-05-08 13:23:38 +04:00
* argc , argv which are passed through .
2002-07-15 14:35:28 +04:00
*
* @ param domain_sid The domain sid acquired from the remote server
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
NTSTATUS rpc_info_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2002-07-15 14:35:28 +04:00
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol ;
2011-01-18 13:34:33 +03:00
NTSTATUS status , result ;
2008-02-05 17:55:11 +03:00
union samr_DomainInfo * info = NULL ;
2011-01-18 13:34:33 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2002-09-25 19:19:00 +04:00
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
2011-01-18 13:34:33 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:34:33 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Could not connect to SAM: %s \n " ) ,
nt_errstr ( status ) ) ;
goto done ;
}
2002-07-15 14:35:28 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:34:33 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not connect to SAM: %s \n " ) ,
nt_errstr ( result ) ) ;
2002-07-15 14:35:28 +04:00
goto done ;
}
2008-02-01 13:12:05 +03:00
2002-07-15 14:35:28 +04:00
/* Get domain policy handle */
2011-01-18 13:34:33 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , domain_sid ) ,
2011-01-18 13:34:33 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Could not open domain: %s \n " ) ,
nt_errstr ( status ) ) ;
goto done ;
}
2002-07-15 14:35:28 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:34:33 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not open domain: %s \n " ) ,
nt_errstr ( result ) ) ;
2002-07-15 14:35:28 +04:00
goto done ;
}
2011-01-18 13:34:33 +03:00
status = dcerpc_samr_QueryDomainInfo ( b , mem_ctx ,
2008-02-05 17:55:11 +03:00
& domain_pol ,
2 ,
2011-01-18 13:34:33 +03:00
& info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
status = result ;
2002-07-15 14:35:28 +04:00
if ( NT_STATUS_IS_OK ( result ) ) {
2018-12-06 19:53:24 +03:00
struct dom_sid_buf sid_str ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Domain Name: %s \n " ) ,
info - > general . domain_name . string ) ;
2018-12-06 19:53:24 +03:00
d_printf ( _ ( " Domain SID: %s \n " ) ,
dom_sid_str_buf ( domain_sid , & sid_str ) ) ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Sequence number: %llu \n " ) ,
2008-10-15 19:10:53 +04:00
( unsigned long long ) info - > general . sequence_num ) ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Num users: %u \n " ) , info - > general . num_users ) ;
d_printf ( _ ( " Num domain groups: %u \n " ) , info - > general . num_groups ) ;
d_printf ( _ ( " Num local groups: %u \n " ) , info - > general . num_aliases ) ;
2002-07-15 14:35:28 +04:00
}
done :
2011-01-18 13:34:33 +03:00
return status ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2002-07-15 14:35:28 +04:00
* ' net rpc info ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
* */
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
int net_rpc_info ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc info \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Display information about the domain " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2022-11-30 18:16:05 +03:00
net_warn_member_options ( ) ;
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr ,
2008-07-20 20:36:31 +04:00
NET_FLAGS_PDC , rpc_info_internals ,
2002-07-15 14:35:28 +04:00
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Fetch domain SID into the local secrets . tdb .
2002-09-25 19:19:00 +04:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2002-09-25 19:19:00 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2002-09-25 19:19:00 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-09-25 19:19:00 +04:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_getsid_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2002-09-25 19:19:00 +04:00
{
2018-12-06 19:53:24 +03:00
struct dom_sid_buf sid_str ;
2002-09-25 19:19:00 +04:00
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Storing SID %s for Domain %s in secrets.tdb \n " ) ,
2018-12-06 19:53:24 +03:00
dom_sid_str_buf ( domain_sid , & sid_str ) ,
domain_name ) ;
2002-09-25 19:19:00 +04:00
2004-02-08 13:59:09 +03:00
if ( ! secrets_store_domain_sid ( domain_name , domain_sid ) ) {
2002-09-25 19:19:00 +04:00
DEBUG ( 0 , ( " Can't store domain SID \n " ) ) ;
return NT_STATUS_UNSUCCESSFUL ;
}
return NT_STATUS_OK ;
}
2008-05-08 13:23:38 +04:00
/**
2002-09-25 19:19:00 +04:00
* ' net rpc getsid ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-09-25 19:19:00 +04:00
* */
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
int net_rpc_getsid ( struct net_context * c , int argc , const char * * argv )
2002-09-25 19:19:00 +04:00
{
2010-01-15 02:39:30 +03:00
int conn_flags = NET_FLAGS_PDC ;
2024-03-07 15:43:13 +03:00
if ( ! c - > explicit_credentials ) {
2010-01-15 02:39:30 +03:00
conn_flags | = NET_FLAGS_ANONYMOUS ;
}
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc getsid \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Fetch domain SID into local secrets.tdb " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr ,
2010-01-15 02:39:30 +03:00
conn_flags ,
2002-09-25 19:19:00 +04:00
rpc_getsid_internals ,
argc , argv ) ;
}
2002-07-15 14:35:28 +04:00
2001-12-30 13:54:58 +03:00
/****************************************************************************/
2002-04-05 05:36:28 +04:00
/**
2008-06-12 12:55:55 +04:00
* Basic usage function for ' net rpc user ' .
2002-04-05 05:36:28 +04:00
* @ param argc Standard main ( ) style argc .
2008-06-12 12:55:55 +04:00
* @ param argv Standard main ( ) style argv . Initial components are already
2002-04-05 05:36:28 +04:00
* stripped .
* */
2008-05-10 01:22:12 +04:00
static int rpc_user_usage ( struct net_context * c , int argc , const char * * argv )
2002-04-05 05:36:28 +04:00
{
2008-05-13 14:51:09 +04:00
return net_user_usage ( c , argc , argv ) ;
2002-04-05 05:36:28 +04:00
}
2001-12-30 13:54:58 +03:00
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Add a new user to a remote RPC server .
2001-12-30 13:54:58 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-30 13:54:58 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2001-12-30 13:54:58 +03:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_user_add ( struct net_context * c , int argc , const char * * argv )
2001-12-05 03:26:36 +03:00
{
2008-04-16 04:41:52 +04:00
NET_API_STATUS status ;
struct USER_INFO_1 info1 ;
uint32_t parm_error = 0 ;
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_user_usage ( c , argc , argv ) ;
2008-04-16 04:41:52 +04:00
return 0 ;
}
ZERO_STRUCT ( info1 ) ;
info1 . usri1_name = argv [ 0 ] ;
if ( argc = = 2 ) {
info1 . usri1_password = argv [ 1 ] ;
}
2008-05-10 01:22:12 +04:00
status = NetUserAdd ( c - > opt_host , 1 , ( uint8_t * ) & info1 , & parm_error ) ;
2008-04-16 04:41:52 +04:00
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Failed to add user '%s' with error: %s. \n " ) ,
2008-05-10 01:22:12 +04:00
argv [ 0 ] , libnetapi_get_error_string ( c - > netapi_ctx ,
status ) ) ;
2008-04-16 04:41:52 +04:00
return - 1 ;
} else {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Added user '%s'. \n " ) , argv [ 0 ] ) ;
2008-04-16 04:41:52 +04:00
}
return 0 ;
2001-12-05 03:26:36 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Rename a user on a remote RPC server .
2005-01-20 19:51:24 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2005-01-20 19:51:24 +03:00
*
2008-08-26 23:10:19 +04:00
* @ return A shell status integer ( 0 for success ) .
2005-01-20 19:51:24 +03:00
* */
2008-08-26 23:10:19 +04:00
static int rpc_user_rename ( struct net_context * c , int argc , const char * * argv )
2005-09-30 21:13:37 +04:00
{
2008-08-26 23:10:19 +04:00
NET_API_STATUS status ;
struct USER_INFO_0 u0 ;
uint32_t parm_err = 0 ;
2005-01-20 19:51:24 +03:00
2008-05-21 12:27:59 +04:00
if ( argc ! = 2 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_user_usage ( c , argc , argv ) ;
2008-08-26 23:10:19 +04:00
return 0 ;
2005-01-20 19:51:24 +03:00
}
2008-08-26 23:10:19 +04:00
u0 . usri0_name = argv [ 1 ] ;
2005-01-20 19:51:24 +03:00
2008-08-26 23:10:19 +04:00
status = NetUserSetInfo ( c - > opt_host , argv [ 0 ] ,
0 , ( uint8_t * ) & u0 , & parm_err ) ;
if ( status ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Failed to rename user from %s to %s - %s \n " ) ,
2008-08-26 23:10:19 +04:00
argv [ 0 ] , argv [ 1 ] ,
libnetapi_get_error_string ( c - > netapi_ctx , status ) ) ;
2005-01-20 19:51:24 +03:00
} else {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Renamed user from %s to %s \n " ) , argv [ 0 ] , argv [ 1 ] ) ;
2005-01-20 19:51:24 +03:00
}
2008-08-26 23:10:19 +04:00
return status ;
2005-01-20 19:51:24 +03:00
}
2010-04-26 18:44:34 +04:00
/**
* Set a user ' s primary group
*
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
*
* @ return A shell status integer ( 0 for success ) .
* */
static int rpc_user_setprimarygroup ( struct net_context * c , int argc ,
const char * * argv )
{
NET_API_STATUS status ;
uint8_t * buffer ;
struct GROUP_INFO_2 * g2 ;
struct USER_INFO_1051 u1051 ;
uint32_t parm_err = 0 ;
if ( argc ! = 2 | | c - > display_usage ) {
rpc_user_usage ( c , argc , argv ) ;
return 0 ;
}
status = NetGroupGetInfo ( c - > opt_host , argv [ 1 ] , 2 , & buffer ) ;
if ( status ) {
d_fprintf ( stderr , _ ( " Failed to find group name %s -- %s \n " ) ,
argv [ 1 ] ,
libnetapi_get_error_string ( c - > netapi_ctx , status ) ) ;
return status ;
}
g2 = ( struct GROUP_INFO_2 * ) buffer ;
u1051 . usri1051_primary_group_id = g2 - > grpi2_group_id ;
NetApiBufferFree ( buffer ) ;
status = NetUserSetInfo ( c - > opt_host , argv [ 0 ] , 1051 ,
( uint8_t * ) & u1051 , & parm_err ) ;
if ( status ) {
d_fprintf ( stderr ,
_ ( " Failed to set user's primary group %s to %s - "
" %s \n " ) , argv [ 0 ] , argv [ 1 ] ,
libnetapi_get_error_string ( c - > netapi_ctx , status ) ) ;
} else {
d_printf ( _ ( " Set primary group of user %s to %s \n " ) , argv [ 0 ] ,
argv [ 1 ] ) ;
}
return status ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Delete a user from a remote RPC server .
2002-04-05 05:36:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-04-05 05:36:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2002-04-05 05:36:28 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_user_delete ( struct net_context * c , int argc , const char * * argv )
2002-04-05 05:36:28 +04:00
{
2008-04-16 04:39:41 +04:00
NET_API_STATUS status ;
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_user_usage ( c , argc , argv ) ;
2008-04-16 04:39:41 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
status = NetUserDel ( c - > opt_host , argv [ 0 ] ) ;
2008-04-16 04:39:41 +04:00
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Failed to delete user '%s' with: %s. \n " ) ,
2008-04-16 04:39:41 +04:00
argv [ 0 ] ,
2008-05-10 01:22:12 +04:00
libnetapi_get_error_string ( c - > netapi_ctx , status ) ) ;
2008-04-16 04:39:41 +04:00
return - 1 ;
} else {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Deleted user '%s'. \n " ) , argv [ 0 ] ) ;
2008-04-16 04:39:41 +04:00
}
return 0 ;
2002-04-05 05:36:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-08-27 13:19:49 +04:00
* Set a user ' s password on a remote RPC server .
2004-02-07 06:54:39 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-02-07 06:54:39 +03:00
*
2008-08-27 13:19:49 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-02-07 06:54:39 +03:00
* */
2008-08-27 13:19:49 +04:00
static int rpc_user_password ( struct net_context * c , int argc , const char * * argv )
2004-02-07 06:54:39 +03:00
{
2008-08-27 13:19:49 +04:00
NET_API_STATUS status ;
2004-02-07 06:54:39 +03:00
char * prompt = NULL ;
2008-08-27 13:19:49 +04:00
struct USER_INFO_1003 u1003 ;
uint32_t parm_err = 0 ;
2009-08-04 10:28:50 +04:00
int ret ;
2004-02-07 06:54:39 +03:00
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_user_usage ( c , argc , argv ) ;
2008-08-27 13:19:49 +04:00
return 0 ;
2004-02-07 06:54:39 +03:00
}
2008-05-08 13:23:38 +04:00
2004-02-07 06:54:39 +03:00
if ( argv [ 1 ] ) {
2008-08-27 13:19:49 +04:00
u1003 . usri1003_password = argv [ 1 ] ;
2004-02-07 06:54:39 +03:00
} else {
2012-11-23 18:05:51 +04:00
char pwd [ 256 ] = { 0 } ;
2009-08-04 10:28:50 +04:00
ret = asprintf ( & prompt , _ ( " Enter new password for %s: " ) ,
argv [ 0 ] ) ;
if ( ret = = - 1 ) {
2009-01-01 05:06:57 +03:00
return - 1 ;
}
2012-11-23 18:05:51 +04:00
ret = samba_getpass ( prompt , pwd , sizeof ( pwd ) , false , false ) ;
2004-02-07 06:54:39 +03:00
SAFE_FREE ( prompt ) ;
2012-11-23 18:05:51 +04:00
if ( ret < 0 ) {
return - 1 ;
}
u1003 . usri1003_password = talloc_strdup ( c , pwd ) ;
2010-05-08 04:16:37 +04:00
if ( u1003 . usri1003_password = = NULL ) {
return - 1 ;
}
2004-02-07 06:54:39 +03:00
}
2008-08-27 13:19:49 +04:00
status = NetUserSetInfo ( c - > opt_host , argv [ 0 ] , 1003 , ( uint8_t * ) & u1003 , & parm_err ) ;
2004-02-07 06:54:39 +03:00
/* Display results */
2008-08-27 13:19:49 +04:00
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Failed to set password for '%s' with error: %s. \n " ) ,
2008-08-27 13:19:49 +04:00
argv [ 0 ] , libnetapi_get_error_string ( c - > netapi_ctx ,
status ) ) ;
return - 1 ;
}
2004-02-07 06:54:39 +03:00
2008-08-27 13:19:49 +04:00
return 0 ;
2004-02-07 06:54:39 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2008-08-27 15:47:04 +04:00
* List a user ' s groups from a remote RPC server .
2002-04-05 05:36:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-04-05 05:36:28 +04:00
*
2008-08-27 15:47:04 +04:00
* @ return A shell status integer ( 0 for success )
2002-04-05 05:36:28 +04:00
* */
2008-08-27 15:47:04 +04:00
static int rpc_user_info ( struct net_context * c , int argc , const char * * argv )
2002-04-05 05:36:28 +04:00
{
2008-08-27 15:47:04 +04:00
NET_API_STATUS status ;
struct GROUP_USERS_INFO_0 * u0 = NULL ;
uint32_t entries_read = 0 ;
uint32_t total_entries = 0 ;
2021-07-25 11:22:37 +03:00
uint32_t i ;
2008-02-08 16:50:04 +03:00
2002-04-05 05:36:28 +04:00
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_user_usage ( c , argc , argv ) ;
2008-08-27 15:47:04 +04:00
return 0 ;
2002-04-05 05:36:28 +04:00
}
2008-08-27 15:47:04 +04:00
status = NetUserGetGroups ( c - > opt_host ,
argv [ 0 ] ,
0 ,
2009-02-01 02:31:16 +03:00
( uint8_t * * ) ( void * ) & u0 ,
2008-08-27 15:47:04 +04:00
( uint32_t ) - 1 ,
& entries_read ,
& total_entries ) ;
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Failed to get groups for '%s' with error: %s. \n " ) ,
2008-08-27 15:47:04 +04:00
argv [ 0 ] , libnetapi_get_error_string ( c - > netapi_ctx ,
status ) ) ;
return - 1 ;
2005-02-10 21:27:23 +03:00
}
2002-04-05 05:36:28 +04:00
2008-08-27 15:47:04 +04:00
for ( i = 0 ; i < entries_read ; i + + ) {
printf ( " %s \n " , u0 - > grui0_name ) ;
u0 + + ;
}
2002-04-05 05:36:28 +04:00
2008-08-27 15:47:04 +04:00
return 0 ;
2002-04-05 05:36:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* List users on a remote RPC server .
2002-04-05 05:36:28 +04:00
*
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2002-04-05 05:36:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2002-04-05 05:36:28 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-04-05 05:36:28 +04:00
*
* @ return Normal NTSTATUS return .
* */
2008-08-27 13:14:15 +04:00
static int rpc_user_list ( struct net_context * c , int argc , const char * * argv )
2002-04-05 05:36:28 +04:00
{
2008-08-27 13:14:15 +04:00
NET_API_STATUS status ;
uint32_t start_idx = 0 , num_entries , i , loop_count = 0 ;
struct NET_DISPLAY_USER * info = NULL ;
void * buffer = NULL ;
2002-04-05 05:36:28 +04:00
/* Query domain users */
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries )
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " \n User name Comment "
" \n ----------------------------- \n " ) ) ;
2002-04-05 05:36:28 +04:00
do {
2008-08-27 13:14:15 +04:00
uint32_t max_entries , max_size ;
2003-01-29 23:15:35 +03:00
2011-01-12 17:36:19 +03:00
dcerpc_get_query_dispinfo_params (
2003-01-29 23:15:35 +03:00
loop_count , & max_entries , & max_size ) ;
2008-08-27 13:14:15 +04:00
status = NetQueryDisplayInformation ( c - > opt_host ,
1 ,
start_idx ,
max_entries ,
max_size ,
& num_entries ,
& buffer ) ;
if ( status ! = 0 & & status ! = ERROR_MORE_DATA ) {
return status ;
}
info = ( struct NET_DISPLAY_USER * ) buffer ;
2003-01-29 23:15:35 +03:00
2002-04-05 05:36:28 +04:00
for ( i = 0 ; i < num_entries ; i + + ) {
2008-08-27 13:14:15 +04:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries )
2008-08-27 13:14:15 +04:00
printf ( " %-21.21s %s \n " , info - > usri1_name ,
info - > usri1_comment ) ;
2002-04-05 05:36:28 +04:00
else
2008-08-27 13:14:15 +04:00
printf ( " %s \n " , info - > usri1_name ) ;
info + + ;
2002-04-05 05:36:28 +04:00
}
2008-08-27 13:14:15 +04:00
NetApiBufferFree ( buffer ) ;
loop_count + + ;
start_idx + = num_entries ;
} while ( status = = ERROR_MORE_DATA ) ;
return status ;
2001-12-05 03:26:36 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2001-12-30 13:54:58 +03:00
* ' net rpc user ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-30 13:54:58 +03:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc_user ( struct net_context * c , int argc , const char * * argv )
2001-12-05 03:26:36 +03:00
{
2008-04-16 04:39:41 +04:00
NET_API_STATUS status ;
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" add " ,
rpc_user_add ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Add specified user " ) ,
N_ ( " net rpc user add \n "
" Add specified user " )
2008-05-21 12:27:59 +04:00
} ,
{
" info " ,
rpc_user_info ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List domain groups of user " ) ,
N_ ( " net rpc user info \n "
2010-07-26 17:04:52 +04:00
" List domain groups of user " )
2008-05-21 12:27:59 +04:00
} ,
{
" delete " ,
rpc_user_delete ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Remove specified user " ) ,
N_ ( " net rpc user delete \n "
" Remove specified user " )
2008-05-21 12:27:59 +04:00
} ,
{
" password " ,
rpc_user_password ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Change user password " ) ,
N_ ( " net rpc user password \n "
" Change user password " )
2008-05-21 12:27:59 +04:00
} ,
{
" rename " ,
rpc_user_rename ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Rename specified user " ) ,
N_ ( " net rpc user rename \n "
" Rename specified user " )
2008-05-21 12:27:59 +04:00
} ,
2010-04-26 18:44:34 +04:00
{
" setprimarygroup " ,
rpc_user_setprimarygroup ,
NET_TRANSPORT_RPC ,
" Set a user's primary group " ,
" net rpc user setprimarygroup \n "
" Set a user's primary group "
} ,
2008-05-21 12:27:59 +04:00
{ NULL , NULL , 0 , NULL , NULL }
2001-12-05 03:26:36 +03:00
} ;
2008-04-16 04:39:41 +04:00
2023-09-07 15:53:22 +03:00
status = libnetapi_net_init ( & c - > netapi_ctx , c - > lp_ctx , c - > creds ) ;
2021-03-25 13:44:36 +03:00
if ( status ! = 0 ) {
return - 1 ;
2008-07-31 17:14:14 +04:00
}
2008-04-16 04:39:41 +04:00
2001-12-05 03:26:36 +03:00
if ( argc = = 0 ) {
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2010-01-19 01:39:19 +03:00
" net rpc user \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " List all users " ) ) ;
2008-05-21 12:27:59 +04:00
net_display_usage_from_functable ( func ) ;
return 0 ;
}
2008-08-27 13:14:15 +04:00
return rpc_user_list ( c , argc , argv ) ;
2001-12-05 03:26:36 +03:00
}
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc user " , func ) ;
2001-12-05 03:26:36 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_list ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-08-27 13:14:15 +04:00
return werror_to_ntstatus ( W_ERROR ( rpc_user_list ( c , argc , argv ) ) ) ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_info ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-08-27 15:47:04 +04:00
return werror_to_ntstatus ( W_ERROR ( rpc_user_info ( c , argc , argv ) ) ) ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_handle_user ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv ,
NTSTATUS ( * fn ) (
2008-05-10 01:22:12 +04:00
struct net_context * c ,
2006-02-04 01:19:41 +03:00
TALLOC_CTX * mem_ctx ,
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
2009-03-19 00:49:41 +03:00
struct policy_handle * user_hnd ,
2006-02-04 01:19:41 +03:00
int argc , const char * * argv ) )
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol , user_pol ;
2011-01-18 13:35:50 +03:00
NTSTATUS status , result ;
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2015-05-07 03:00:06 +03:00
uint32_t rid ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType type ;
2011-01-18 13:35:50 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2006-02-04 01:19:41 +03:00
if ( argc = = 0 ) {
2010-01-19 13:43:54 +03:00
d_fprintf ( stderr , " %s %s <username> \n " , _ ( " Usage: " ) ,
ctx - > whoami ) ;
2006-02-04 01:19:41 +03:00
return NT_STATUS_INVALID_PARAMETER ;
}
ZERO_STRUCT ( connect_pol ) ;
ZERO_STRUCT ( domain_pol ) ;
ZERO_STRUCT ( user_pol ) ;
2013-09-13 13:11:55 +04:00
status = net_rpc_lookup_name ( c , mem_ctx , ctx - > cli ,
2008-04-20 16:05:25 +04:00
argv [ 0 ] , NULL , NULL , & sid , & type ) ;
2011-01-18 13:35:50 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not lookup %s: %s \n " ) , argv [ 0 ] ,
2011-01-18 13:35:50 +03:00
nt_errstr ( status ) ) ;
2006-02-04 01:19:41 +03:00
goto done ;
}
if ( type ! = SID_NAME_USER ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " %s is a %s, not a user \n " ) , argv [ 0 ] ,
2006-02-04 01:19:41 +03:00
sid_type_lookup ( type ) ) ;
2011-01-18 13:35:50 +03:00
status = NT_STATUS_NO_SUCH_USER ;
2006-02-04 01:19:41 +03:00
goto done ;
}
if ( ! sid_peek_check_rid ( ctx - > domain_sid , & sid , & rid ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " %s is not in our domain \n " ) , argv [ 0 ] ) ;
2011-01-18 13:35:50 +03:00
status = NT_STATUS_NO_SUCH_USER ;
2006-02-04 01:19:41 +03:00
goto done ;
}
2011-01-18 13:35:50 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:35:50 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2006-02-04 01:19:41 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:35:50 +03:00
status = result ;
2006-02-04 01:19:41 +03:00
goto done ;
}
2011-01-18 13:35:50 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
ctx - > domain_sid ,
2011-01-18 13:35:50 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2006-02-04 01:19:41 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:35:50 +03:00
status = result ;
2006-02-04 01:19:41 +03:00
goto done ;
}
2011-01-18 13:35:50 +03:00
status = dcerpc_samr_OpenUser ( b , mem_ctx ,
2008-02-01 13:57:53 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
rid ,
2011-01-18 13:35:50 +03:00
& user_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2006-02-04 01:19:41 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:35:50 +03:00
status = result ;
2006-02-04 01:19:41 +03:00
goto done ;
}
2011-01-18 13:35:50 +03:00
status = fn ( c , mem_ctx , ctx , pipe_hnd , & user_pol , argc - 1 , argv + 1 ) ;
2006-02-04 01:19:41 +03:00
done :
if ( is_valid_policy_hnd ( & user_pol ) ) {
2011-01-18 13:35:50 +03:00
dcerpc_samr_Close ( b , mem_ctx , & user_pol , & result ) ;
2006-02-04 01:19:41 +03:00
}
if ( is_valid_policy_hnd ( & domain_pol ) ) {
2011-01-18 13:35:50 +03:00
dcerpc_samr_Close ( b , mem_ctx , & domain_pol , & result ) ;
2006-02-04 01:19:41 +03:00
}
if ( is_valid_policy_hnd ( & connect_pol ) ) {
2011-01-18 13:35:50 +03:00
dcerpc_samr_Close ( b , mem_ctx , & connect_pol , & result ) ;
2006-02-04 01:19:41 +03:00
}
2011-01-18 13:35:50 +03:00
return status ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_show_internals ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
2009-03-19 00:49:41 +03:00
struct policy_handle * user_hnd ,
2006-02-04 01:19:41 +03:00
int argc , const char * * argv )
{
2011-01-18 13:36:48 +03:00
NTSTATUS status , result ;
2008-02-12 20:13:30 +03:00
union samr_UserInfo * info = NULL ;
2011-01-18 13:36:48 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2006-02-04 01:19:41 +03:00
if ( argc ! = 0 ) {
2010-01-19 13:43:54 +03:00
d_fprintf ( stderr , " %s %s show <username> \n " , _ ( " Usage: " ) ,
ctx - > whoami ) ;
2006-02-04 01:19:41 +03:00
return NT_STATUS_INVALID_PARAMETER ;
}
2011-01-18 13:36:48 +03:00
status = dcerpc_samr_QueryUserInfo ( b , mem_ctx ,
2008-02-13 16:10:10 +03:00
user_hnd ,
2008-02-12 20:13:30 +03:00
21 ,
2011-01-18 13:36:48 +03:00
& info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2006-02-04 01:19:41 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
return result ;
}
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " user rid: %d, group rid: %d \n " ) ,
2008-02-12 20:13:30 +03:00
info - > info21 . rid ,
info - > info21 . primary_gid ) ;
2006-02-04 01:19:41 +03:00
return result ;
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_show ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-05-10 01:22:12 +04:00
return rpc_sh_handle_user ( c , mem_ctx , ctx , pipe_hnd , argc , argv ,
2006-02-04 01:19:41 +03:00
rpc_sh_user_show_internals ) ;
}
# define FETCHSTR(name, rec) \
do { if ( strequal ( ctx - > thiscmd , name ) ) { \
2008-02-12 20:13:30 +03:00
oldval = talloc_strdup ( mem_ctx , info - > info21 . rec . string ) ; } \
2006-02-04 01:19:41 +03:00
} while ( 0 ) ;
# define SETSTR(name, rec, flag) \
do { if ( strequal ( ctx - > thiscmd , name ) ) { \
2008-02-12 02:51:51 +03:00
init_lsa_String ( & ( info - > info21 . rec ) , argv [ 0 ] ) ; \
info - > info21 . fields_present | = SAMR_FIELD_ # # flag ; } \
2006-02-04 01:19:41 +03:00
} while ( 0 ) ;
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_str_edit_internals ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
2009-03-19 00:49:41 +03:00
struct policy_handle * user_hnd ,
2006-02-04 01:19:41 +03:00
int argc , const char * * argv )
{
2011-01-18 13:37:52 +03:00
NTSTATUS status , result ;
2006-02-04 01:19:41 +03:00
const char * username ;
const char * oldval = " " ;
2008-02-12 20:13:30 +03:00
union samr_UserInfo * info = NULL ;
2011-01-18 13:37:52 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2006-02-04 01:19:41 +03:00
if ( argc > 1 ) {
2010-01-19 13:43:54 +03:00
d_fprintf ( stderr , " %s %s <username> [new value|NULL] \n " ,
_ ( " Usage: " ) , ctx - > whoami ) ;
2006-02-04 01:19:41 +03:00
return NT_STATUS_INVALID_PARAMETER ;
}
2011-01-18 13:37:52 +03:00
status = dcerpc_samr_QueryUserInfo ( b , mem_ctx ,
2008-02-13 16:10:10 +03:00
user_hnd ,
2008-02-12 20:13:30 +03:00
21 ,
2011-01-18 13:37:52 +03:00
& info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2006-02-04 01:19:41 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
return result ;
}
2008-02-12 20:13:30 +03:00
username = talloc_strdup ( mem_ctx , info - > info21 . account_name . string ) ;
2006-02-04 01:19:41 +03:00
FETCHSTR ( " fullname " , full_name ) ;
2008-02-12 20:13:30 +03:00
FETCHSTR ( " homedir " , home_directory ) ;
FETCHSTR ( " homedrive " , home_drive ) ;
2006-02-04 01:19:41 +03:00
FETCHSTR ( " logonscript " , logon_script ) ;
FETCHSTR ( " profilepath " , profile_path ) ;
2008-02-12 20:13:30 +03:00
FETCHSTR ( " description " , description ) ;
2006-02-04 01:19:41 +03:00
if ( argc = = 0 ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " %s's %s: [%s] \n " ) , username , ctx - > thiscmd , oldval ) ;
2006-02-04 01:19:41 +03:00
goto done ;
}
if ( strcmp ( argv [ 0 ] , " NULL " ) = = 0 ) {
argv [ 0 ] = " " ;
}
2008-02-12 02:51:51 +03:00
ZERO_STRUCT ( info - > info21 ) ;
2006-02-04 01:19:41 +03:00
SETSTR ( " fullname " , full_name , FULL_NAME ) ;
2008-02-12 02:51:51 +03:00
SETSTR ( " homedir " , home_directory , HOME_DIRECTORY ) ;
SETSTR ( " homedrive " , home_drive , HOME_DRIVE ) ;
2006-02-04 01:19:41 +03:00
SETSTR ( " logonscript " , logon_script , LOGON_SCRIPT ) ;
2008-02-12 02:07:41 +03:00
SETSTR ( " profilepath " , profile_path , PROFILE_PATH ) ;
2008-02-12 02:51:51 +03:00
SETSTR ( " description " , description , DESCRIPTION ) ;
2006-02-04 01:19:41 +03:00
2011-01-18 13:37:52 +03:00
status = dcerpc_samr_SetUserInfo ( b , mem_ctx ,
2008-02-13 16:10:10 +03:00
user_hnd ,
2008-02-12 02:51:51 +03:00
21 ,
2011-01-18 13:37:52 +03:00
info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
status = result ;
2006-02-04 01:19:41 +03:00
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Set %s's %s from [%s] to [%s] \n " ) , username ,
2006-02-04 01:19:41 +03:00
ctx - > thiscmd , oldval , argv [ 0 ] ) ;
done :
2011-01-18 13:37:52 +03:00
return status ;
2006-02-04 01:19:41 +03:00
}
# define HANDLEFLG(name, rec) \
do { if ( strequal ( ctx - > thiscmd , name ) ) { \
oldval = ( oldflags & ACB_ # # rec ) ? " yes " : " no " ; \
if ( newval ) { \
newflags = oldflags | ACB_ # # rec ; \
} else { \
newflags = oldflags & ~ ACB_ # # rec ; \
} } } while ( 0 ) ;
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_str_edit ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-05-10 01:22:12 +04:00
return rpc_sh_handle_user ( c , mem_ctx , ctx , pipe_hnd , argc , argv ,
2006-02-04 01:19:41 +03:00
rpc_sh_user_str_edit_internals ) ;
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_flag_edit_internals ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
2009-03-19 00:49:41 +03:00
struct policy_handle * user_hnd ,
2006-02-04 01:19:41 +03:00
int argc , const char * * argv )
{
2011-01-18 13:38:53 +03:00
NTSTATUS status , result ;
2006-02-04 01:19:41 +03:00
const char * username ;
const char * oldval = " unknown " ;
2015-05-07 03:00:06 +03:00
uint32_t oldflags , newflags ;
2007-10-19 04:40:25 +04:00
bool newval ;
2008-02-12 20:13:30 +03:00
union samr_UserInfo * info = NULL ;
2011-01-18 13:38:53 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2006-02-04 01:19:41 +03:00
if ( ( argc > 1 ) | |
( ( argc = = 1 ) & & ! strequal ( argv [ 0 ] , " yes " ) & &
! strequal ( argv [ 0 ] , " no " ) ) ) {
2023-09-05 07:04:18 +03:00
/* TRANSLATORS: The yes|no here are program keywords. Please do
2009-08-04 10:28:50 +04:00
not translate . */
2010-01-19 11:23:42 +03:00
d_fprintf ( stderr , _ ( " Usage: %s <username> [yes|no] \n " ) ,
2006-02-04 01:19:41 +03:00
ctx - > whoami ) ;
return NT_STATUS_INVALID_PARAMETER ;
}
newval = strequal ( argv [ 0 ] , " yes " ) ;
2011-01-18 13:38:53 +03:00
status = dcerpc_samr_QueryUserInfo ( b , mem_ctx ,
2008-02-13 16:10:10 +03:00
user_hnd ,
2008-02-12 20:13:30 +03:00
21 ,
2011-01-18 13:38:53 +03:00
& info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2006-02-04 01:19:41 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
return result ;
}
2008-02-12 20:13:30 +03:00
username = talloc_strdup ( mem_ctx , info - > info21 . account_name . string ) ;
oldflags = info - > info21 . acct_flags ;
newflags = info - > info21 . acct_flags ;
2006-02-04 01:19:41 +03:00
HANDLEFLG ( " disabled " , DISABLED ) ;
HANDLEFLG ( " pwnotreq " , PWNOTREQ ) ;
HANDLEFLG ( " autolock " , AUTOLOCK ) ;
HANDLEFLG ( " pwnoexp " , PWNOEXP ) ;
if ( argc = = 0 ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " %s's %s flag: %s \n " ) , username , ctx - > thiscmd ,
oldval ) ;
2006-02-04 01:19:41 +03:00
goto done ;
}
2008-02-12 02:51:51 +03:00
ZERO_STRUCT ( info - > info21 ) ;
2006-02-04 01:19:41 +03:00
2008-02-12 02:51:51 +03:00
info - > info21 . acct_flags = newflags ;
info - > info21 . fields_present = SAMR_FIELD_ACCT_FLAGS ;
2006-02-04 01:19:41 +03:00
2011-01-18 13:38:53 +03:00
status = dcerpc_samr_SetUserInfo ( b , mem_ctx ,
2008-02-13 16:10:10 +03:00
user_hnd ,
2008-02-12 02:51:51 +03:00
21 ,
2011-01-18 13:38:53 +03:00
info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
status = result ;
2006-02-04 01:19:41 +03:00
if ( NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Set %s's %s flag from [%s] to [%s] \n " ) , username ,
2006-02-04 01:19:41 +03:00
ctx - > thiscmd , oldval , argv [ 0 ] ) ;
}
done :
2011-01-18 13:38:53 +03:00
return status ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_user_flag_edit ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-05-10 01:22:12 +04:00
return rpc_sh_handle_user ( c , mem_ctx , ctx , pipe_hnd , argc , argv ,
2006-02-04 01:19:41 +03:00
rpc_sh_user_flag_edit_internals ) ;
}
2008-05-10 01:22:12 +04:00
struct rpc_sh_cmd * net_rpc_user_edit_cmds ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx )
{
static struct rpc_sh_cmd cmds [ ] = {
2012-01-10 14:53:42 +04:00
{ " fullname " , NULL , & ndr_table_samr , rpc_sh_user_str_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set a user's full name " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " homedir " , NULL , & ndr_table_samr , rpc_sh_user_str_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set a user's home directory " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " homedrive " , NULL , & ndr_table_samr , rpc_sh_user_str_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set a user's home drive " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " logonscript " , NULL , & ndr_table_samr , rpc_sh_user_str_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set a user's logon script " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " profilepath " , NULL , & ndr_table_samr , rpc_sh_user_str_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set a user's profile path " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " description " , NULL , & ndr_table_samr , rpc_sh_user_str_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set a user's description " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " disabled " , NULL , & ndr_table_samr , rpc_sh_user_flag_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set whether a user is disabled " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " autolock " , NULL , & ndr_table_samr , rpc_sh_user_flag_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set whether a user locked out " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " pwnotreq " , NULL , & ndr_table_samr , rpc_sh_user_flag_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set whether a user does not need a password " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " pwnoexp " , NULL , & ndr_table_samr , rpc_sh_user_flag_edit ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Set whether a user's password does not expire " ) } ,
2006-02-04 01:19:41 +03:00
2009-11-08 21:37:26 +03:00
{ NULL , NULL , 0 , NULL , NULL }
2006-02-04 01:19:41 +03:00
} ;
return cmds ;
}
2008-05-10 01:22:12 +04:00
struct rpc_sh_cmd * net_rpc_user_cmds ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx )
{
static struct rpc_sh_cmd cmds [ ] = {
2012-01-10 14:53:42 +04:00
{ " list " , NULL , & ndr_table_samr , rpc_sh_user_list ,
2009-11-08 21:37:26 +03:00
N_ ( " List available users " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " info " , NULL , & ndr_table_samr , rpc_sh_user_info ,
2009-08-04 10:28:50 +04:00
N_ ( " List the domain groups a user is member of " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " show " , NULL , & ndr_table_samr , rpc_sh_user_show ,
2009-08-04 10:28:50 +04:00
N_ ( " Show info about a user " ) } ,
2006-02-04 01:19:41 +03:00
2009-11-08 21:37:26 +03:00
{ " edit " , net_rpc_user_edit_cmds , 0 , NULL ,
2009-08-04 10:28:50 +04:00
N_ ( " Show/Modify a user's fields " ) } ,
2006-02-04 01:19:41 +03:00
2009-11-08 21:37:26 +03:00
{ NULL , NULL , 0 , NULL , NULL }
2006-02-04 01:19:41 +03:00
} ;
return cmds ;
2006-05-17 15:14:26 +04:00
}
2006-02-04 01:19:41 +03:00
2001-12-31 16:00:59 +03:00
/****************************************************************************/
2002-07-15 14:35:28 +04:00
/**
2008-06-12 12:55:55 +04:00
* Basic usage function for ' net rpc group ' .
2002-07-15 14:35:28 +04:00
* @ param argc Standard main ( ) style argc .
2008-06-12 12:55:55 +04:00
* @ param argv Standard main ( ) style argv . Initial components are already
2002-07-15 14:35:28 +04:00
* stripped .
* */
2001-12-31 16:00:59 +03:00
2008-05-10 01:22:12 +04:00
static int rpc_group_usage ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-05-13 15:44:28 +04:00
return net_group_usage ( c , argc , argv ) ;
2002-07-15 14:35:28 +04:00
}
2001-12-31 16:00:59 +03:00
2004-04-19 00:22:31 +04:00
/**
2008-06-12 12:55:55 +04:00
* Delete group on a remote RPC server .
2004-04-19 00:22:31 +04:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2004-04-19 00:22:31 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2004-04-19 00:22:31 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-04-19 00:22:31 +04:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-08 13:23:38 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_group_delete_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2005-09-30 21:13:37 +04:00
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2004-04-19 00:22:31 +04:00
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol , group_pol , user_pol ;
2008-05-12 13:53:23 +04:00
bool group_is_primary = false ;
2011-01-18 13:43:15 +03:00
NTSTATUS status , result ;
2008-02-08 16:50:04 +03:00
uint32_t group_rid ;
2010-10-07 15:01:29 +04:00
struct samr_RidAttrArray * rids = NULL ;
2004-04-19 00:22:31 +04:00
/* char **names; */
2021-07-25 11:22:37 +03:00
uint32_t i ;
2009-02-05 02:19:39 +03:00
/* struct samr_RidWithAttribute *user_gids; */
2011-01-18 13:43:15 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-04-19 00:22:31 +04:00
2008-02-08 16:50:04 +03:00
struct samr_Ids group_rids , name_types ;
struct lsa_String lsa_acct_name ;
2008-02-12 20:13:30 +03:00
union samr_UserInfo * info = NULL ;
2008-02-08 16:50:04 +03:00
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_group_usage ( c , argc , argv ) ;
2004-04-19 00:22:31 +04:00
return NT_STATUS_OK ; /* ok? */
}
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:43:15 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Request samr_Connect2 failed \n " ) ) ;
goto done ;
}
2004-04-19 00:22:31 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:43:15 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Request samr_Connect2 failed \n " ) ) ;
2011-01-18 13:43:15 +03:00
goto done ;
2004-04-19 00:22:31 +04:00
}
2008-02-01 13:12:05 +03:00
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , domain_sid ) ,
2011-01-18 13:43:15 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Request open_domain failed \n " ) ) ;
goto done ;
}
2008-02-01 13:12:05 +03:00
2004-04-19 00:22:31 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:43:15 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Request open_domain failed \n " ) ) ;
2011-01-18 13:43:15 +03:00
goto done ;
2004-04-19 00:22:31 +04:00
}
2008-02-08 16:50:04 +03:00
init_lsa_String ( & lsa_acct_name , argv [ 0 ] ) ;
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_LookupNames ( b , mem_ctx ,
2008-02-08 16:50:04 +03:00
& domain_pol ,
1 ,
& lsa_acct_name ,
& group_rids ,
2011-01-18 13:43:15 +03:00
& name_types ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Lookup of '%s' failed \n " ) , argv [ 0 ] ) ;
goto done ;
}
2004-04-19 00:22:31 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:43:15 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Lookup of '%s' failed \n " ) , argv [ 0 ] ) ;
2011-01-18 13:43:15 +03:00
goto done ;
2004-04-19 00:22:31 +04:00
}
2013-11-08 09:40:55 +04:00
if ( group_rids . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
if ( name_types . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
2004-04-19 00:22:31 +04:00
2008-02-08 16:50:04 +03:00
switch ( name_types . ids [ 0 ] )
2004-04-19 00:22:31 +04:00
{
case SID_NAME_DOM_GRP :
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_OpenGroup ( b , mem_ctx ,
2008-02-01 13:24:01 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2008-02-08 16:50:04 +03:00
group_rids . ids [ 0 ] ,
2011-01-18 13:43:15 +03:00
& group_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Request open_group failed " ) ) ;
goto done ;
}
2004-04-19 00:22:31 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:43:15 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Request open_group failed " ) ) ;
2011-01-18 13:43:15 +03:00
goto done ;
2004-04-19 00:22:31 +04:00
}
2008-02-08 16:50:04 +03:00
group_rid = group_rids . ids [ 0 ] ;
2008-02-05 12:58:37 +03:00
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_QueryGroupMember ( b , mem_ctx ,
2008-02-05 12:58:37 +03:00
& group_pol ,
2011-01-18 13:43:15 +03:00
& rids ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr ,
_ ( " Unable to query group members of %s " ) ,
argv [ 0 ] ) ;
goto done ;
}
2008-02-05 12:58:37 +03:00
2004-04-19 00:22:31 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:43:15 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Unable to query group members of %s " ) ,
argv [ 0 ] ) ;
2011-01-18 13:43:15 +03:00
goto done ;
2004-04-19 00:22:31 +04:00
}
2008-05-08 13:23:38 +04:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_verbose ) {
2009-08-04 10:28:50 +04:00
d_printf (
_ ( " Domain Group %s (rid: %d) has %d members \n " ) ,
2008-02-05 12:58:37 +03:00
argv [ 0 ] , group_rid , rids - > count ) ;
2004-04-19 00:22:31 +04:00
}
/* Check if group is anyone's primary group */
2008-02-05 12:58:37 +03:00
for ( i = 0 ; i < rids - > count ; i + + )
2004-04-19 00:22:31 +04:00
{
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_OpenUser ( b , mem_ctx ,
2008-02-01 13:57:53 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2008-02-05 12:58:37 +03:00
rids - > rids [ i ] ,
2011-01-18 13:43:15 +03:00
& user_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr ,
_ ( " Unable to open group member %d \n " ) ,
rids - > rids [ i ] ) ;
goto done ;
}
2008-05-08 13:23:38 +04:00
2011-01-18 13:43:15 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Unable to open group member %d \n " ) ,
2008-02-05 12:58:37 +03:00
rids - > rids [ i ] ) ;
2011-01-18 13:43:15 +03:00
goto done ;
}
2004-04-19 00:22:31 +04:00
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_QueryUserInfo ( b , mem_ctx ,
2008-02-12 20:13:30 +03:00
& user_pol ,
21 ,
2011-01-18 13:43:15 +03:00
& info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr ,
_ ( " Unable to lookup userinfo for group "
" member %d \n " ) ,
rids - > rids [ i ] ) ;
goto done ;
}
2008-02-12 20:13:30 +03:00
2011-01-18 13:43:15 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Unable to lookup userinfo for group "
" member %d \n " ) ,
2008-02-05 12:58:37 +03:00
rids - > rids [ i ] ) ;
2011-01-18 13:43:15 +03:00
goto done ;
}
2008-02-12 20:13:30 +03:00
if ( info - > info21 . primary_gid = = group_rid ) {
2008-05-10 01:22:12 +04:00
if ( c - > opt_verbose ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Group is primary group "
" of %s \n " ) ,
2008-02-12 20:13:30 +03:00
info - > info21 . account_name . string ) ;
}
2008-05-12 13:53:23 +04:00
group_is_primary = true ;
2004-04-19 00:22:31 +04:00
}
2011-01-18 13:43:15 +03:00
dcerpc_samr_Close ( b , mem_ctx , & user_pol , & result ) ;
2004-04-19 00:22:31 +04:00
}
2008-05-08 13:23:38 +04:00
2004-04-19 00:22:31 +04:00
if ( group_is_primary ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Unable to delete group because "
" some of it's members have it as primary "
" group \n " ) ) ;
2011-01-18 13:43:15 +03:00
status = NT_STATUS_MEMBERS_PRIMARY_GROUP ;
2004-04-19 00:22:31 +04:00
goto done ;
}
2008-05-08 13:23:38 +04:00
2004-04-19 00:22:31 +04:00
/* remove all group members */
2008-02-05 12:58:37 +03:00
for ( i = 0 ; i < rids - > count ; i + + )
2004-04-19 00:22:31 +04:00
{
2008-05-10 01:22:12 +04:00
if ( c - > opt_verbose )
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Remove group member %d... " ) ,
2008-02-05 12:58:37 +03:00
rids - > rids [ i ] ) ;
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_DeleteGroupMember ( b , mem_ctx ,
2008-02-04 20:13:07 +03:00
& group_pol ,
2011-01-18 13:43:15 +03:00
rids - > rids [ i ] ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
status = result ;
2004-04-19 00:22:31 +04:00
if ( NT_STATUS_IS_OK ( result ) ) {
2008-05-10 01:22:12 +04:00
if ( c - > opt_verbose )
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " ok \n " ) ) ;
2004-04-19 00:22:31 +04:00
} else {
2008-05-10 01:22:12 +04:00
if ( c - > opt_verbose )
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n " , _ ( " failed " ) ) ;
2004-04-19 00:22:31 +04:00
goto done ;
2008-05-08 13:23:38 +04:00
}
2004-04-19 00:22:31 +04:00
}
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_DeleteDomainGroup ( b , mem_ctx ,
& group_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
break ;
}
status = result ;
2004-04-19 00:22:31 +04:00
break ;
/* removing a local group is easier... */
case SID_NAME_ALIAS :
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_OpenAlias ( b , mem_ctx ,
2008-02-01 13:38:29 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2008-02-08 16:50:04 +03:00
group_rids . ids [ 0 ] ,
2011-01-18 13:43:15 +03:00
& group_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Request open_alias failed \n " ) ) ;
goto done ;
}
2004-04-19 00:22:31 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:43:15 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Request open_alias failed \n " ) ) ;
2011-01-18 13:43:15 +03:00
goto done ;
2004-04-19 00:22:31 +04:00
}
2008-02-01 03:22:22 +03:00
2011-01-18 13:43:15 +03:00
status = dcerpc_samr_DeleteDomAlias ( b , mem_ctx ,
& group_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
break ;
}
status = result ;
2004-04-19 00:22:31 +04:00
break ;
default :
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " %s is of type %s. This command is only "
" for deleting local or global groups \n " ) ,
2008-02-08 16:50:04 +03:00
argv [ 0 ] , sid_type_lookup ( name_types . ids [ 0 ] ) ) ;
2011-01-18 13:43:15 +03:00
status = NT_STATUS_UNSUCCESSFUL ;
2004-04-19 00:22:31 +04:00
goto done ;
}
2008-05-08 13:23:38 +04:00
2011-01-18 13:43:15 +03:00
if ( NT_STATUS_IS_OK ( status ) ) {
2008-05-10 01:22:12 +04:00
if ( c - > opt_verbose )
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Deleted %s '%s' \n " ) ,
sid_type_lookup ( name_types . ids [ 0 ] ) , argv [ 0 ] ) ;
2004-04-19 00:22:31 +04:00
} else {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Deleting of %s failed: %s \n " ) , argv [ 0 ] ,
2011-01-18 13:43:15 +03:00
get_friendly_nt_error_msg ( status ) ) ;
2004-04-19 00:22:31 +04:00
}
2008-05-08 13:23:38 +04:00
2004-04-19 00:22:31 +04:00
done :
2011-01-18 13:43:15 +03:00
return status ;
2008-05-08 13:23:38 +04:00
2004-04-19 00:22:31 +04:00
}
2008-05-10 01:22:12 +04:00
static int rpc_group_delete ( struct net_context * c , int argc , const char * * argv )
2004-04-19 00:22:31 +04:00
{
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2008-07-20 20:36:31 +04:00
rpc_group_delete_internals , argc , argv ) ;
2004-04-19 00:22:31 +04:00
}
2008-05-28 16:57:35 +04:00
static int rpc_group_add_internals ( struct net_context * c , int argc , const char * * argv )
2004-02-24 21:00:41 +03:00
{
2008-05-28 16:57:35 +04:00
NET_API_STATUS status ;
struct GROUP_INFO_1 info1 ;
uint32_t parm_error = 0 ;
2004-02-24 21:00:41 +03:00
2008-05-21 12:27:59 +04:00
if ( argc ! = 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_group_usage ( c , argc , argv ) ;
2008-05-28 16:57:35 +04:00
return 0 ;
2004-02-24 21:00:41 +03:00
}
2008-05-28 16:57:35 +04:00
ZERO_STRUCT ( info1 ) ;
2004-02-24 21:00:41 +03:00
2008-05-28 16:57:35 +04:00
info1 . grpi1_name = argv [ 0 ] ;
if ( c - > opt_comment & & strlen ( c - > opt_comment ) > 0 ) {
info1 . grpi1_comment = c - > opt_comment ;
}
2004-02-24 21:00:41 +03:00
2008-05-28 16:57:35 +04:00
status = NetGroupAdd ( c - > opt_host , 1 , ( uint8_t * ) & info1 , & parm_error ) ;
2008-05-08 13:23:38 +04:00
2008-05-28 16:57:35 +04:00
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Failed to add group '%s' with error: %s. \n " ) ,
2008-05-28 16:57:35 +04:00
argv [ 0 ] , libnetapi_get_error_string ( c - > netapi_ctx ,
status ) ) ;
return - 1 ;
} else {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Added group '%s'. \n " ) , argv [ 0 ] ) ;
2008-05-28 16:57:35 +04:00
}
2004-02-24 21:00:41 +03:00
2008-05-28 16:57:35 +04:00
return 0 ;
2004-02-24 21:00:41 +03:00
}
2008-07-31 17:12:09 +04:00
static int rpc_alias_add_internals ( struct net_context * c , int argc , const char * * argv )
2004-02-28 21:41:16 +03:00
{
2008-07-31 17:12:09 +04:00
NET_API_STATUS status ;
struct LOCALGROUP_INFO_1 info1 ;
uint32_t parm_error = 0 ;
2004-02-28 21:41:16 +03:00
2008-05-21 12:27:59 +04:00
if ( argc ! = 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
rpc_group_usage ( c , argc , argv ) ;
2008-07-31 17:12:09 +04:00
return 0 ;
2004-02-28 21:41:16 +03:00
}
2008-07-31 17:12:09 +04:00
ZERO_STRUCT ( info1 ) ;
2008-02-06 15:16:04 +03:00
2008-07-31 17:12:09 +04:00
info1 . lgrpi1_name = argv [ 0 ] ;
if ( c - > opt_comment & & strlen ( c - > opt_comment ) > 0 ) {
info1 . lgrpi1_comment = c - > opt_comment ;
}
2004-02-28 21:41:16 +03:00
2008-07-31 17:12:09 +04:00
status = NetLocalGroupAdd ( c - > opt_host , 1 , ( uint8_t * ) & info1 , & parm_error ) ;
2008-05-08 13:23:38 +04:00
2008-07-31 17:12:09 +04:00
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr ,
_ ( " Failed to add alias '%s' with error: %s. \n " ) ,
2008-07-31 17:12:09 +04:00
argv [ 0 ] , libnetapi_get_error_string ( c - > netapi_ctx ,
status ) ) ;
return - 1 ;
} else {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Added alias '%s'. \n " ) , argv [ 0 ] ) ;
2008-07-31 17:12:09 +04:00
}
2004-02-28 21:41:16 +03:00
2008-07-31 17:12:09 +04:00
return 0 ;
2004-02-28 21:41:16 +03:00
}
2008-05-10 01:22:12 +04:00
static int rpc_group_add ( struct net_context * c , int argc , const char * * argv )
2004-02-24 21:00:41 +03:00
{
2008-05-10 01:22:12 +04:00
if ( c - > opt_localgroup )
2008-07-31 17:12:09 +04:00
return rpc_alias_add_internals ( c , argc , argv ) ;
2004-02-28 21:41:16 +03:00
2008-05-28 16:57:35 +04:00
return rpc_group_add_internals ( c , argc , argv ) ;
2004-02-24 21:00:41 +03:00
}
2005-09-30 21:13:37 +04:00
static NTSTATUS get_sid_from_name ( struct cli_state * cli ,
TALLOC_CTX * mem_ctx ,
const char * name ,
2010-05-21 05:25:01 +04:00
struct dom_sid * sid ,
2006-09-08 18:28:06 +04:00
enum lsa_SidType * type )
2004-02-28 21:41:16 +03:00
{
2010-05-21 05:25:01 +04:00
struct dom_sid * sids = NULL ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType * types = NULL ;
2009-03-20 13:04:59 +03:00
struct rpc_pipe_client * pipe_hnd = NULL ;
2009-03-19 00:49:41 +03:00
struct policy_handle lsa_pol ;
2011-01-18 19:25:02 +03:00
NTSTATUS status , result ;
struct dcerpc_binding_handle * b ;
2004-02-28 21:41:16 +03:00
2013-05-24 15:29:28 +04:00
status = cli_rpc_pipe_open_noauth ( cli , & ndr_table_lsarpc ,
2008-07-20 13:04:31 +04:00
& pipe_hnd ) ;
2011-01-18 19:25:02 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2005-09-30 21:13:37 +04:00
goto done ;
2004-02-28 21:41:16 +03:00
}
2011-01-18 19:25:02 +03:00
b = pipe_hnd - > binding_handle ;
status = rpccli_lsa_open_policy ( pipe_hnd , mem_ctx , false ,
2009-04-15 03:12:13 +04:00
SEC_FLAG_MAXIMUM_ALLOWED , & lsa_pol ) ;
2004-02-28 21:41:16 +03:00
2011-01-18 19:25:02 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-02-28 21:41:16 +03:00
goto done ;
2005-09-30 21:13:37 +04:00
}
2004-02-28 21:41:16 +03:00
2011-01-18 19:25:02 +03:00
status = rpccli_lsa_lookup_names ( pipe_hnd , mem_ctx , & lsa_pol , 1 ,
2007-06-27 15:42:17 +04:00
& name , NULL , 1 , & sids , & types ) ;
2004-02-28 21:41:16 +03:00
2011-01-18 19:25:02 +03:00
if ( NT_STATUS_IS_OK ( status ) ) {
2004-02-28 21:41:16 +03:00
sid_copy ( sid , & sids [ 0 ] ) ;
* type = types [ 0 ] ;
}
2011-01-18 19:25:02 +03:00
dcerpc_lsa_Close ( b , mem_ctx , & lsa_pol , & result ) ;
2004-02-28 21:41:16 +03:00
done :
2005-09-30 21:13:37 +04:00
if ( pipe_hnd ) {
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( pipe_hnd ) ;
2004-02-28 21:41:16 +03:00
}
2011-05-13 22:23:36 +04:00
if ( ! NT_STATUS_IS_OK ( status ) & & ( strncasecmp_m ( name , " S- " , 2 ) = = 0 ) ) {
2004-02-28 21:41:16 +03:00
/* Try as S-1-5-whatever */
2010-05-21 05:25:01 +04:00
struct dom_sid tmp_sid ;
2004-02-28 21:41:16 +03:00
if ( string_to_sid ( & tmp_sid , name ) ) {
sid_copy ( sid , & tmp_sid ) ;
* type = SID_NAME_UNKNOWN ;
2011-01-18 19:25:02 +03:00
status = NT_STATUS_OK ;
2004-02-28 21:41:16 +03:00
}
}
2011-01-18 19:25:02 +03:00
return status ;
2004-02-28 21:41:16 +03:00
}
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_add_groupmem ( struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * group_sid ,
2005-09-30 21:13:37 +04:00
const char * member )
2004-02-28 21:41:16 +03:00
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol ;
2011-01-18 13:44:42 +03:00
NTSTATUS status , result ;
2015-05-07 03:00:06 +03:00
uint32_t group_rid ;
2009-03-19 00:49:41 +03:00
struct policy_handle group_pol ;
2011-01-18 13:44:42 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-02-28 21:41:16 +03:00
2008-02-08 16:50:04 +03:00
struct samr_Ids rids , rid_types ;
struct lsa_String lsa_acct_name ;
2004-02-28 21:41:16 +03:00
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2004-02-28 21:41:16 +03:00
sid_copy ( & sid , group_sid ) ;
2005-09-30 21:13:37 +04:00
if ( ! sid_split_rid ( & sid , & group_rid ) ) {
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
2005-09-30 21:13:37 +04:00
}
2004-02-28 21:41:16 +03:00
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
2011-01-18 13:44:42 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:44:42 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2005-09-30 21:13:37 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-28 21:41:16 +03:00
return result ;
2005-09-30 21:13:37 +04:00
}
2008-02-01 13:12:05 +03:00
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
2011-01-18 13:44:42 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
& sid ,
2011-01-18 13:44:42 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2005-09-30 21:13:37 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-28 21:41:16 +03:00
return result ;
2005-09-30 21:13:37 +04:00
}
2004-02-28 21:41:16 +03:00
2008-02-08 16:50:04 +03:00
init_lsa_String ( & lsa_acct_name , member ) ;
2011-01-18 13:44:42 +03:00
status = dcerpc_samr_LookupNames ( b , mem_ctx ,
2008-02-08 16:50:04 +03:00
& domain_pol ,
1 ,
& lsa_acct_name ,
& rids ,
2011-01-18 13:44:42 +03:00
& rid_types ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Could not lookup up group member %s \n " ) ,
member ) ;
goto done ;
}
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:44:42 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not lookup up group member %s \n " ) ,
member ) ;
2004-02-28 21:41:16 +03:00
goto done ;
}
2013-11-08 09:40:55 +04:00
if ( rids . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
if ( rid_types . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:44:42 +03:00
status = dcerpc_samr_OpenGroup ( b , mem_ctx ,
2008-02-01 13:24:01 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
group_rid ,
2011-01-18 13:44:42 +03:00
& group_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-02-28 21:41:16 +03:00
2005-09-30 21:13:37 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:44:42 +03:00
status = result ;
2004-02-28 21:41:16 +03:00
goto done ;
2005-09-30 21:13:37 +04:00
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:44:42 +03:00
status = dcerpc_samr_AddGroupMember ( b , mem_ctx ,
2008-02-04 20:45:07 +03:00
& group_pol ,
2008-02-08 16:50:04 +03:00
rids . ids [ 0 ] ,
2011-01-18 13:44:42 +03:00
0x0005 , /* unknown flags */
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
status = result ;
2004-02-28 21:41:16 +03:00
done :
2011-01-18 13:44:42 +03:00
dcerpc_samr_Close ( b , mem_ctx , & connect_pol , & result ) ;
return status ;
2004-02-28 21:41:16 +03:00
}
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_add_aliasmem ( struct rpc_pipe_client * pipe_hnd ,
2013-09-13 13:11:55 +04:00
struct cli_state * cli ,
TALLOC_CTX * mem_ctx ,
const struct dom_sid * alias_sid ,
const char * member )
2004-02-28 21:41:16 +03:00
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol ;
2011-01-18 13:56:12 +03:00
NTSTATUS status , result ;
2015-05-07 03:00:06 +03:00
uint32_t alias_rid ;
2009-03-19 00:49:41 +03:00
struct policy_handle alias_pol ;
2011-01-18 13:56:12 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-02-28 21:41:16 +03:00
2010-05-21 05:25:01 +04:00
struct dom_sid member_sid ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType member_type ;
2004-02-28 21:41:16 +03:00
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2004-02-28 21:41:16 +03:00
sid_copy ( & sid , alias_sid ) ;
2005-09-30 21:13:37 +04:00
if ( ! sid_split_rid ( & sid , & alias_rid ) ) {
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
2005-09-30 21:13:37 +04:00
}
2004-02-28 21:41:16 +03:00
2013-09-13 13:11:55 +04:00
result = get_sid_from_name ( cli , mem_ctx ,
2008-04-20 16:05:25 +04:00
member , & member_sid , & member_type ) ;
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not lookup up group member %s \n " ) ,
member ) ;
2004-02-28 21:41:16 +03:00
return result ;
}
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
2011-01-18 13:56:12 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:56:12 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:56:12 +03:00
status = result ;
2004-02-28 21:41:16 +03:00
goto done ;
}
2008-02-01 13:12:05 +03:00
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
2011-01-18 13:56:12 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
& sid ,
2011-01-18 13:56:12 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:56:12 +03:00
status = result ;
2004-02-28 21:41:16 +03:00
goto done ;
}
2011-01-18 13:56:12 +03:00
status = dcerpc_samr_OpenAlias ( b , mem_ctx ,
2008-02-01 13:38:29 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
alias_rid ,
2011-01-18 13:56:12 +03:00
& alias_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2005-09-30 21:13:37 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-28 21:41:16 +03:00
return result ;
2005-09-30 21:13:37 +04:00
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:56:12 +03:00
status = dcerpc_samr_AddAliasMember ( b , mem_ctx ,
2008-02-05 01:42:05 +03:00
& alias_pol ,
2011-01-18 13:56:12 +03:00
& member_sid ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
2005-09-30 21:13:37 +04:00
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:56:12 +03:00
status = result ;
2004-02-28 21:41:16 +03:00
done :
2011-01-18 13:56:12 +03:00
dcerpc_samr_Close ( b , mem_ctx , & connect_pol , & result ) ;
return status ;
2004-02-28 21:41:16 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_group_addmem_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2004-02-28 21:41:16 +03:00
{
2010-05-21 05:25:01 +04:00
struct dom_sid group_sid ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType group_type ;
2004-02-28 21:41:16 +03:00
2008-05-21 12:27:59 +04:00
if ( argc ! = 2 | | c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc group addmem <group> <member> \n "
2009-08-04 10:28:50 +04:00
" Add a member to a group \n "
" group \t Group to add member to \n "
" member \t Member to add to group \n " ) ) ;
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
}
if ( ! NT_STATUS_IS_OK ( get_sid_from_name ( cli , mem_ctx , argv [ 0 ] ,
& group_sid , & group_type ) ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not lookup group name %s \n " ) ,
argv [ 0 ] ) ;
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
}
if ( group_type = = SID_NAME_DOM_GRP ) {
2005-09-30 21:13:37 +04:00
NTSTATUS result = rpc_add_groupmem ( pipe_hnd , mem_ctx ,
2004-02-28 21:41:16 +03:00
& group_sid , argv [ 1 ] ) ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not add %s to %s: %s \n " ) ,
2004-02-28 21:41:16 +03:00
argv [ 1 ] , argv [ 0 ] , nt_errstr ( result ) ) ;
}
2004-02-29 19:34:33 +03:00
return result ;
2004-02-28 21:41:16 +03:00
}
if ( group_type = = SID_NAME_ALIAS ) {
2013-09-13 13:11:55 +04:00
NTSTATUS result = rpc_add_aliasmem ( pipe_hnd , cli , mem_ctx ,
2004-02-28 21:41:16 +03:00
& group_sid , argv [ 1 ] ) ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not add %s to %s: %s \n " ) ,
2004-02-28 21:41:16 +03:00
argv [ 1 ] , argv [ 0 ] , nt_errstr ( result ) ) ;
}
2004-02-29 19:34:33 +03:00
return result ;
2004-02-28 21:41:16 +03:00
}
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Can only add members to global or local groups "
" which %s is not \n " ) , argv [ 0 ] ) ;
2004-02-29 15:47:45 +03:00
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
}
2008-05-10 01:22:12 +04:00
static int rpc_group_addmem ( struct net_context * c , int argc , const char * * argv )
2004-02-28 21:41:16 +03:00
{
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2004-02-28 21:41:16 +03:00
rpc_group_addmem_internals ,
argc , argv ) ;
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_del_groupmem ( struct net_context * c ,
struct rpc_pipe_client * pipe_hnd ,
2005-09-30 21:13:37 +04:00
TALLOC_CTX * mem_ctx ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * group_sid ,
2005-09-30 21:13:37 +04:00
const char * member )
2004-02-28 21:41:16 +03:00
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol ;
2011-01-18 13:56:52 +03:00
NTSTATUS status , result ;
2015-05-07 03:00:06 +03:00
uint32_t group_rid ;
2009-03-19 00:49:41 +03:00
struct policy_handle group_pol ;
2011-01-18 13:56:52 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-02-28 21:41:16 +03:00
2008-02-08 16:50:04 +03:00
struct samr_Ids rids , rid_types ;
struct lsa_String lsa_acct_name ;
2004-02-28 21:41:16 +03:00
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2004-02-28 21:41:16 +03:00
sid_copy ( & sid , group_sid ) ;
if ( ! sid_split_rid ( & sid , & group_rid ) )
return NT_STATUS_UNSUCCESSFUL ;
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
2011-01-18 13:56:52 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:56:52 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-28 21:41:16 +03:00
return result ;
2011-01-18 13:56:52 +03:00
}
2008-02-01 13:12:05 +03:00
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
2011-01-18 13:56:52 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
& sid ,
2011-01-18 13:56:52 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-28 21:41:16 +03:00
return result ;
2011-01-18 13:56:52 +03:00
}
2004-02-28 21:41:16 +03:00
2008-02-08 16:50:04 +03:00
init_lsa_String ( & lsa_acct_name , member ) ;
2004-02-28 21:41:16 +03:00
2011-01-18 13:56:52 +03:00
status = dcerpc_samr_LookupNames ( b , mem_ctx ,
2008-02-08 16:50:04 +03:00
& domain_pol ,
1 ,
& lsa_acct_name ,
& rids ,
2011-01-18 13:56:52 +03:00
& rid_types ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Could not lookup up group member %s \n " ) ,
member ) ;
goto done ;
}
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:56:52 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not lookup up group member %s \n " ) ,
member ) ;
2004-02-28 21:41:16 +03:00
goto done ;
}
2013-11-08 09:40:55 +04:00
if ( rids . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
if ( rid_types . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:56:52 +03:00
status = dcerpc_samr_OpenGroup ( b , mem_ctx ,
2008-02-01 13:24:01 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
group_rid ,
2011-01-18 13:56:52 +03:00
& group_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
status = result ;
2004-02-28 21:41:16 +03:00
goto done ;
2011-01-18 13:56:52 +03:00
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:56:52 +03:00
status = dcerpc_samr_DeleteGroupMember ( b , mem_ctx ,
2008-02-04 20:13:07 +03:00
& group_pol ,
2011-01-18 13:56:52 +03:00
rids . ids [ 0 ] ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:56:52 +03:00
status = result ;
2004-02-28 21:41:16 +03:00
done :
2011-01-18 13:56:52 +03:00
dcerpc_samr_Close ( b , mem_ctx , & connect_pol , & result ) ;
return status ;
2004-02-28 21:41:16 +03:00
}
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_del_aliasmem ( struct rpc_pipe_client * pipe_hnd ,
2013-09-13 13:11:55 +04:00
struct cli_state * cli ,
TALLOC_CTX * mem_ctx ,
const struct dom_sid * alias_sid ,
const char * member )
2004-02-28 21:41:16 +03:00
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol ;
2011-01-18 13:57:33 +03:00
NTSTATUS status , result ;
2015-05-07 03:00:06 +03:00
uint32_t alias_rid ;
2009-03-19 00:49:41 +03:00
struct policy_handle alias_pol ;
2011-01-18 13:57:33 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-02-28 21:41:16 +03:00
2010-05-21 05:25:01 +04:00
struct dom_sid member_sid ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType member_type ;
2004-02-28 21:41:16 +03:00
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2004-02-28 21:41:16 +03:00
sid_copy ( & sid , alias_sid ) ;
if ( ! sid_split_rid ( & sid , & alias_rid ) )
return NT_STATUS_UNSUCCESSFUL ;
2013-09-13 13:11:55 +04:00
result = get_sid_from_name ( cli , mem_ctx ,
2008-04-20 16:05:25 +04:00
member , & member_sid , & member_type ) ;
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not lookup up group member %s \n " ) ,
member ) ;
2004-02-28 21:41:16 +03:00
return result ;
}
2008-02-04 21:43:07 +03:00
/* Get sam policy handle */
2011-01-18 13:57:33 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:57:33 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:57:33 +03:00
status = result ;
2004-02-28 21:41:16 +03:00
goto done ;
}
2008-02-01 13:12:05 +03:00
2004-02-28 21:41:16 +03:00
/* Get domain policy handle */
2011-01-18 13:57:33 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
& sid ,
2011-01-18 13:57:33 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-02-28 21:41:16 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:57:33 +03:00
status = result ;
2004-02-28 21:41:16 +03:00
goto done ;
}
2011-01-18 13:57:33 +03:00
status = dcerpc_samr_OpenAlias ( b , mem_ctx ,
2008-02-01 13:38:29 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
alias_rid ,
2011-01-18 13:57:33 +03:00
& alias_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:57:33 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-28 21:41:16 +03:00
return result ;
2011-01-18 13:57:33 +03:00
}
2004-02-28 21:41:16 +03:00
2011-01-18 13:57:33 +03:00
status = dcerpc_samr_DeleteAliasMember ( b , mem_ctx ,
2008-02-05 01:28:38 +03:00
& alias_pol ,
2011-01-18 13:57:33 +03:00
& member_sid ,
& result ) ;
2004-02-28 21:41:16 +03:00
2011-01-18 13:57:33 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
status = result ;
2004-02-28 21:41:16 +03:00
done :
2011-01-18 13:57:33 +03:00
dcerpc_samr_Close ( b , mem_ctx , & connect_pol , & result ) ;
return status ;
2004-02-28 21:41:16 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_group_delmem_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2004-02-28 21:41:16 +03:00
{
2010-05-21 05:25:01 +04:00
struct dom_sid group_sid ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType group_type ;
2004-02-28 21:41:16 +03:00
2008-05-21 12:27:59 +04:00
if ( argc ! = 2 | | c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc group delmem <group> <member> \n "
2009-08-04 10:28:50 +04:00
" Delete a member from a group \n "
" group \t Group to delete member from \n "
" member \t Member to delete from group \n " ) ) ;
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
}
if ( ! NT_STATUS_IS_OK ( get_sid_from_name ( cli , mem_ctx , argv [ 0 ] ,
& group_sid , & group_type ) ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not lookup group name %s \n " ) ,
argv [ 0 ] ) ;
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
}
if ( group_type = = SID_NAME_DOM_GRP ) {
2008-05-10 01:22:12 +04:00
NTSTATUS result = rpc_del_groupmem ( c , pipe_hnd , mem_ctx ,
2004-02-28 21:41:16 +03:00
& group_sid , argv [ 1 ] ) ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not del %s from %s: %s \n " ) ,
2004-02-28 21:41:16 +03:00
argv [ 1 ] , argv [ 0 ] , nt_errstr ( result ) ) ;
}
2004-02-29 19:34:33 +03:00
return result ;
2004-02-28 21:41:16 +03:00
}
if ( group_type = = SID_NAME_ALIAS ) {
2013-09-13 13:11:55 +04:00
NTSTATUS result = rpc_del_aliasmem ( pipe_hnd , cli , mem_ctx ,
2004-02-28 21:41:16 +03:00
& group_sid , argv [ 1 ] ) ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not del %s from %s: %s \n " ) ,
2004-02-28 21:41:16 +03:00
argv [ 1 ] , argv [ 0 ] , nt_errstr ( result ) ) ;
}
2004-02-29 19:34:33 +03:00
return result ;
2004-02-28 21:41:16 +03:00
}
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Can only delete members from global or local "
" groups which %s is not \n " ) , argv [ 0 ] ) ;
2004-02-29 15:47:45 +03:00
2004-02-28 21:41:16 +03:00
return NT_STATUS_UNSUCCESSFUL ;
}
2008-05-10 01:22:12 +04:00
static int rpc_group_delmem ( struct net_context * c , int argc , const char * * argv )
2004-02-28 21:41:16 +03:00
{
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2004-02-28 21:41:16 +03:00
rpc_group_delmem_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* List groups on a remote RPC server .
2002-07-15 14:35:28 +04:00
*
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function , except for
2008-05-08 13:23:38 +04:00
* argc , argv which are passes through .
2002-07-15 14:35:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2002-07-15 14:35:28 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_group_list_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2002-07-15 14:35:28 +04:00
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol ;
2011-01-18 13:59:16 +03:00
NTSTATUS status , result ;
2015-05-07 03:00:06 +03:00
uint32_t start_idx = 0 , max_entries = 250 , num_entries , i , loop_count = 0 ;
2008-02-12 13:09:23 +03:00
struct samr_SamArray * groups = NULL ;
2008-05-12 13:53:23 +04:00
bool global = false ;
bool local = false ;
bool builtin = false ;
2011-01-18 13:59:16 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2003-11-28 18:10:00 +03:00
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc group list [global] [local] [builtin] \n "
2009-08-04 10:28:50 +04:00
" List groups on RPC server \n "
" global \t List global groups \n "
" local \t List local groups \n "
" builtin \t List builtin groups \n "
" If none of global, local or builtin is "
" specified, all three options are considered "
" set \n " ) ) ;
2008-05-21 12:27:59 +04:00
return NT_STATUS_OK ;
}
2003-11-28 18:10:00 +03:00
if ( argc = = 0 ) {
2008-05-12 13:53:23 +04:00
global = true ;
local = true ;
builtin = true ;
2003-11-28 18:10:00 +03:00
}
for ( i = 0 ; i < argc ; i + + ) {
if ( strequal ( argv [ i ] , " global " ) )
2008-05-12 13:53:23 +04:00
global = true ;
2003-11-28 18:10:00 +03:00
if ( strequal ( argv [ i ] , " local " ) )
2008-05-12 13:53:23 +04:00
local = true ;
2003-11-28 18:10:00 +03:00
if ( strequal ( argv [ i ] , " builtin " ) )
2008-05-12 13:53:23 +04:00
builtin = true ;
2003-11-28 18:10:00 +03:00
}
2002-07-15 14:35:28 +04:00
/* Get sam policy handle */
2008-02-04 21:43:07 +03:00
2011-01-18 13:59:16 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 13:59:16 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2002-07-15 14:35:28 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:59:16 +03:00
status = result ;
2002-07-15 14:35:28 +04:00
goto done ;
}
2008-05-08 13:23:38 +04:00
2002-07-15 14:35:28 +04:00
/* Get domain policy handle */
2008-02-01 13:12:05 +03:00
2011-01-18 13:59:16 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , domain_sid ) ,
2011-01-18 13:59:16 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2002-07-15 14:35:28 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:59:16 +03:00
status = result ;
2002-07-15 14:35:28 +04:00
goto done ;
}
/* Query domain groups */
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries )
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " \n Group name Comment "
" \n ----------------------------- \n " ) ) ;
2002-07-15 14:35:28 +04:00
do {
2008-02-07 22:46:02 +03:00
uint32_t max_size , total_size , returned_size ;
union samr_DispInfo info ;
2003-06-12 20:21:22 +04:00
2003-11-28 18:10:00 +03:00
if ( ! global ) break ;
2011-01-12 17:36:19 +03:00
dcerpc_get_query_dispinfo_params (
2003-06-12 20:21:22 +04:00
loop_count , & max_entries , & max_size ) ;
2011-01-18 13:59:16 +03:00
status = dcerpc_samr_QueryDisplayInfo ( b , mem_ctx ,
2008-02-07 22:46:02 +03:00
& domain_pol ,
3 ,
start_idx ,
max_entries ,
max_size ,
& total_size ,
& returned_size ,
2011-01-18 13:59:16 +03:00
& info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2008-02-07 22:46:02 +03:00
num_entries = info . info3 . count ;
start_idx + = info . info3 . count ;
2004-02-17 18:24:28 +03:00
2004-02-28 11:18:09 +03:00
if ( ! NT_STATUS_IS_OK ( result ) & &
! NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) )
2004-02-17 18:24:28 +03:00
break ;
2008-02-07 22:46:02 +03:00
2002-07-15 14:35:28 +04:00
for ( i = 0 ; i < num_entries ; i + + ) {
2003-06-12 20:21:22 +04:00
2008-02-07 22:46:02 +03:00
const char * group = NULL ;
const char * desc = NULL ;
group = info . info3 . entries [ i ] . account_name . string ;
desc = info . info3 . entries [ i ] . description . string ;
2003-06-12 20:21:22 +04:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries )
2003-06-12 20:21:22 +04:00
printf ( " %-21.21s %-50.50s \n " ,
group , desc ) ;
2002-07-15 14:35:28 +04:00
else
2003-12-01 17:12:26 +03:00
printf ( " %s \n " , group ) ;
2002-07-15 14:35:28 +04:00
}
2003-05-08 02:56:02 +04:00
} while ( NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) ) ;
2002-07-15 14:35:28 +04:00
/* query domain aliases */
2003-06-12 19:37:06 +04:00
start_idx = 0 ;
2002-07-15 14:35:28 +04:00
do {
2003-11-28 18:10:00 +03:00
if ( ! local ) break ;
2011-01-18 13:59:16 +03:00
status = dcerpc_samr_EnumDomainAliases ( b , mem_ctx ,
2008-02-12 13:09:23 +03:00
& domain_pol ,
& start_idx ,
& groups ,
0xffff ,
2011-01-18 13:59:16 +03:00
& num_entries ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-02-28 11:18:09 +03:00
if ( ! NT_STATUS_IS_OK ( result ) & &
! NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) )
2004-02-17 18:24:28 +03:00
break ;
2008-02-12 13:09:23 +03:00
2002-07-15 14:35:28 +04:00
for ( i = 0 ; i < num_entries ; i + + ) {
2003-06-12 20:21:22 +04:00
2008-02-07 15:07:07 +03:00
const char * description = NULL ;
2003-06-12 20:21:22 +04:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries ) {
2003-06-12 20:21:22 +04:00
2009-03-19 00:49:41 +03:00
struct policy_handle alias_pol ;
2008-02-07 15:07:07 +03:00
union samr_AliasInfo * info = NULL ;
2011-01-18 13:59:16 +03:00
NTSTATUS _result ;
status = dcerpc_samr_OpenAlias ( b , mem_ctx ,
& domain_pol ,
0x8 ,
groups - > entries [ i ] . idx ,
& alias_pol ,
& _result ) ;
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( _result ) ) {
status = dcerpc_samr_QueryAliasInfo ( b , mem_ctx ,
& alias_pol ,
3 ,
& info ,
& _result ) ;
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( _result ) ) {
status = dcerpc_samr_Close ( b , mem_ctx ,
& alias_pol ,
& _result ) ;
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( _result ) ) {
description = info - > description . string ;
}
}
2003-06-12 20:21:22 +04:00
}
}
2008-02-12 13:09:23 +03:00
2003-06-12 20:21:22 +04:00
if ( description ! = NULL ) {
2008-02-12 13:09:23 +03:00
printf ( " %-21.21s %-50.50s \n " ,
groups - > entries [ i ] . name . string ,
2003-06-12 20:21:22 +04:00
description ) ;
} else {
2008-02-12 13:09:23 +03:00
printf ( " %s \n " , groups - > entries [ i ] . name . string ) ;
2003-06-12 20:21:22 +04:00
}
2002-07-15 14:35:28 +04:00
}
2003-05-08 02:56:02 +04:00
} while ( NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) ) ;
2011-01-18 13:59:16 +03:00
dcerpc_samr_Close ( b , mem_ctx , & domain_pol , & result ) ;
2002-07-15 14:35:28 +04:00
/* Get builtin policy handle */
2008-02-01 13:12:05 +03:00
2011-01-18 13:59:16 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , & global_sid_Builtin ) ,
2011-01-18 13:59:16 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2002-07-15 14:35:28 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 13:59:16 +03:00
status = result ;
2002-07-15 14:35:28 +04:00
goto done ;
}
2011-01-18 13:59:16 +03:00
2002-07-15 14:35:28 +04:00
/* query builtin aliases */
2003-06-12 19:37:06 +04:00
start_idx = 0 ;
2002-07-15 14:35:28 +04:00
do {
2003-11-28 18:10:00 +03:00
if ( ! builtin ) break ;
2011-01-18 13:59:16 +03:00
status = dcerpc_samr_EnumDomainAliases ( b , mem_ctx ,
2008-02-12 13:09:23 +03:00
& domain_pol ,
& start_idx ,
& groups ,
max_entries ,
2011-01-18 13:59:16 +03:00
& num_entries ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
break ;
}
2004-02-28 11:18:09 +03:00
if ( ! NT_STATUS_IS_OK ( result ) & &
2011-01-18 13:59:16 +03:00
! NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) ) {
status = result ;
2004-02-17 18:24:28 +03:00
break ;
2011-01-18 13:59:16 +03:00
}
2008-02-12 13:09:23 +03:00
2002-07-15 14:35:28 +04:00
for ( i = 0 ; i < num_entries ; i + + ) {
2003-06-12 20:21:22 +04:00
2008-02-07 15:07:07 +03:00
const char * description = NULL ;
2003-06-12 20:21:22 +04:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries ) {
2003-06-12 20:21:22 +04:00
2009-03-19 00:49:41 +03:00
struct policy_handle alias_pol ;
2008-02-07 15:07:07 +03:00
union samr_AliasInfo * info = NULL ;
2011-01-18 13:59:16 +03:00
NTSTATUS _result ;
status = dcerpc_samr_OpenAlias ( b , mem_ctx ,
& domain_pol ,
0x8 ,
groups - > entries [ i ] . idx ,
& alias_pol ,
& _result ) ;
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( _result ) ) {
status = dcerpc_samr_QueryAliasInfo ( b , mem_ctx ,
& alias_pol ,
3 ,
& info ,
& _result ) ;
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( _result ) ) {
status = dcerpc_samr_Close ( b , mem_ctx ,
& alias_pol ,
& _result ) ;
if ( NT_STATUS_IS_OK ( status ) & & NT_STATUS_IS_OK ( _result ) ) {
description = info - > description . string ;
}
}
2003-06-12 20:21:22 +04:00
}
}
2008-02-12 13:09:23 +03:00
2003-06-12 20:21:22 +04:00
if ( description ! = NULL ) {
2008-02-12 13:09:23 +03:00
printf ( " %-21.21s %-50.50s \n " ,
groups - > entries [ i ] . name . string ,
2003-06-12 20:21:22 +04:00
description ) ;
} else {
2008-02-12 13:09:23 +03:00
printf ( " %s \n " , groups - > entries [ i ] . name . string ) ;
2003-06-12 20:21:22 +04:00
}
2002-07-15 14:35:28 +04:00
}
2003-05-08 02:56:02 +04:00
} while ( NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) ) ;
2002-07-15 14:35:28 +04:00
2011-01-18 13:59:16 +03:00
status = result ;
2002-07-15 14:35:28 +04:00
done :
2011-01-18 13:59:16 +03:00
return status ;
2002-07-15 14:35:28 +04:00
}
2008-05-10 01:22:12 +04:00
static int rpc_group_list ( struct net_context * c , int argc , const char * * argv )
2003-11-28 18:10:00 +03:00
{
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2003-11-28 18:10:00 +03:00
rpc_group_list_internals ,
argc , argv ) ;
}
2004-02-09 21:19:25 +03:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_list_group_members ( struct net_context * c ,
struct rpc_pipe_client * pipe_hnd ,
2005-09-30 21:13:37 +04:00
TALLOC_CTX * mem_ctx ,
const char * domain_name ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2009-03-19 00:49:41 +03:00
struct policy_handle * domain_pol ,
2015-05-07 03:00:06 +03:00
uint32_t rid )
2003-11-26 13:07:07 +03:00
{
2011-01-18 14:00:09 +03:00
NTSTATUS result , status ;
2009-03-19 00:49:41 +03:00
struct policy_handle group_pol ;
2015-05-07 03:00:06 +03:00
uint32_t num_members , * group_rids ;
2021-07-25 11:22:37 +03:00
uint32_t i ;
2010-10-07 15:01:29 +04:00
struct samr_RidAttrArray * rids = NULL ;
2008-02-08 14:05:29 +03:00
struct lsa_Strings names ;
struct samr_Ids types ;
2011-01-18 14:00:09 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2003-11-26 13:07:07 +03:00
2011-01-18 14:00:09 +03:00
status = dcerpc_samr_OpenGroup ( b , mem_ctx ,
2008-02-01 13:24:01 +03:00
domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
rid ,
2011-01-18 14:00:09 +03:00
& group_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-09 21:19:25 +03:00
return result ;
2011-01-18 14:00:09 +03:00
}
2003-11-26 13:07:07 +03:00
2011-01-18 14:00:09 +03:00
status = dcerpc_samr_QueryGroupMember ( b , mem_ctx ,
2008-02-05 12:58:37 +03:00
& group_pol ,
2011-01-18 14:00:09 +03:00
& rids ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-09 21:19:25 +03:00
return result ;
2011-01-18 14:00:09 +03:00
}
2003-11-26 13:07:07 +03:00
2008-02-05 12:58:37 +03:00
num_members = rids - > count ;
group_rids = rids - > rids ;
2004-01-02 08:32:07 +03:00
while ( num_members > 0 ) {
2021-07-25 11:22:37 +03:00
uint32_t this_time = 512 ;
2003-11-26 13:07:07 +03:00
2003-11-27 20:31:18 +03:00
if ( num_members < this_time )
this_time = num_members ;
2003-11-26 13:07:07 +03:00
2011-01-18 14:00:09 +03:00
status = dcerpc_samr_LookupRids ( b , mem_ctx ,
2008-02-08 14:05:29 +03:00
domain_pol ,
this_time ,
group_rids ,
& names ,
2011-01-18 14:00:09 +03:00
& types ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-09 21:19:25 +03:00
return result ;
2011-01-18 14:00:09 +03:00
}
2013-11-08 10:41:22 +04:00
if ( names . count ! = this_time ) {
return NT_STATUS_INVALID_NETWORK_RESPONSE ;
}
if ( types . count ! = this_time ) {
return NT_STATUS_INVALID_NETWORK_RESPONSE ;
}
2004-02-09 21:19:25 +03:00
/* We only have users as members, but make the output
the same as the output of alias members */
2003-11-27 20:31:18 +03:00
for ( i = 0 ; i < this_time ; i + + ) {
2004-02-09 21:19:25 +03:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries ) {
2018-12-06 19:53:24 +03:00
struct dom_sid sid ;
struct dom_sid_buf sid_str ;
sid_compose ( & sid , domain_sid , group_rids [ i ] ) ;
printf ( " %s %s \\ %s %d \n " ,
dom_sid_str_buf ( & sid , & sid_str ) ,
domain_name ,
2008-02-08 14:05:29 +03:00
names . names [ i ] . string ,
2004-02-09 21:19:25 +03:00
SID_NAME_USER ) ;
} else {
2008-02-08 14:05:29 +03:00
printf ( " %s \\ %s \n " , domain_name ,
names . names [ i ] . string ) ;
2004-02-09 21:19:25 +03:00
}
2003-11-27 20:31:18 +03:00
}
num_members - = this_time ;
group_rids + = 512 ;
2004-01-02 08:32:07 +03:00
}
2003-11-26 13:07:07 +03:00
2004-02-09 21:19:25 +03:00
return NT_STATUS_OK ;
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_list_alias_members ( struct net_context * c ,
2013-09-13 13:11:55 +04:00
struct rpc_pipe_client * pipe_hnd ,
struct cli_state * cli ,
TALLOC_CTX * mem_ctx ,
struct policy_handle * domain_pol ,
2015-05-07 03:00:06 +03:00
uint32_t rid )
2004-02-09 21:19:25 +03:00
{
2011-01-18 14:01:35 +03:00
NTSTATUS result , status ;
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client * lsa_pipe ;
2009-03-19 00:49:41 +03:00
struct policy_handle alias_pol , lsa_pol ;
2015-05-07 03:00:06 +03:00
uint32_t num_members ;
2010-05-21 05:25:01 +04:00
struct dom_sid * alias_sids ;
2004-02-09 21:19:25 +03:00
char * * domains ;
char * * names ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType * types ;
2021-07-25 11:22:37 +03:00
uint32_t i ;
2008-02-05 03:18:56 +03:00
struct lsa_SidArray sid_array ;
2011-01-18 14:01:35 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-02-09 21:19:25 +03:00
2011-01-18 14:01:35 +03:00
status = dcerpc_samr_OpenAlias ( b , mem_ctx ,
2008-02-01 13:38:29 +03:00
domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
rid ,
2011-01-18 14:01:35 +03:00
& alias_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-09 21:19:25 +03:00
return result ;
2011-01-18 14:01:35 +03:00
}
2004-02-09 21:19:25 +03:00
2011-01-18 14:01:35 +03:00
status = dcerpc_samr_GetMembersInAlias ( b , mem_ctx ,
2008-02-05 03:18:56 +03:00
& alias_pol ,
2011-01-18 14:01:35 +03:00
& sid_array ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_fprintf ( stderr , _ ( " Couldn't list alias members \n " ) ) ;
return status ;
}
2004-02-09 21:19:25 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Couldn't list alias members \n " ) ) ;
2004-02-09 21:19:25 +03:00
return result ;
}
2008-02-05 03:18:56 +03:00
num_members = sid_array . num_sids ;
2004-02-17 13:08:18 +03:00
if ( num_members = = 0 ) {
return NT_STATUS_OK ;
}
2013-09-13 13:11:55 +04:00
result = cli_rpc_pipe_open_noauth ( cli ,
2013-05-24 15:29:28 +04:00
& ndr_table_lsarpc ,
2008-07-20 13:04:31 +04:00
& lsa_pipe ) ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Couldn't open LSA pipe. Error was %s \n " ) ,
2005-09-30 21:13:37 +04:00
nt_errstr ( result ) ) ;
2004-02-09 21:19:25 +03:00
return result ;
}
2008-05-12 13:53:23 +04:00
result = rpccli_lsa_open_policy ( lsa_pipe , mem_ctx , true ,
2009-04-15 03:12:13 +04:00
SEC_FLAG_MAXIMUM_ALLOWED , & lsa_pol ) ;
2004-02-09 21:19:25 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Couldn't open LSA policy handle \n " ) ) ;
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( lsa_pipe ) ;
2004-02-09 21:19:25 +03:00
return result ;
}
2011-06-07 05:58:39 +04:00
alias_sids = talloc_zero_array ( mem_ctx , struct dom_sid , num_members ) ;
2008-02-05 03:18:56 +03:00
if ( ! alias_sids ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Out of memory \n " ) ) ;
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( lsa_pipe ) ;
2008-02-05 03:18:56 +03:00
return NT_STATUS_NO_MEMORY ;
}
for ( i = 0 ; i < num_members ; i + + ) {
sid_copy ( & alias_sids [ i ] , sid_array . sids [ i ] . sid ) ;
}
2008-05-10 01:22:12 +04:00
result = rpccli_lsa_lookup_sids ( lsa_pipe , mem_ctx , & lsa_pol ,
num_members , alias_sids ,
2004-02-09 21:19:25 +03:00
& domains , & names , & types ) ;
if ( ! NT_STATUS_IS_OK ( result ) & &
! NT_STATUS_EQUAL ( result , STATUS_SOME_UNMAPPED ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Couldn't lookup SIDs \n " ) ) ;
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( lsa_pipe ) ;
2004-02-09 21:19:25 +03:00
return result ;
}
for ( i = 0 ; i < num_members ; i + + ) {
2018-12-06 19:53:24 +03:00
struct dom_sid_buf sid_str ;
dom_sid_str_buf ( & alias_sids [ i ] , & sid_str ) ;
2004-02-09 21:19:25 +03:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries ) {
2018-12-06 19:53:24 +03:00
printf ( " %s %s \\ %s %d \n " , sid_str . buf ,
2009-08-04 10:28:50 +04:00
domains [ i ] ? domains [ i ] : _ ( " *unknown* " ) ,
names [ i ] ? names [ i ] : _ ( " *unknown* " ) , types [ i ] ) ;
2004-02-09 21:19:25 +03:00
} else {
if ( domains [ i ] )
printf ( " %s \\ %s \n " , domains [ i ] , names [ i ] ) ;
else
2018-12-06 19:53:24 +03:00
printf ( " %s \n " , sid_str . buf ) ;
2004-02-09 21:19:25 +03:00
}
}
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( lsa_pipe ) ;
2004-02-09 21:19:25 +03:00
return NT_STATUS_OK ;
}
2008-05-08 13:23:38 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_group_members_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2004-02-09 21:19:25 +03:00
{
2011-01-18 14:02:53 +03:00
NTSTATUS result , status ;
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol ;
2008-02-08 16:50:04 +03:00
struct samr_Ids rids , rid_types ;
struct lsa_String lsa_acct_name ;
2011-01-18 14:02:53 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-02-09 21:19:25 +03:00
/* Get sam policy handle */
2008-02-04 21:43:07 +03:00
2011-01-18 14:02:53 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 14:02:53 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-09 21:19:25 +03:00
return result ;
2011-01-18 14:02:53 +03:00
}
2008-05-08 13:23:38 +04:00
2004-02-09 21:19:25 +03:00
/* Get domain policy handle */
2008-02-01 13:12:05 +03:00
2011-01-18 14:02:53 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , domain_sid ) ,
2011-01-18 14:02:53 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-02-09 21:19:25 +03:00
return result ;
2011-01-18 14:02:53 +03:00
}
2004-02-09 21:19:25 +03:00
2008-02-08 16:50:04 +03:00
init_lsa_String ( & lsa_acct_name , argv [ 0 ] ) ; /* sure? */
2011-01-18 14:02:53 +03:00
status = dcerpc_samr_LookupNames ( b , mem_ctx ,
2008-02-08 16:50:04 +03:00
& domain_pol ,
1 ,
& lsa_acct_name ,
& rids ,
2011-01-18 14:02:53 +03:00
& rid_types ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2004-02-09 21:19:25 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
/* Ok, did not find it in the global sam, try with builtin */
2010-05-21 05:25:01 +04:00
struct dom_sid sid_Builtin ;
2004-02-09 21:19:25 +03:00
2011-01-18 14:02:53 +03:00
dcerpc_samr_Close ( b , mem_ctx , & domain_pol , & result ) ;
2004-02-09 21:19:25 +03:00
2008-03-17 23:00:16 +03:00
sid_copy ( & sid_Builtin , & global_sid_Builtin ) ;
2004-02-09 21:19:25 +03:00
2011-01-18 14:02:53 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
& sid_Builtin ,
2011-01-18 14:02:53 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2004-02-09 21:19:25 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Couldn't find group %s \n " ) ,
argv [ 0 ] ) ;
2004-02-09 21:19:25 +03:00
return result ;
}
2011-01-18 14:02:53 +03:00
status = dcerpc_samr_LookupNames ( b , mem_ctx ,
2008-02-08 16:50:04 +03:00
& domain_pol ,
1 ,
& lsa_acct_name ,
& rids ,
2011-01-18 14:02:53 +03:00
& rid_types ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2004-02-09 21:19:25 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Couldn't find group %s \n " ) ,
argv [ 0 ] ) ;
2004-02-09 21:19:25 +03:00
return result ;
}
}
2008-02-08 16:50:04 +03:00
if ( rids . count ! = 1 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Couldn't find group %s \n " ) ,
argv [ 0 ] ) ;
2013-11-08 09:40:55 +04:00
return NT_STATUS_INVALID_NETWORK_RESPONSE ;
}
if ( rid_types . count ! = 1 ) {
d_fprintf ( stderr , _ ( " Couldn't find group %s \n " ) ,
argv [ 0 ] ) ;
return NT_STATUS_INVALID_NETWORK_RESPONSE ;
2004-02-09 21:19:25 +03:00
}
2013-11-08 09:40:55 +04:00
2008-02-08 16:50:04 +03:00
if ( rid_types . ids [ 0 ] = = SID_NAME_DOM_GRP ) {
2008-05-10 01:22:12 +04:00
return rpc_list_group_members ( c , pipe_hnd , mem_ctx , domain_name ,
2004-02-09 21:19:25 +03:00
domain_sid , & domain_pol ,
2008-02-08 16:50:04 +03:00
rids . ids [ 0 ] ) ;
2004-02-09 21:19:25 +03:00
}
2008-02-08 16:50:04 +03:00
if ( rid_types . ids [ 0 ] = = SID_NAME_ALIAS ) {
2013-09-13 13:11:55 +04:00
return rpc_list_alias_members ( c , pipe_hnd , cli , mem_ctx , & domain_pol ,
2008-02-08 16:50:04 +03:00
rids . ids [ 0 ] ) ;
2004-02-09 21:19:25 +03:00
}
return NT_STATUS_NO_SUCH_GROUP ;
2003-11-26 13:07:07 +03:00
}
2008-05-10 01:22:12 +04:00
static int rpc_group_members ( struct net_context * c , int argc , const char * * argv )
2003-11-26 13:07:07 +03:00
{
2008-05-21 12:27:59 +04:00
if ( argc ! = 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
return rpc_group_usage ( c , argc , argv ) ;
2003-11-26 13:07:07 +03:00
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2003-11-26 13:07:07 +03:00
rpc_group_members_internals ,
argc , argv ) ;
}
2008-06-06 15:52:51 +04:00
static int rpc_group_rename_internals ( struct net_context * c , int argc , const char * * argv )
2004-06-02 18:25:29 +04:00
{
2008-06-06 15:52:51 +04:00
NET_API_STATUS status ;
struct GROUP_INFO_0 g0 ;
uint32_t parm_err ;
2004-06-02 18:25:29 +04:00
if ( argc ! = 2 ) {
2010-01-19 13:43:54 +03:00
d_printf ( _ ( " Usage: \n " ) ) ;
d_printf ( " net rpc group rename group newname \n " ) ;
2008-06-06 15:52:51 +04:00
return - 1 ;
2004-06-02 18:25:29 +04:00
}
2008-06-06 15:52:51 +04:00
g0 . grpi0_name = argv [ 1 ] ;
2008-05-08 13:23:38 +04:00
2008-06-06 15:52:51 +04:00
status = NetGroupSetInfo ( c - > opt_host ,
argv [ 0 ] ,
0 ,
( uint8_t * ) & g0 ,
& parm_err ) ;
2008-02-08 16:50:04 +03:00
2008-06-06 15:52:51 +04:00
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Renaming group %s failed with: %s \n " ) ,
2008-06-06 15:52:51 +04:00
argv [ 0 ] , libnetapi_get_error_string ( c - > netapi_ctx ,
status ) ) ;
return - 1 ;
2004-06-02 18:25:29 +04:00
}
2008-06-06 15:52:51 +04:00
return 0 ;
2004-06-02 18:25:29 +04:00
}
2008-05-10 01:22:12 +04:00
static int rpc_group_rename ( struct net_context * c , int argc , const char * * argv )
2004-06-02 18:25:29 +04:00
{
2008-05-21 12:27:59 +04:00
if ( argc ! = 2 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
return rpc_group_usage ( c , argc , argv ) ;
2004-06-02 18:25:29 +04:00
}
2008-06-06 15:52:51 +04:00
return rpc_group_rename_internals ( c , argc , argv ) ;
2004-06-02 18:25:29 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2002-07-15 14:35:28 +04:00
* ' net rpc group ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc_group ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-05-28 16:57:35 +04:00
NET_API_STATUS status ;
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" add " ,
rpc_group_add ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Create specified group " ) ,
N_ ( " net rpc group add \n "
" Create specified group " )
2008-05-21 12:27:59 +04:00
} ,
{
" delete " ,
rpc_group_delete ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Delete specified group " ) ,
N_ ( " net rpc group delete \n "
" Delete specified group " )
2008-05-21 12:27:59 +04:00
} ,
{
" addmem " ,
rpc_group_addmem ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Add member to group " ) ,
N_ ( " net rpc group addmem \n "
" Add member to group " )
2008-05-21 12:27:59 +04:00
} ,
{
" delmem " ,
rpc_group_delmem ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Remove member from group " ) ,
N_ ( " net rpc group delmem \n "
" Remove member from group " )
2008-05-21 12:27:59 +04:00
} ,
{
" list " ,
rpc_group_list ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List groups " ) ,
N_ ( " net rpc group list \n "
" List groups " )
2008-05-21 12:27:59 +04:00
} ,
{
" members " ,
rpc_group_members ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List group members " ) ,
N_ ( " net rpc group members \n "
" List group members " )
2008-05-21 12:27:59 +04:00
} ,
{
" rename " ,
rpc_group_rename ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Rename group " ) ,
N_ ( " net rpc group rename \n "
" Rename group " )
2008-05-21 12:27:59 +04:00
} ,
{ NULL , NULL , 0 , NULL , NULL }
2002-07-15 14:35:28 +04:00
} ;
2008-05-08 13:23:38 +04:00
2023-09-07 15:53:22 +03:00
status = libnetapi_net_init ( & c - > netapi_ctx , c - > lp_ctx , c - > creds ) ;
2021-03-25 13:44:36 +03:00
if ( status ! = 0 ) {
return - 1 ;
2008-07-31 17:14:14 +04:00
}
2008-05-28 16:57:35 +04:00
2002-07-15 14:35:28 +04:00
if ( argc = = 0 ) {
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Usage: \n " ) ) ;
d_printf ( _ ( " net rpc group \n "
" Alias for net rpc group list global "
" local builtin \n " ) ) ;
2008-05-21 12:27:59 +04:00
net_display_usage_from_functable ( func ) ;
return 0 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2002-07-15 14:35:28 +04:00
rpc_group_list_internals ,
argc , argv ) ;
}
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc group " , func ) ;
2002-07-15 14:35:28 +04:00
}
/****************************************************************************/
2008-05-10 01:22:12 +04:00
static int rpc_share_usage ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-05-14 16:24:21 +04:00
return net_share_usage ( c , argc , argv ) ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Add a share on a remote RPC server .
2002-07-15 14:35:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
*
2008-09-04 17:37:03 +04:00
* @ return A shell status integer ( 0 for success ) .
2002-07-15 14:35:28 +04:00
* */
2008-09-04 17:37:03 +04:00
static int rpc_share_add ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-09-04 17:37:03 +04:00
NET_API_STATUS status ;
2006-06-19 23:07:39 +04:00
char * sharename ;
2002-07-15 14:35:28 +04:00
char * path ;
2015-05-07 03:00:06 +03:00
uint32_t type = STYPE_DISKTREE ; /* only allow disk shares to be added */
uint32_t num_users = 0 , perms = 0 ;
2002-07-15 14:35:28 +04:00
char * password = NULL ; /* don't allow a share password */
2008-09-04 17:37:03 +04:00
struct SHARE_INFO_2 i2 ;
2008-03-10 16:25:45 +03:00
uint32_t parm_error = 0 ;
2002-07-15 14:35:28 +04:00
2008-09-04 17:37:03 +04:00
if ( ( argc < 1 ) | | ! strchr ( argv [ 0 ] , ' = ' ) | | c - > display_usage ) {
return rpc_share_usage ( c , argc , argv ) ;
}
if ( ( sharename = talloc_strdup ( c , argv [ 0 ] ) ) = = NULL ) {
return - 1 ;
2006-06-19 23:07:39 +04:00
}
2002-07-15 14:35:28 +04:00
path = strchr ( sharename , ' = ' ) ;
2008-09-04 17:37:03 +04:00
if ( ! path ) {
return - 1 ;
}
2002-07-15 14:35:28 +04:00
2008-09-04 17:37:03 +04:00
* path + + = ' \0 ' ;
2002-07-15 14:35:28 +04:00
2008-09-04 17:37:03 +04:00
i2 . shi2_netname = sharename ;
i2 . shi2_type = type ;
i2 . shi2_remark = c - > opt_comment ;
i2 . shi2_permissions = perms ;
i2 . shi2_max_uses = c - > opt_maxusers ;
i2 . shi2_current_uses = num_users ;
i2 . shi2_path = path ;
i2 . shi2_passwd = password ;
status = NetShareAdd ( c - > opt_host ,
2 ,
( uint8_t * ) & i2 ,
& parm_error ) ;
if ( status ! = 0 ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " NetShareAdd failed with: %s \n " ) ,
2008-09-04 17:37:03 +04:00
libnetapi_get_error_string ( c - > netapi_ctx , status ) ) ;
2002-07-15 14:35:28 +04:00
}
2008-09-04 17:37:03 +04:00
return status ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Delete a share on a remote RPC server .
2002-07-15 14:35:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2002-07-15 14:35:28 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_share_delete ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
return rpc_share_usage ( c , argc , argv ) ;
2002-07-15 14:35:28 +04:00
}
2008-09-04 17:44:50 +04:00
return NetShareDel ( c - > opt_host , argv [ 0 ] , 0 ) ;
2002-07-15 14:35:28 +04:00
}
/**
* Formatted print of share info
*
2008-09-10 12:53:46 +04:00
* @ param r pointer to SHARE_INFO_1 to format
2002-07-15 14:35:28 +04:00
* */
2007-10-11 00:34:30 +04:00
2008-05-10 01:22:12 +04:00
static void display_share_info_1 ( struct net_context * c ,
2008-09-10 12:53:46 +04:00
struct SHARE_INFO_1 * r )
2008-03-10 18:19:25 +03:00
{
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries ) {
2004-02-11 17:59:08 +03:00
d_printf ( " %-12s %-8.8s %-50s \n " ,
2008-09-10 12:53:46 +04:00
r - > shi1_netname ,
2008-09-25 01:23:01 +04:00
net_share_type_str ( r - > shi1_type & ~ ( STYPE_TEMPORARY | STYPE_HIDDEN ) ) ,
2008-09-10 12:53:46 +04:00
r - > shi1_remark ) ;
2002-07-15 14:35:28 +04:00
} else {
2008-09-10 12:53:46 +04:00
d_printf ( " %s \n " , r - > shi1_netname ) ;
2002-07-15 14:35:28 +04:00
}
}
2008-05-10 01:22:12 +04:00
static WERROR get_share_info ( struct net_context * c ,
struct rpc_pipe_client * pipe_hnd ,
2008-03-10 18:19:25 +03:00
TALLOC_CTX * mem_ctx ,
2015-05-07 03:00:06 +03:00
uint32_t level ,
2008-03-10 18:19:25 +03:00
int argc ,
const char * * argv ,
struct srvsvc_NetShareInfoCtr * info_ctr )
2005-06-16 13:36:53 +04:00
{
2007-10-11 00:34:30 +04:00
WERROR result ;
2008-03-10 18:19:25 +03:00
NTSTATUS status ;
union srvsvc_NetShareInfo info ;
2011-01-12 15:11:41 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2005-06-16 13:36:53 +04:00
/* no specific share requested, enumerate all */
if ( argc = = 0 ) {
2008-03-10 18:19:25 +03:00
uint32_t preferred_len = 0xffffffff ;
uint32_t total_entries = 0 ;
uint32_t resume_handle = 0 ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
info_ctr - > level = level ;
2007-10-11 00:34:30 +04:00
2011-01-12 15:11:41 +03:00
status = dcerpc_srvsvc_NetShareEnumAll ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-03-10 18:19:25 +03:00
info_ctr ,
preferred_len ,
& total_entries ,
& resume_handle ,
& result ) ;
2011-01-12 15:11:41 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return ntstatus_to_werror ( status ) ;
}
2008-03-10 18:19:25 +03:00
return result ;
2005-06-16 13:36:53 +04:00
}
/* request just one share */
2011-01-12 15:11:41 +03:00
status = dcerpc_srvsvc_NetShareGetInfo ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-03-10 18:19:25 +03:00
argv [ 0 ] ,
level ,
& info ,
& result ) ;
2011-01-12 15:11:41 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
result = ntstatus_to_werror ( status ) ;
goto done ;
}
if ( ! W_ERROR_IS_OK ( result ) ) {
2007-10-11 00:34:30 +04:00
goto done ;
2008-03-10 18:19:25 +03:00
}
2007-10-11 00:34:30 +04:00
/* construct ctr */
2008-03-10 18:19:25 +03:00
ZERO_STRUCTP ( info_ctr ) ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
info_ctr - > level = level ;
2006-10-21 20:27:38 +04:00
2007-10-11 00:34:30 +04:00
switch ( level ) {
2006-10-21 20:27:38 +04:00
case 1 :
2007-10-11 00:34:30 +04:00
{
2008-03-10 18:19:25 +03:00
struct srvsvc_NetShareCtr1 * ctr1 ;
2007-10-11 00:34:30 +04:00
2011-06-07 05:44:43 +04:00
ctr1 = talloc_zero ( mem_ctx , struct srvsvc_NetShareCtr1 ) ;
2008-03-10 18:19:25 +03:00
W_ERROR_HAVE_NO_MEMORY ( ctr1 ) ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
ctr1 - > count = 1 ;
ctr1 - > array = info . info1 ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
info_ctr - > ctr . ctr1 = ctr1 ;
2011-01-12 15:10:28 +03:00
break ;
2007-10-11 00:34:30 +04:00
}
case 2 :
{
2008-03-10 18:19:25 +03:00
struct srvsvc_NetShareCtr2 * ctr2 ;
2007-10-11 00:34:30 +04:00
2011-06-07 05:44:43 +04:00
ctr2 = talloc_zero ( mem_ctx , struct srvsvc_NetShareCtr2 ) ;
2008-03-10 18:19:25 +03:00
W_ERROR_HAVE_NO_MEMORY ( ctr2 ) ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
ctr2 - > count = 1 ;
ctr2 - > array = info . info2 ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
info_ctr - > ctr . ctr2 = ctr2 ;
2011-01-12 15:10:28 +03:00
break ;
2007-10-11 00:34:30 +04:00
}
2006-10-21 20:27:38 +04:00
case 502 :
2007-10-11 00:34:30 +04:00
{
2008-03-10 18:19:25 +03:00
struct srvsvc_NetShareCtr502 * ctr502 ;
2007-10-11 00:34:30 +04:00
2011-06-07 05:44:43 +04:00
ctr502 = talloc_zero ( mem_ctx , struct srvsvc_NetShareCtr502 ) ;
2008-03-10 18:19:25 +03:00
W_ERROR_HAVE_NO_MEMORY ( ctr502 ) ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
ctr502 - > count = 1 ;
ctr502 - > array = info . info502 ;
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
info_ctr - > ctr . ctr502 = ctr502 ;
2011-01-12 15:10:28 +03:00
break ;
2006-10-21 20:27:38 +04:00
}
2007-10-11 00:34:30 +04:00
} /* switch */
done :
return result ;
2005-06-16 13:36:53 +04:00
}
2008-09-10 12:53:46 +04:00
/***
* ' net rpc share list ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
* */
2008-09-10 12:53:46 +04:00
static int rpc_share_list ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-09-10 12:53:46 +04:00
NET_API_STATUS status ;
struct SHARE_INFO_1 * i1 = NULL ;
uint32_t entries_read = 0 ;
uint32_t total_entries = 0 ;
uint32_t resume_handle = 0 ;
uint32_t i , level = 1 ;
2008-03-10 18:19:25 +03:00
2008-09-10 12:53:46 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc share list \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " List shares on remote server " ) ) ;
2008-09-10 12:53:46 +04:00
return 0 ;
}
2008-03-10 18:19:25 +03:00
2008-09-10 12:53:46 +04:00
status = NetShareEnum ( c - > opt_host ,
level ,
2009-02-01 02:31:16 +03:00
( uint8_t * * ) ( void * ) & i1 ,
2008-09-10 12:53:46 +04:00
( uint32_t ) - 1 ,
& entries_read ,
& total_entries ,
& resume_handle ) ;
if ( status ! = 0 ) {
2002-07-15 14:35:28 +04:00
goto done ;
2008-09-10 12:53:46 +04:00
}
2002-07-15 14:35:28 +04:00
/* Display results */
2008-05-10 01:22:12 +04:00
if ( c - > opt_long_list_entries ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ (
2008-05-21 12:27:59 +04:00
" \n Enumerating shared resources (exports) on remote server: \n \n "
" \n Share name Type Description \n "
2009-08-04 10:28:50 +04:00
" ---------- ---- ----------- \n " ) ) ;
2002-07-15 14:35:28 +04:00
}
2008-09-10 12:53:46 +04:00
for ( i = 0 ; i < entries_read ; i + + )
display_share_info_1 ( c , & i1 [ i ] ) ;
2002-07-15 14:35:28 +04:00
done :
2008-09-10 12:53:46 +04:00
return status ;
2005-06-16 13:36:53 +04:00
}
2007-10-19 04:40:25 +04:00
static bool check_share_availability ( struct cli_state * cli , const char * netname )
2005-06-16 13:36:53 +04:00
{
2010-01-03 20:46:57 +03:00
NTSTATUS status ;
2016-12-08 09:13:57 +03:00
status = cli_tree_connect ( cli , netname , " A: " , NULL ) ;
2010-01-03 20:46:57 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " skipping [%s]: not a file share. \n " ) , netname ) ;
2008-05-12 13:53:23 +04:00
return false ;
2005-06-16 13:36:53 +04:00
}
2010-01-03 20:46:57 +03:00
status = cli_tdis ( cli ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_printf ( _ ( " cli_tdis returned %s \n " ) , nt_errstr ( status ) ) ;
2008-05-12 13:53:23 +04:00
return false ;
2010-01-03 20:46:57 +03:00
}
2005-06-16 13:36:53 +04:00
2008-05-12 13:53:23 +04:00
return true ;
2005-06-16 13:36:53 +04:00
}
2008-05-10 01:22:12 +04:00
static bool check_share_sanity ( struct net_context * c , struct cli_state * cli ,
2015-05-07 03:00:06 +03:00
const char * netname , uint32_t type )
2005-06-16 13:36:53 +04:00
{
/* only support disk shares */
if ( ! ( type = = STYPE_DISKTREE | | type = = ( STYPE_DISKTREE | STYPE_HIDDEN ) ) ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " share [%s] is not a diskshare (type: %x) \n " ) , netname ,
type ) ;
2008-05-12 13:53:23 +04:00
return false ;
2005-06-16 13:36:53 +04:00
}
/* skip builtin shares */
/* FIXME: should print$ be added too ? */
2008-05-08 13:23:38 +04:00
if ( strequal ( netname , " IPC$ " ) | | strequal ( netname , " ADMIN$ " ) | |
strequal ( netname , " global " ) )
2008-05-12 13:53:23 +04:00
return false ;
2005-06-16 13:36:53 +04:00
2008-05-12 13:53:23 +04:00
if ( c - > opt_exclude & & in_list ( netname , c - > opt_exclude , false ) ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " excluding [%s] \n " ) , netname ) ;
2008-05-12 13:53:23 +04:00
return false ;
2005-06-16 13:36:53 +04:00
}
return check_share_availability ( cli , netname ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate shares from a remote RPC server to the local RPC server .
2004-08-10 18:27:17 +04:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-05-08 13:23:38 +04:00
* argc , argv which are passed through .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2004-08-10 18:27:17 +04:00
* @ param cli A cli_state connected to the server .
2008-02-26 12:26:10 +03:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
* @ return Normal NTSTATUS return .
* */
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_share_migrate_shares_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2007-10-11 00:34:30 +04:00
WERROR result ;
2004-08-10 18:27:17 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL ;
2008-03-10 18:19:25 +03:00
struct srvsvc_NetShareInfoCtr ctr_src ;
2015-05-07 03:00:06 +03:00
uint32_t i ;
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client * srvsvc_pipe = NULL ;
2004-08-10 18:27:17 +04:00
struct cli_state * cli_dst = NULL ;
2015-05-07 03:00:06 +03:00
uint32_t level = 502 ; /* includes secdesc */
2008-03-10 18:19:25 +03:00
uint32_t parm_error = 0 ;
2011-01-12 15:11:41 +03:00
struct dcerpc_binding_handle * b ;
2004-08-10 18:27:17 +04:00
2008-05-10 01:22:12 +04:00
result = get_share_info ( c , pipe_hnd , mem_ctx , level , argc , argv ,
& ctr_src ) ;
2007-10-11 00:34:30 +04:00
if ( ! W_ERROR_IS_OK ( result ) )
2004-08-10 18:27:17 +04:00
goto done ;
2005-06-16 13:36:53 +04:00
/* connect destination PI_SRVSVC */
2008-07-20 20:44:32 +04:00
nt_status = connect_dst_pipe ( c , & cli_dst , & srvsvc_pipe ,
2013-05-17 18:02:59 +04:00
& ndr_table_srvsvc ) ;
2004-08-10 18:27:17 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) )
return nt_status ;
2011-01-12 15:11:41 +03:00
b = srvsvc_pipe - > binding_handle ;
2004-08-10 18:27:17 +04:00
2008-03-10 18:19:25 +03:00
for ( i = 0 ; i < ctr_src . ctr . ctr502 - > count ; i + + ) {
union srvsvc_NetShareInfo info ;
struct srvsvc_NetShareInfo502 info502 =
ctr_src . ctr . ctr502 - > array [ i ] ;
2004-08-10 18:27:17 +04:00
/* reset error-code */
nt_status = NT_STATUS_UNSUCCESSFUL ;
2008-05-10 01:22:12 +04:00
if ( ! check_share_sanity ( c , cli , info502 . name , info502 . type ) )
2005-03-22 18:45:38 +03:00
continue ;
2004-08-10 18:27:17 +04:00
2008-05-08 13:23:38 +04:00
/* finally add the share on the dst server */
2004-08-10 18:27:17 +04:00
2009-08-04 10:28:50 +04:00
printf ( _ ( " migrating: [%s], path: %s, comment: %s, without "
" share-ACLs \n " ) ,
2008-03-10 18:19:25 +03:00
info502 . name , info502 . path , info502 . comment ) ;
info . info502 = & info502 ;
2011-01-12 15:11:41 +03:00
nt_status = dcerpc_srvsvc_NetShareAdd ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
srvsvc_pipe - > desthost ,
2008-03-10 18:19:25 +03:00
502 ,
& info ,
& parm_error ,
& result ) ;
2011-01-12 15:11:41 +03:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
printf ( _ ( " cannot add share: %s \n " ) ,
nt_errstr ( nt_status ) ) ;
goto done ;
}
2008-10-23 17:37:39 +04:00
if ( W_ERROR_V ( result ) = = W_ERROR_V ( WERR_FILE_EXISTS ) ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " [%s] does already exist \n " ) ,
2008-03-10 18:19:25 +03:00
info502 . name ) ;
2004-08-10 18:27:17 +04:00
continue ;
2004-08-21 00:13:05 +04:00
}
2011-01-12 15:11:41 +03:00
if ( ! W_ERROR_IS_OK ( result ) ) {
nt_status = werror_to_ntstatus ( result ) ;
printf ( _ ( " cannot add share: %s \n " ) ,
win_errstr ( result ) ) ;
2004-08-10 18:27:17 +04:00
goto done ;
}
}
nt_status = NT_STATUS_OK ;
done :
2005-09-30 21:13:37 +04:00
if ( cli_dst ) {
2004-08-10 18:27:17 +04:00
cli_shutdown ( cli_dst ) ;
}
return nt_status ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate shares from a RPC server to another .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_share_migrate_shares ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc share migrate shares \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate shares to local server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-08-10 18:27:17 +04:00
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_srvsvc , 0 ,
2004-08-10 18:27:17 +04:00
rpc_share_migrate_shares_internals ,
argc , argv ) ;
}
/**
2008-05-08 13:23:38 +04:00
* Copy a file / dir
2004-08-10 18:27:17 +04:00
*
* @ param f file_info
* @ param mask current search mask
* @ param state arg - pointer
*
* */
2020-10-19 11:09:23 +03:00
static NTSTATUS copy_fn ( struct file_info * f ,
2008-05-10 01:22:12 +04:00
const char * mask , void * state )
2004-08-10 18:27:17 +04:00
{
2005-06-13 01:18:16 +04:00
static NTSTATUS nt_status ;
static struct copy_clistate * local_state ;
static fstring filename , new_mask ;
fstring dir ;
char * old_dir ;
2008-05-10 01:22:12 +04:00
struct net_context * c ;
2005-06-13 01:18:16 +04:00
local_state = ( struct copy_clistate * ) state ;
nt_status = NT_STATUS_UNSUCCESSFUL ;
2008-05-10 01:22:12 +04:00
c = local_state - > c ;
2005-06-15 18:24:11 +04:00
if ( strequal ( f - > name , " . " ) | | strequal ( f - > name , " .. " ) )
2010-10-29 22:56:51 +04:00
return NT_STATUS_OK ;
2004-08-10 18:27:17 +04:00
DEBUG ( 3 , ( " got mask: %s, name: %s \n " , mask , f - > name ) ) ;
/* DIRECTORY */
2020-06-03 20:41:27 +03:00
if ( f - > attr & FILE_ATTRIBUTE_DIRECTORY ) {
2004-08-10 18:27:17 +04:00
DEBUG ( 3 , ( " got dir: %s \n " , f - > name ) ) ;
fstrcpy ( dir , local_state - > cwd ) ;
fstrcat ( dir , " \\ " ) ;
fstrcat ( dir , f - > name ) ;
2005-06-24 03:23:16 +04:00
switch ( net_mode_share )
2005-06-13 01:18:16 +04:00
{
case NET_MODE_SHARE_MIGRATE :
/* create that directory */
2008-05-10 01:22:12 +04:00
nt_status = net_copy_file ( c , local_state - > mem_ctx ,
2005-06-13 01:18:16 +04:00
local_state - > cli_share_src ,
local_state - > cli_share_dst ,
dir , dir ,
2008-05-10 01:22:12 +04:00
c - > opt_acls ? true : false ,
c - > opt_attrs ? true : false ,
c - > opt_timestamps ? true : false ,
false ) ;
2005-06-13 01:18:16 +04:00
break ;
default :
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Unsupported mode %d \n " ) , net_mode_share ) ;
2010-10-29 22:56:51 +04:00
return NT_STATUS_INTERNAL_ERROR ;
2005-06-13 01:18:16 +04:00
}
2004-08-10 18:27:17 +04:00
2010-10-29 22:56:51 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " could not handle dir %s: %s \n " ) ,
2004-08-10 18:27:17 +04:00
dir , nt_errstr ( nt_status ) ) ;
2010-10-29 22:56:51 +04:00
return nt_status ;
}
2004-08-10 18:27:17 +04:00
2005-06-15 18:24:11 +04:00
/* search below that directory */
2012-03-30 04:13:07 +04:00
if ( strlcpy ( new_mask , dir , sizeof ( new_mask ) ) > = sizeof ( new_mask ) ) {
return NT_STATUS_NO_MEMORY ;
}
if ( strlcat ( new_mask , " \\ * " , sizeof ( new_mask ) ) > = sizeof ( new_mask ) ) {
return NT_STATUS_NO_MEMORY ;
}
2005-06-15 18:24:11 +04:00
old_dir = local_state - > cwd ;
local_state - > cwd = dir ;
2010-10-29 22:56:51 +04:00
nt_status = sync_files ( local_state , new_mask ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " could not handle files \n " ) ) ;
2010-10-29 22:56:51 +04:00
}
2005-06-15 18:24:11 +04:00
local_state - > cwd = old_dir ;
2010-10-29 22:56:51 +04:00
return nt_status ;
2004-08-10 18:27:17 +04:00
}
/* FILE */
fstrcpy ( filename , local_state - > cwd ) ;
fstrcat ( filename , " \\ " ) ;
fstrcat ( filename , f - > name ) ;
DEBUG ( 3 , ( " got file: %s \n " , filename ) ) ;
2005-06-24 03:23:16 +04:00
switch ( net_mode_share )
2005-06-13 01:18:16 +04:00
{
case NET_MODE_SHARE_MIGRATE :
2008-05-10 01:22:12 +04:00
nt_status = net_copy_file ( c , local_state - > mem_ctx ,
2008-05-08 13:23:38 +04:00
local_state - > cli_share_src ,
local_state - > cli_share_dst ,
filename , filename ,
2008-05-10 01:22:12 +04:00
c - > opt_acls ? true : false ,
c - > opt_attrs ? true : false ,
c - > opt_timestamps ? true : false ,
true ) ;
2005-06-13 01:18:16 +04:00
break ;
default :
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Unsupported file mode %d \n " ) ,
net_mode_share ) ;
2010-10-29 22:56:51 +04:00
return NT_STATUS_INTERNAL_ERROR ;
2005-06-13 01:18:16 +04:00
}
2004-08-10 18:27:17 +04:00
2008-05-08 13:23:38 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) )
2009-08-04 10:28:50 +04:00
printf ( _ ( " could not handle file %s: %s \n " ) ,
2004-08-10 18:27:17 +04:00
filename , nt_errstr ( nt_status ) ) ;
2010-10-29 22:56:51 +04:00
return nt_status ;
2004-08-10 18:27:17 +04:00
}
/**
2019-10-26 03:41:09 +03:00
* sync files , can be called recursively to list files
2008-05-08 13:23:38 +04:00
* and then call copy_fn for each file
2004-08-10 18:27:17 +04:00
*
2005-06-13 01:18:16 +04:00
* @ param cp_clistate pointer to the copy_clistate we work with
2004-08-10 18:27:17 +04:00
* @ param mask the current search mask
*
* @ return Boolean result
* */
2010-10-29 22:56:51 +04:00
static NTSTATUS sync_files ( struct copy_clistate * cp_clistate , const char * mask )
2004-08-10 18:27:17 +04:00
{
2007-03-09 02:54:57 +03:00
struct cli_state * targetcli ;
2007-11-30 04:25:41 +03:00
char * targetpath = NULL ;
2010-08-02 21:22:22 +04:00
NTSTATUS status ;
2004-08-10 18:27:17 +04:00
DEBUG ( 3 , ( " calling cli_list with mask: %s \n " , mask ) ) ;
2011-07-03 22:53:55 +04:00
status = cli_resolve_path ( talloc_tos ( ) , " " , NULL ,
cp_clistate - > cli_share_src ,
mask , & targetcli , & targetpath ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " cli_resolve_path %s failed with error: "
" %s \n " ) ,
2011-07-07 17:33:43 +04:00
mask , nt_errstr ( status ) ) ;
return status ;
2004-08-10 18:27:17 +04:00
}
2010-08-02 21:22:22 +04:00
status = cli_list ( targetcli , targetpath , cp_clistate - > attribute ,
copy_fn , cp_clistate ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " listing %s failed with error: %s \n " ) ,
2010-08-02 21:22:22 +04:00
mask , nt_errstr ( status ) ) ;
2007-03-09 02:54:57 +03:00
}
2010-10-29 22:56:51 +04:00
return status ;
2004-08-10 18:27:17 +04:00
}
2005-06-15 18:24:11 +04:00
/**
* Set the top level directory permissions before we do any further copies .
* Should set up ACL inheritance .
* */
2008-05-10 01:22:12 +04:00
bool copy_top_level_perms ( struct net_context * c ,
struct copy_clistate * cp_clistate ,
2005-06-15 18:24:11 +04:00
const char * sharename )
{
2005-09-30 21:13:37 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL ;
2005-06-15 18:24:11 +04:00
2005-06-24 03:23:16 +04:00
switch ( net_mode_share ) {
2005-06-15 18:24:11 +04:00
case NET_MODE_SHARE_MIGRATE :
DEBUG ( 3 , ( " calling net_copy_fileattr for '.' directory in share %s \n " , sharename ) ) ;
2008-05-10 01:22:12 +04:00
nt_status = net_copy_fileattr ( c ,
cp_clistate - > mem_ctx ,
2008-05-08 13:23:38 +04:00
cp_clistate - > cli_share_src ,
2005-06-15 18:24:11 +04:00
cp_clistate - > cli_share_dst ,
" \\ " , " \\ " ,
2008-05-10 01:22:12 +04:00
c - > opt_acls ? true : false ,
c - > opt_attrs ? true : false ,
c - > opt_timestamps ? true : false ,
false ) ;
2005-06-15 18:24:11 +04:00
break ;
default :
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Unsupported mode %d \n " ) , net_mode_share ) ;
2005-06-15 18:24:11 +04:00
break ;
}
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2009-08-04 10:28:50 +04:00
printf ( _ ( " Could handle directory attributes for top level "
" directory of share %s. Error %s \n " ) ,
2005-06-15 18:24:11 +04:00
sharename , nt_errstr ( nt_status ) ) ;
2008-05-12 13:53:23 +04:00
return false ;
2005-06-15 18:24:11 +04:00
}
2008-05-12 13:53:23 +04:00
return true ;
2005-06-15 18:24:11 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Sync all files inside a remote share to another share ( over smb ) .
2004-08-10 18:27:17 +04:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2004-08-10 18:27:17 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
* @ return Normal NTSTATUS return .
* */
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_share_migrate_files_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2007-10-11 00:34:30 +04:00
WERROR result ;
2004-08-10 18:27:17 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL ;
2008-03-10 18:19:25 +03:00
struct srvsvc_NetShareInfoCtr ctr_src ;
2015-05-07 03:00:06 +03:00
uint32_t i ;
uint32_t level = 502 ;
2005-06-13 01:18:16 +04:00
struct copy_clistate cp_clistate ;
2008-05-12 13:53:23 +04:00
bool got_src_share = false ;
bool got_dst_share = false ;
2007-12-05 03:35:24 +03:00
const char * mask = " \\ * " ;
2004-08-27 01:37:20 +04:00
char * dst = NULL ;
2008-05-10 01:22:12 +04:00
dst = SMB_STRDUP ( c - > opt_destination ? c - > opt_destination : " 127.0.0.1 " ) ;
2008-05-28 00:56:55 +04:00
if ( dst = = NULL ) {
nt_status = NT_STATUS_NO_MEMORY ;
goto done ;
}
2004-08-10 18:27:17 +04:00
2008-05-10 01:22:12 +04:00
result = get_share_info ( c , pipe_hnd , mem_ctx , level , argc , argv ,
& ctr_src ) ;
2004-08-10 18:27:17 +04:00
2007-10-11 00:34:30 +04:00
if ( ! W_ERROR_IS_OK ( result ) )
2004-08-10 18:27:17 +04:00
goto done ;
2008-03-10 18:19:25 +03:00
for ( i = 0 ; i < ctr_src . ctr . ctr502 - > count ; i + + ) {
2007-10-11 00:34:30 +04:00
2008-03-10 18:19:25 +03:00
struct srvsvc_NetShareInfo502 info502 =
ctr_src . ctr . ctr502 - > array [ i ] ;
2007-10-11 00:34:30 +04:00
2008-05-10 01:22:12 +04:00
if ( ! check_share_sanity ( c , cli , info502 . name , info502 . type ) )
2004-08-10 18:27:17 +04:00
continue ;
2005-06-16 13:36:53 +04:00
/* one might not want to mirror whole discs :) */
2008-03-10 18:19:25 +03:00
if ( strequal ( info502 . name , " print$ " ) | | info502 . name [ 1 ] = = ' $ ' ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " skipping [%s]: builtin/hidden share \n " ) ,
info502 . name ) ;
2004-08-10 18:27:17 +04:00
continue ;
}
2005-06-24 03:23:16 +04:00
switch ( net_mode_share )
2005-06-13 01:18:16 +04:00
{
case NET_MODE_SHARE_MIGRATE :
printf ( " syncing " ) ;
break ;
default :
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Unsupported mode %d \n " ) ,
net_mode_share ) ;
2005-06-13 01:18:16 +04:00
break ;
}
2009-08-04 10:28:50 +04:00
printf ( _ ( " [%s] files and directories %s ACLs, %s DOS "
" Attributes %s \n " ) ,
2008-03-10 18:19:25 +03:00
info502 . name ,
2009-08-04 10:28:50 +04:00
c - > opt_acls ? _ ( " including " ) : _ ( " without " ) ,
c - > opt_attrs ? _ ( " including " ) : _ ( " without " ) ,
c - > opt_timestamps ? _ ( " (preserving timestamps) " ) : " " ) ;
2004-08-10 18:27:17 +04:00
2005-06-13 01:18:16 +04:00
cp_clistate . mem_ctx = mem_ctx ;
cp_clistate . cli_share_src = NULL ;
cp_clistate . cli_share_dst = NULL ;
cp_clistate . cwd = NULL ;
2011-04-29 05:57:02 +04:00
cp_clistate . attribute = FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_DIRECTORY ;
2008-05-10 01:22:12 +04:00
cp_clistate . c = c ;
2004-08-10 18:27:17 +04:00
/* open share source */
2008-05-10 01:22:12 +04:00
nt_status = connect_to_service ( c , & cp_clistate . cli_share_src ,
2012-05-19 19:15:23 +04:00
smbXcli_conn_remote_sockaddr ( cli - > conn ) ,
2012-05-19 19:31:50 +04:00
smbXcli_conn_remote_name ( cli - > conn ) ,
2008-03-10 18:19:25 +03:00
info502 . name , " A: " ) ;
2004-08-10 18:27:17 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) )
goto done ;
2008-05-12 13:53:23 +04:00
got_src_share = true ;
2004-08-10 18:27:17 +04:00
2005-06-24 03:23:16 +04:00
if ( net_mode_share = = NET_MODE_SHARE_MIGRATE ) {
2005-06-13 01:18:16 +04:00
/* open share destination */
2008-05-10 01:22:12 +04:00
nt_status = connect_to_service ( c , & cp_clistate . cli_share_dst ,
2008-03-10 18:19:25 +03:00
NULL , dst , info502 . name , " A: " ) ;
2005-06-13 01:18:16 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) )
goto done ;
2004-08-10 18:27:17 +04:00
2008-05-12 13:53:23 +04:00
got_dst_share = true ;
2005-06-13 01:18:16 +04:00
}
2004-08-10 18:27:17 +04:00
2008-05-10 01:22:12 +04:00
if ( ! copy_top_level_perms ( c , & cp_clistate , info502 . name ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " Could not handle the top level "
" directory permissions for the "
" share: %s \n " ) , info502 . name ) ;
2005-06-15 18:24:11 +04:00
nt_status = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
2004-08-10 18:27:17 +04:00
2010-10-29 22:56:51 +04:00
nt_status = sync_files ( & cp_clistate , mask ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " could not handle files for share: "
" %s \n " ) , info502 . name ) ;
2004-08-10 18:27:17 +04:00
goto done ;
}
}
nt_status = NT_STATUS_OK ;
done :
if ( got_src_share )
2005-06-13 01:18:16 +04:00
cli_shutdown ( cp_clistate . cli_share_src ) ;
2004-08-10 18:27:17 +04:00
if ( got_dst_share )
2005-06-13 01:18:16 +04:00
cli_shutdown ( cp_clistate . cli_share_dst ) ;
2008-05-28 00:56:55 +04:00
SAFE_FREE ( dst ) ;
2004-08-10 18:27:17 +04:00
return nt_status ;
}
2008-05-10 01:22:12 +04:00
static int rpc_share_migrate_files ( struct net_context * c , int argc , const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net share migrate files \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate files to local server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-08-21 00:13:05 +04:00
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_srvsvc , 0 ,
2004-08-10 18:27:17 +04:00
rpc_share_migrate_files_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate share - ACLs from a remote RPC server to the local RPC server .
2005-06-16 13:36:53 +04:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2005-06-16 13:36:53 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2005-06-16 13:36:53 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2005-06-16 13:36:53 +04:00
*
* @ return Normal NTSTATUS return .
* */
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_share_migrate_security_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
const char * * argv )
2005-06-16 13:36:53 +04:00
{
2007-10-11 00:34:30 +04:00
WERROR result ;
2005-06-16 13:36:53 +04:00
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL ;
2008-03-10 18:19:25 +03:00
struct srvsvc_NetShareInfoCtr ctr_src ;
union srvsvc_NetShareInfo info ;
2015-05-07 03:00:06 +03:00
uint32_t i ;
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client * srvsvc_pipe = NULL ;
2005-06-16 13:36:53 +04:00
struct cli_state * cli_dst = NULL ;
2015-05-07 03:00:06 +03:00
uint32_t level = 502 ; /* includes secdesc */
2008-03-10 18:19:25 +03:00
uint32_t parm_error = 0 ;
2011-01-12 15:11:41 +03:00
struct dcerpc_binding_handle * b ;
2005-06-16 13:36:53 +04:00
2008-05-10 01:22:12 +04:00
result = get_share_info ( c , pipe_hnd , mem_ctx , level , argc , argv ,
& ctr_src ) ;
2005-06-16 13:36:53 +04:00
2007-10-11 00:34:30 +04:00
if ( ! W_ERROR_IS_OK ( result ) )
2005-06-16 13:36:53 +04:00
goto done ;
/* connect destination PI_SRVSVC */
2008-07-20 20:44:32 +04:00
nt_status = connect_dst_pipe ( c , & cli_dst , & srvsvc_pipe ,
2013-05-17 18:02:59 +04:00
& ndr_table_srvsvc ) ;
2005-06-16 13:36:53 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) )
return nt_status ;
2011-01-12 15:11:41 +03:00
b = srvsvc_pipe - > binding_handle ;
2005-06-16 13:36:53 +04:00
2008-03-10 18:19:25 +03:00
for ( i = 0 ; i < ctr_src . ctr . ctr502 - > count ; i + + ) {
struct srvsvc_NetShareInfo502 info502 =
ctr_src . ctr . ctr502 - > array [ i ] ;
2007-10-11 00:34:30 +04:00
2005-06-16 13:36:53 +04:00
/* reset error-code */
nt_status = NT_STATUS_UNSUCCESSFUL ;
2008-05-10 01:22:12 +04:00
if ( ! check_share_sanity ( c , cli , info502 . name , info502 . type ) )
2005-06-16 13:36:53 +04:00
continue ;
2009-08-04 10:28:50 +04:00
printf ( _ ( " migrating: [%s], path: %s, comment: %s, including "
" share-ACLs \n " ) ,
2008-03-10 18:19:25 +03:00
info502 . name , info502 . path , info502 . comment ) ;
2005-06-16 13:36:53 +04:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_verbose )
2008-04-01 02:11:55 +04:00
display_sec_desc ( info502 . sd_buf . sd ) ;
2007-10-11 00:34:30 +04:00
/* FIXME: shouldn't we be able to just set the security descriptor ? */
2008-03-10 18:19:25 +03:00
info . info502 = & info502 ;
2007-10-11 00:34:30 +04:00
2005-06-16 13:36:53 +04:00
/* finally modify the share on the dst server */
2011-01-12 15:11:41 +03:00
nt_status = dcerpc_srvsvc_NetShareSetInfo ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
srvsvc_pipe - > desthost ,
2008-03-10 18:19:25 +03:00
info502 . name ,
level ,
& info ,
& parm_error ,
& result ) ;
2011-01-12 15:11:41 +03:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
printf ( _ ( " cannot set share-acl: %s \n " ) ,
nt_errstr ( nt_status ) ) ;
goto done ;
}
if ( ! W_ERROR_IS_OK ( result ) ) {
nt_status = werror_to_ntstatus ( result ) ;
2009-08-04 10:28:50 +04:00
printf ( _ ( " cannot set share-acl: %s \n " ) ,
win_errstr ( result ) ) ;
2005-06-16 13:36:53 +04:00
goto done ;
}
}
nt_status = NT_STATUS_OK ;
done :
2005-09-30 21:13:37 +04:00
if ( cli_dst ) {
2005-06-16 13:36:53 +04:00
cli_shutdown ( cli_dst ) ;
}
return nt_status ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate share - acls from a RPC server to another .
2005-06-16 13:36:53 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2005-06-16 13:36:53 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2005-06-16 13:36:53 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_share_migrate_security ( struct net_context * c , int argc ,
const char * * argv )
2005-06-16 13:36:53 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc share migrate security \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate share-acls to local server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2005-06-16 13:36:53 +04:00
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2005-06-16 13:36:53 +04:00
return - 1 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_srvsvc , 0 ,
2005-06-16 13:36:53 +04:00
rpc_share_migrate_security_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2004-08-21 00:13:05 +04:00
* Migrate shares ( including share - definitions , share - acls and files with acls / attrs )
2008-06-12 12:55:55 +04:00
* from one server to another .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
*
* */
2008-05-10 01:22:12 +04:00
static int rpc_share_migrate_all ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
int ret ;
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc share migrate all \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrates shares including all share settings " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2005-06-16 13:36:53 +04:00
/* order is important. we don't want to be locked out by the share-acl
* before copying files - gd */
2008-05-08 13:23:38 +04:00
2012-01-10 14:53:42 +04:00
ret = run_rpc_command ( c , NULL , & ndr_table_srvsvc , 0 ,
2008-05-10 01:22:12 +04:00
rpc_share_migrate_shares_internals , argc , argv ) ;
2004-08-10 18:27:17 +04:00
if ( ret )
return ret ;
2005-06-16 13:36:53 +04:00
2012-01-10 14:53:42 +04:00
ret = run_rpc_command ( c , NULL , & ndr_table_srvsvc , 0 ,
2008-05-10 01:22:12 +04:00
rpc_share_migrate_files_internals , argc , argv ) ;
2004-08-10 18:27:17 +04:00
if ( ret )
return ret ;
2008-05-08 13:23:38 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_srvsvc , 0 ,
2008-05-10 01:22:12 +04:00
rpc_share_migrate_security_internals , argc ,
argv ) ;
2004-08-10 18:27:17 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2004-08-10 18:27:17 +04:00
* ' net rpc share migrate ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_share_migrate ( struct net_context * c , int argc , const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" all " ,
rpc_share_migrate_all ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate shares from remote to local server " ) ,
N_ ( " net rpc share migrate all \n "
" Migrate shares from remote to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" files " ,
rpc_share_migrate_files ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate files from remote to local server " ) ,
N_ ( " net rpc share migrate files \n "
" Migrate files from remote to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" security " ,
rpc_share_migrate_security ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate share-ACLs from remote to local server " ) ,
N_ ( " net rpc share migrate security \n "
" Migrate share-ACLs from remote to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" shares " ,
rpc_share_migrate_shares ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate shares from remote to local server " ) ,
N_ ( " net rpc share migrate shares \n "
" Migrate shares from remote to local server " )
2008-05-21 12:27:59 +04:00
} ,
{ NULL , NULL , 0 , NULL , NULL }
2004-08-10 18:27:17 +04:00
} ;
2005-06-24 03:23:16 +04:00
net_mode_share = NET_MODE_SHARE_MIGRATE ;
2005-06-13 01:18:16 +04:00
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc share migrate " , func ) ;
2004-08-10 18:27:17 +04:00
}
2004-10-12 15:58:01 +04:00
struct full_alias {
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2015-05-07 03:00:06 +03:00
uint32_t num_members ;
2010-05-21 05:25:01 +04:00
struct dom_sid * members ;
2004-10-12 15:58:01 +04:00
} ;
static int num_server_aliases ;
static struct full_alias * server_aliases ;
/*
* Add an alias to the static list .
*/
2015-08-04 12:18:34 +03:00
static void push_alias ( struct full_alias * alias )
2004-10-12 15:58:01 +04:00
{
2015-08-04 12:18:34 +03:00
size_t array_size ;
if ( server_aliases = = NULL ) {
server_aliases = talloc_array ( NULL , struct full_alias , 100 ) ;
if ( server_aliases = = NULL ) {
smb_panic ( " talloc_array failed " ) ;
}
}
array_size = talloc_array_length ( server_aliases ) ;
if ( array_size = = num_server_aliases ) {
server_aliases = talloc_realloc ( NULL , server_aliases ,
struct full_alias , array_size + 100 ) ;
if ( server_aliases = = NULL ) {
smb_panic ( " talloc_realloc failed " ) ;
}
}
2004-10-12 15:58:01 +04:00
server_aliases [ num_server_aliases ] = * alias ;
num_server_aliases + = 1 ;
}
/*
* For a specific domain on the server , fetch all the aliases
* and their members . Add all of them to the server_aliases .
*/
2005-09-30 21:13:37 +04:00
static NTSTATUS rpc_fetch_domain_aliases ( struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
2009-03-19 00:49:41 +03:00
struct policy_handle * connect_pol ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid )
2004-10-12 15:58:01 +04:00
{
2015-05-07 03:00:06 +03:00
uint32_t start_idx , max_entries , num_entries , i ;
2008-02-12 13:09:23 +03:00
struct samr_SamArray * groups = NULL ;
2011-01-18 14:04:56 +03:00
NTSTATUS result , status ;
2009-03-19 00:49:41 +03:00
struct policy_handle domain_pol ;
2011-01-18 14:04:56 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-10-12 15:58:01 +04:00
/* Get domain policy handle */
2008-02-01 13:12:05 +03:00
2011-01-18 14:04:56 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , domain_sid ) ,
2011-01-18 14:04:56 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2004-10-12 15:58:01 +04:00
return result ;
2011-01-18 14:04:56 +03:00
}
2004-10-12 15:58:01 +04:00
start_idx = 0 ;
max_entries = 250 ;
do {
2011-01-18 14:04:56 +03:00
status = dcerpc_samr_EnumDomainAliases ( b , mem_ctx ,
2008-02-12 13:09:23 +03:00
& domain_pol ,
& start_idx ,
& groups ,
max_entries ,
2011-01-18 14:04:56 +03:00
& num_entries ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2004-10-12 15:58:01 +04:00
for ( i = 0 ; i < num_entries ; i + + ) {
2009-03-19 00:49:41 +03:00
struct policy_handle alias_pol ;
2004-10-12 15:58:01 +04:00
struct full_alias alias ;
2008-02-05 03:18:56 +03:00
struct lsa_SidArray sid_array ;
2004-10-12 15:58:01 +04:00
int j ;
2011-01-18 14:04:56 +03:00
NTSTATUS _result ;
2004-10-12 15:58:01 +04:00
2011-01-18 14:04:56 +03:00
status = dcerpc_samr_OpenAlias ( b , mem_ctx ,
2008-02-01 13:38:29 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2008-02-12 13:09:23 +03:00
groups - > entries [ i ] . idx ,
2011-01-18 14:04:56 +03:00
& alias_pol ,
& _result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-10-12 15:58:01 +04:00
goto done ;
2011-01-18 14:04:56 +03:00
}
if ( ! NT_STATUS_IS_OK ( _result ) ) {
status = _result ;
goto done ;
}
2004-10-12 15:58:01 +04:00
2011-01-18 14:04:56 +03:00
status = dcerpc_samr_GetMembersInAlias ( b , mem_ctx ,
2008-02-05 03:18:56 +03:00
& alias_pol ,
2011-01-18 14:04:56 +03:00
& sid_array ,
& _result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
if ( ! NT_STATUS_IS_OK ( _result ) ) {
status = _result ;
2004-10-12 15:58:01 +04:00
goto done ;
2011-01-18 14:04:56 +03:00
}
2004-10-12 15:58:01 +04:00
2008-02-05 03:18:56 +03:00
alias . num_members = sid_array . num_sids ;
2011-01-18 14:04:56 +03:00
status = dcerpc_samr_Close ( b , mem_ctx , & alias_pol , & _result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
if ( ! NT_STATUS_IS_OK ( _result ) ) {
status = _result ;
2004-10-12 15:58:01 +04:00
goto done ;
2011-01-18 14:04:56 +03:00
}
2004-10-12 15:58:01 +04:00
alias . members = NULL ;
if ( alias . num_members > 0 ) {
2010-05-21 05:25:01 +04:00
alias . members = SMB_MALLOC_ARRAY ( struct dom_sid , alias . num_members ) ;
2019-02-04 19:23:05 +03:00
if ( alias . members = = NULL ) {
status = NT_STATUS_NO_MEMORY ;
goto done ;
}
2004-10-12 15:58:01 +04:00
for ( j = 0 ; j < alias . num_members ; j + + )
sid_copy ( & alias . members [ j ] ,
2008-02-05 03:18:56 +03:00
sid_array . sids [ j ] . sid ) ;
2004-10-12 15:58:01 +04:00
}
2010-01-10 19:39:27 +03:00
sid_compose ( & alias . sid , domain_sid ,
groups - > entries [ i ] . idx ) ;
2004-10-12 15:58:01 +04:00
2015-08-04 12:18:34 +03:00
push_alias ( & alias ) ;
2004-10-12 15:58:01 +04:00
}
} while ( NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) ) ;
2011-01-18 14:04:56 +03:00
status = NT_STATUS_OK ;
2004-10-12 15:58:01 +04:00
done :
2011-01-18 14:04:56 +03:00
dcerpc_samr_Close ( b , mem_ctx , & domain_pol , & result ) ;
2004-10-12 15:58:01 +04:00
2011-01-18 14:04:56 +03:00
return status ;
2004-10-12 15:58:01 +04:00
}
/*
* Dump server_aliases as names for debugging purposes .
*/
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_aliaslist_dump ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2005-09-30 21:13:37 +04:00
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
const char * * argv )
2004-10-12 15:58:01 +04:00
{
2021-07-25 11:22:37 +03:00
uint32_t i ;
2004-10-12 15:58:01 +04:00
NTSTATUS result ;
2009-03-19 00:49:41 +03:00
struct policy_handle lsa_pol ;
2011-01-18 19:25:02 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-10-12 15:58:01 +04:00
2008-05-12 13:53:23 +04:00
result = rpccli_lsa_open_policy ( pipe_hnd , mem_ctx , true ,
2009-04-15 03:12:13 +04:00
SEC_FLAG_MAXIMUM_ALLOWED ,
2004-10-12 15:58:01 +04:00
& lsa_pol ) ;
if ( ! NT_STATUS_IS_OK ( result ) )
return result ;
for ( i = 0 ; i < num_server_aliases ; i + + ) {
char * * names ;
char * * domains ;
2006-09-08 18:28:06 +04:00
enum lsa_SidType * types ;
2004-10-12 15:58:01 +04:00
int j ;
struct full_alias * alias = & server_aliases [ i ] ;
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_lookup_sids ( pipe_hnd , mem_ctx , & lsa_pol , 1 ,
2004-10-12 15:58:01 +04:00
& alias - > sid ,
& domains , & names , & types ) ;
if ( ! NT_STATUS_IS_OK ( result ) )
continue ;
DEBUG ( 1 , ( " %s \\ %s %d: " , domains [ 0 ] , names [ 0 ] , types [ 0 ] ) ) ;
if ( alias - > num_members = = 0 ) {
DEBUG ( 1 , ( " \n " ) ) ;
continue ;
}
2005-09-30 21:13:37 +04:00
result = rpccli_lsa_lookup_sids ( pipe_hnd , mem_ctx , & lsa_pol ,
2004-10-12 15:58:01 +04:00
alias - > num_members ,
alias - > members ,
& domains , & names , & types ) ;
if ( ! NT_STATUS_IS_OK ( result ) & &
! NT_STATUS_EQUAL ( result , STATUS_SOME_UNMAPPED ) )
continue ;
for ( j = 0 ; j < alias - > num_members ; j + + )
DEBUG ( 1 , ( " %s \\ %s (%d); " ,
2011-08-21 20:37:10 +04:00
domains [ j ] ? domains [ j ] : " *unknown* " ,
2004-10-12 15:58:01 +04:00
names [ j ] ? names [ j ] : " *unknown* " , types [ j ] ) ) ;
DEBUG ( 1 , ( " \n " ) ) ;
}
2011-01-18 19:25:02 +03:00
dcerpc_lsa_Close ( b , mem_ctx , & lsa_pol , & result ) ;
2004-10-12 15:58:01 +04:00
return NT_STATUS_OK ;
}
/*
* Fetch a list of all server aliases and their members into
* server_aliases .
*/
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_aliaslist_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2005-09-30 21:13:37 +04:00
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
const char * * argv )
2004-10-12 15:58:01 +04:00
{
2011-01-18 14:05:38 +03:00
NTSTATUS result , status ;
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol ;
2011-01-18 14:05:38 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-10-12 15:58:01 +04:00
2011-01-18 14:05:38 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 14:05:38 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-10-12 15:58:01 +04:00
goto done ;
2011-01-18 14:05:38 +03:00
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
status = result ;
goto done ;
}
2008-05-08 13:23:38 +04:00
2011-01-18 14:05:38 +03:00
status = rpc_fetch_domain_aliases ( pipe_hnd , mem_ctx , & connect_pol ,
2004-10-12 15:58:01 +04:00
& global_sid_Builtin ) ;
2011-01-18 14:05:38 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-10-12 15:58:01 +04:00
goto done ;
2011-01-18 14:05:38 +03:00
}
2008-05-08 13:23:38 +04:00
2011-01-18 14:05:38 +03:00
status = rpc_fetch_domain_aliases ( pipe_hnd , mem_ctx , & connect_pol ,
2004-10-12 15:58:01 +04:00
domain_sid ) ;
2011-01-18 14:05:38 +03:00
dcerpc_samr_Close ( b , mem_ctx , & connect_pol , & result ) ;
2004-10-12 15:58:01 +04:00
done :
2011-01-18 14:05:38 +03:00
return status ;
2004-10-12 15:58:01 +04:00
}
2023-09-26 23:35:19 +03:00
struct user_token {
fstring name ;
struct security_token * token ;
} ;
2023-09-26 22:39:04 +03:00
static void add_sid_to_token ( struct security_token * token , const struct dom_sid * sid )
2004-10-12 15:58:01 +04:00
{
2023-09-26 22:39:04 +03:00
NTSTATUS status = add_sid_to_array_unique ( token , sid ,
& token - > sids , & token - > num_sids ) ;
/*
* This is both very unlikely and mostly harmless in a command
* line tool
*/
SMB_ASSERT ( NT_STATUS_IS_OK ( status ) ) ;
2004-10-12 15:58:01 +04:00
}
2023-09-26 23:35:19 +03:00
static void init_user_token ( struct user_token * token_list ,
struct security_token * * token ,
struct dom_sid * user_sid )
2004-10-12 15:58:01 +04:00
{
2023-09-26 22:39:04 +03:00
/*
* This token is not from the auth stack , only has user SIDs
* and must fail if conditional ACEs are found in the security
* descriptor
*/
2023-09-26 23:35:19 +03:00
* token = security_token_initialise ( token_list , CLAIMS_EVALUATION_INVALID_STATE ) ;
2023-09-26 22:39:04 +03:00
SMB_ASSERT ( * token ) ;
2004-10-12 15:58:01 +04:00
2023-09-26 22:39:04 +03:00
add_sid_to_token ( * token ,
user_sid ) ;
2004-10-12 15:58:01 +04:00
2023-09-26 22:39:04 +03:00
add_sid_to_token ( * token ,
& global_sid_World ) ;
2004-10-12 15:58:01 +04:00
2023-09-26 22:39:04 +03:00
add_sid_to_token ( * token ,
& global_sid_Network ) ;
2004-10-12 15:58:01 +04:00
2023-09-26 22:39:04 +03:00
add_sid_to_token ( * token ,
& global_sid_Authenticated_Users ) ;
2004-10-12 15:58:01 +04:00
}
static void dump_user_token ( struct user_token * token )
{
2021-07-25 11:22:37 +03:00
uint32_t i ;
2004-10-12 15:58:01 +04:00
d_printf ( " %s \n " , token - > name ) ;
2023-09-26 22:39:04 +03:00
for ( i = 0 ; i < token - > token - > num_sids ; i + + ) {
2018-12-08 17:05:53 +03:00
struct dom_sid_buf buf ;
d_printf ( " %s \n " ,
2023-09-26 22:39:04 +03:00
dom_sid_str_buf ( & token - > token - > sids [ i ] , & buf ) ) ;
2004-10-12 15:58:01 +04:00
}
}
2010-05-21 05:25:01 +04:00
static bool is_alias_member ( struct dom_sid * sid , struct full_alias * alias )
2004-10-12 15:58:01 +04:00
{
2021-07-25 11:22:37 +03:00
uint32_t i ;
2004-10-12 15:58:01 +04:00
for ( i = 0 ; i < alias - > num_members ; i + + ) {
2018-12-06 19:43:05 +03:00
if ( dom_sid_equal ( sid , & alias - > members [ i ] ) ) {
2008-05-12 13:53:23 +04:00
return true ;
2018-12-06 19:43:05 +03:00
}
2004-10-12 15:58:01 +04:00
}
2008-05-12 13:53:23 +04:00
return false ;
2004-10-12 15:58:01 +04:00
}
2010-08-26 16:08:22 +04:00
static void collect_sid_memberships ( struct security_token * token , struct dom_sid sid )
2004-10-12 15:58:01 +04:00
{
int i ;
for ( i = 0 ; i < num_server_aliases ; i + + ) {
if ( is_alias_member ( & sid , & server_aliases [ i ] ) )
add_sid_to_token ( token , & server_aliases [ i ] . sid ) ;
}
}
/*
* We got a user token with all the SIDs we can know about without asking the
* server directly . These are the user and domain group sids . All of these can
* be members of aliases . So scan the list of aliases for each of the SIDs and
* add them to the token .
*/
2010-08-26 16:08:22 +04:00
static void collect_alias_memberships ( struct security_token * token )
2004-10-12 15:58:01 +04:00
{
int num_global_sids = token - > num_sids ;
int i ;
for ( i = 0 ; i < num_global_sids ; i + + ) {
2010-08-31 03:32:52 +04:00
collect_sid_memberships ( token , token - > sids [ i ] ) ;
2004-10-12 15:58:01 +04:00
}
}
2023-09-26 23:35:19 +03:00
static bool get_user_sids ( const char * domain , const char * user ,
struct user_token * token_list ,
struct security_token * * token )
2004-10-12 15:58:01 +04:00
{
2008-04-02 10:03:11 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
enum wbcSidType type ;
2004-10-12 15:58:01 +04:00
fstring full_name ;
2008-04-02 10:03:11 +04:00
struct wbcDomainSid wsid ;
2011-03-04 07:53:10 +03:00
char sid_str [ WBC_SID_STRING_BUFLEN ] ;
2010-05-21 05:25:01 +04:00
struct dom_sid user_sid ;
2008-04-02 10:03:11 +04:00
uint32_t num_groups ;
gid_t * groups = NULL ;
uint32_t i ;
2004-10-12 15:58:01 +04:00
fstr_sprintf ( full_name , " %s%c%s " ,
domain , * lp_winbind_separator ( ) , user ) ;
/* First let's find out the user sid */
2008-04-02 10:03:11 +04:00
wbc_status = wbcLookupName ( domain , user , & wsid , & type ) ;
2004-10-12 15:58:01 +04:00
2008-04-02 10:03:11 +04:00
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
DEBUG ( 1 , ( " winbind could not find %s: %s \n " ,
full_name , wbcErrorString ( wbc_status ) ) ) ;
return false ;
}
2004-10-12 15:58:01 +04:00
2011-03-04 07:53:10 +03:00
wbcSidToStringBuf ( & wsid , sid_str , sizeof ( sid_str ) ) ;
2004-10-12 15:58:01 +04:00
2010-12-16 14:40:47 +03:00
if ( type ! = WBC_SID_NAME_USER ) {
2004-10-12 15:58:01 +04:00
DEBUG ( 1 , ( " %s is not a user \n " , full_name ) ) ;
2008-04-02 10:03:11 +04:00
return false ;
2004-10-12 15:58:01 +04:00
}
2009-01-20 02:09:51 +03:00
if ( ! string_to_sid ( & user_sid , sid_str ) ) {
DEBUG ( 1 , ( " Could not convert sid %s from string \n " , sid_str ) ) ;
return false ;
}
2023-09-26 23:35:19 +03:00
init_user_token ( token_list , token , & user_sid ) ;
2004-10-12 15:58:01 +04:00
/* And now the groups winbind knows about */
2008-04-02 10:03:11 +04:00
wbc_status = wbcGetGroups ( full_name , & num_groups , & groups ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
DEBUG ( 1 , ( " winbind could not get groups of %s: %s \n " ,
full_name , wbcErrorString ( wbc_status ) ) ) ;
return false ;
2004-10-12 15:58:01 +04:00
}
2008-04-02 10:03:11 +04:00
for ( i = 0 ; i < num_groups ; i + + ) {
gid_t gid = groups [ i ] ;
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2012-12-10 20:39:03 +04:00
bool ok ;
2004-10-12 15:58:01 +04:00
2008-04-02 10:03:11 +04:00
wbc_status = wbcGidToSid ( gid , & wsid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2009-05-12 08:56:57 +04:00
DEBUG ( 1 , ( " winbind could not find SID of gid %u: %s \n " ,
( unsigned int ) gid , wbcErrorString ( wbc_status ) ) ) ;
2008-04-02 10:03:11 +04:00
wbcFreeMemory ( groups ) ;
return false ;
}
2004-10-12 15:58:01 +04:00
2011-03-04 07:53:10 +03:00
wbcSidToStringBuf ( & wsid , sid_str , sizeof ( sid_str ) ) ;
2004-10-12 15:58:01 +04:00
2008-04-02 10:03:11 +04:00
DEBUG ( 3 , ( " %s \n " , sid_str ) ) ;
2012-12-10 20:39:03 +04:00
ok = string_to_sid ( & sid , sid_str ) ;
if ( ! ok ) {
DEBUG ( 1 , ( " Failed to convert string to SID \n " ) ) ;
wbcFreeMemory ( groups ) ;
return false ;
}
2023-09-26 22:39:04 +03:00
add_sid_to_token ( * token , & sid ) ;
2004-10-12 15:58:01 +04:00
}
2008-04-02 10:03:11 +04:00
wbcFreeMemory ( groups ) ;
2004-10-12 15:58:01 +04:00
2008-04-02 10:03:11 +04:00
return true ;
2004-10-12 15:58:01 +04:00
}
2008-05-08 13:23:38 +04:00
2004-10-12 15:58:01 +04:00
/**
* Get a list of all user tokens we want to look at
* */
2005-09-30 21:13:37 +04:00
2008-05-10 01:22:12 +04:00
static bool get_user_tokens ( struct net_context * c , int * num_tokens ,
struct user_token * * user_tokens )
2004-10-12 15:58:01 +04:00
{
2008-04-02 10:02:02 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
uint32_t i , num_users ;
const char * * users ;
2004-10-12 15:58:01 +04:00
struct user_token * result ;
2007-12-08 04:32:32 +03:00
TALLOC_CTX * frame = NULL ;
2004-10-12 15:58:01 +04:00
2005-05-18 15:57:53 +04:00
if ( lp_winbind_use_default_domain ( ) & &
2008-05-10 01:22:12 +04:00
( c - > opt_target_workgroup = = NULL ) ) {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " winbind use default domain = yes set, "
" please specify a workgroup \n " ) ) ;
2008-04-02 10:02:02 +04:00
return false ;
2005-05-18 15:57:53 +04:00
}
2004-10-12 15:58:01 +04:00
/* Send request to winbind daemon */
2008-04-02 10:02:02 +04:00
wbc_status = wbcListUsers ( NULL , & num_users , & users ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2009-08-04 10:28:50 +04:00
DEBUG ( 1 , ( _ ( " winbind could not list users: %s \n " ) ,
2008-04-02 10:02:02 +04:00
wbcErrorString ( wbc_status ) ) ) ;
return false ;
2004-10-12 15:58:01 +04:00
}
2023-09-26 23:35:19 +03:00
result = talloc_zero_array ( NULL , struct user_token , num_users ) ;
2004-10-12 15:58:01 +04:00
if ( result = = NULL ) {
2023-09-26 23:35:19 +03:00
DBG_ERR ( " Could not talloc token array \n " ) ;
2008-04-02 10:02:02 +04:00
wbcFreeMemory ( users ) ;
return false ;
2004-10-12 15:58:01 +04:00
}
2008-04-02 10:02:02 +04:00
frame = talloc_stackframe ( ) ;
for ( i = 0 ; i < num_users ; i + + ) {
2004-10-12 15:58:01 +04:00
fstring domain , user ;
char * p ;
2008-04-02 10:02:02 +04:00
fstrcpy ( result [ i ] . name , users [ i ] ) ;
2004-10-12 15:58:01 +04:00
2008-04-02 10:02:02 +04:00
p = strchr ( users [ i ] , * lp_winbind_separator ( ) ) ;
2004-10-12 15:58:01 +04:00
2008-04-02 10:02:02 +04:00
DEBUG ( 3 , ( " %s \n " , users [ i ] ) ) ;
2004-10-12 15:58:01 +04:00
2005-05-18 15:57:53 +04:00
if ( p = = NULL ) {
2008-05-10 01:22:12 +04:00
fstrcpy ( domain , c - > opt_target_workgroup ) ;
2008-04-02 10:02:02 +04:00
fstrcpy ( user , users [ i ] ) ;
2005-05-18 15:57:53 +04:00
} else {
* p + + = ' \0 ' ;
2008-04-02 10:02:02 +04:00
fstrcpy ( domain , users [ i ] ) ;
2012-08-09 02:35:28 +04:00
if ( ! strupper_m ( domain ) ) {
DEBUG ( 1 , ( " strupper_m %s failed \n " , domain ) ) ;
wbcFreeMemory ( users ) ;
return false ;
}
2005-05-18 15:57:53 +04:00
fstrcpy ( user , p ) ;
}
2004-10-12 15:58:01 +04:00
2023-09-26 23:35:19 +03:00
get_user_sids ( domain , user , result , & ( result [ i ] . token ) ) ;
2004-10-12 15:58:01 +04:00
}
2007-12-08 04:32:32 +03:00
TALLOC_FREE ( frame ) ;
2008-04-02 10:02:02 +04:00
wbcFreeMemory ( users ) ;
2004-10-12 15:58:01 +04:00
2008-04-02 10:02:02 +04:00
* num_tokens = num_users ;
2004-10-12 15:58:01 +04:00
* user_tokens = result ;
2008-04-02 10:02:02 +04:00
return true ;
2004-10-12 15:58:01 +04:00
}
2007-10-19 04:40:25 +04:00
static bool get_user_tokens_from_file ( FILE * f ,
2004-10-12 15:58:01 +04:00
int * num_tokens ,
struct user_token * * tokens )
{
struct user_token * token = NULL ;
while ( ! feof ( f ) ) {
fstring line ;
if ( fgets ( line , sizeof ( line ) - 1 , f ) = = NULL ) {
2008-05-12 13:53:23 +04:00
return true ;
2004-10-12 15:58:01 +04:00
}
2009-11-30 23:48:33 +03:00
if ( ( strlen ( line ) > 0 ) & & ( line [ strlen ( line ) - 1 ] = = ' \n ' ) ) {
2004-10-12 15:58:01 +04:00
line [ strlen ( line ) - 1 ] = ' \0 ' ;
2009-11-30 23:48:33 +03:00
}
2004-10-12 15:58:01 +04:00
if ( line [ 0 ] = = ' ' ) {
/* We have a SID */
2010-05-21 05:25:01 +04:00
struct dom_sid sid ;
2009-01-20 02:09:51 +03:00
if ( ! string_to_sid ( & sid , & line [ 1 ] ) ) {
DEBUG ( 1 , ( " get_user_tokens_from_file: Could "
" not convert sid %s \n " , & line [ 1 ] ) ) ;
return false ;
}
2004-10-12 15:58:01 +04:00
if ( token = = NULL ) {
2023-08-07 07:51:02 +03:00
DEBUG ( 0 , ( " File does not begin with username \n " ) ) ;
2008-05-12 13:53:23 +04:00
return false ;
2004-10-12 15:58:01 +04:00
}
2023-09-26 22:39:04 +03:00
add_sid_to_token ( token - > token , & sid ) ;
2004-10-12 15:58:01 +04:00
continue ;
}
/* And a new user... */
* num_tokens + = 1 ;
2023-09-26 23:35:19 +03:00
* tokens = talloc_realloc ( NULL ,
* tokens ,
struct user_token ,
* num_tokens ) ;
2004-10-12 15:58:01 +04:00
if ( * tokens = = NULL ) {
2023-09-26 23:35:19 +03:00
DBG_ERR ( " Could not talloc_realloc tokens \n " ) ;
2008-05-12 13:53:23 +04:00
return false ;
2004-10-12 15:58:01 +04:00
}
token = & ( ( * tokens ) [ * num_tokens - 1 ] ) ;
2012-03-30 04:13:07 +04:00
if ( strlcpy ( token - > name , line , sizeof ( token - > name ) ) > = sizeof ( token - > name ) ) {
return false ;
}
2023-09-26 22:39:04 +03:00
token - > token
2023-09-26 23:35:19 +03:00
= security_token_initialise ( * tokens ,
2023-09-26 22:39:04 +03:00
CLAIMS_EVALUATION_INVALID_STATE ) ;
if ( token - > token = = NULL ) {
DBG_ERR ( " security_token_initialise() failed: "
" Could not allocate security_token with \n " ) ;
return false ;
}
2004-10-12 15:58:01 +04:00
continue ;
}
2011-08-21 20:37:10 +04:00
2008-05-12 13:53:23 +04:00
return false ;
2004-10-12 15:58:01 +04:00
}
/*
* Show the list of all users that have access to a share
*/
2005-09-30 21:13:37 +04:00
static void show_userlist ( struct rpc_pipe_client * pipe_hnd ,
2013-09-13 13:11:55 +04:00
struct cli_state * cli ,
TALLOC_CTX * mem_ctx ,
const char * netname ,
int num_tokens ,
struct user_token * tokens )
2004-10-12 15:58:01 +04:00
{
2009-05-01 02:26:43 +04:00
uint16_t fnum ;
2010-05-18 12:29:34 +04:00
struct security_descriptor * share_sd = NULL ;
struct security_descriptor * root_sd = NULL ;
2004-10-12 15:58:01 +04:00
int i ;
2008-03-10 07:17:09 +03:00
union srvsvc_NetShareInfo info ;
2007-10-11 00:34:30 +04:00
WERROR result ;
2008-03-10 07:17:09 +03:00
NTSTATUS status ;
2017-06-14 02:56:48 +03:00
struct smbXcli_tcon * orig_tcon = NULL ;
2022-08-24 03:34:43 +03:00
char * orig_share = NULL ;
2011-01-12 15:11:41 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-10-12 15:58:01 +04:00
2011-01-12 15:11:41 +03:00
status = dcerpc_srvsvc_NetShareGetInfo ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-03-10 07:17:09 +03:00
netname ,
502 ,
& info ,
& result ) ;
2004-10-12 15:58:01 +04:00
2008-03-10 07:17:09 +03:00
if ( ! NT_STATUS_IS_OK ( status ) | | ! W_ERROR_IS_OK ( result ) ) {
2017-02-17 22:52:38 +03:00
DEBUG ( 1 , ( " Could not query secdesc for share %s \n " ,
2004-10-12 15:58:01 +04:00
netname ) ) ;
return ;
}
2008-04-01 02:11:55 +04:00
share_sd = info . info502 - > sd_buf . sd ;
2004-10-12 15:58:01 +04:00
if ( share_sd = = NULL ) {
DEBUG ( 1 , ( " Got no secdesc for share %s \n " ,
netname ) ) ;
}
2017-06-14 02:56:48 +03:00
if ( cli_state_has_tcon ( cli ) ) {
2022-08-24 03:34:43 +03:00
cli_state_save_tcon_share ( cli , & orig_tcon , & orig_share ) ;
2017-06-14 02:56:48 +03:00
}
2004-10-12 15:58:01 +04:00
2016-12-08 09:13:57 +03:00
if ( ! NT_STATUS_IS_OK ( cli_tree_connect ( cli , netname , " A: " , NULL ) ) ) {
2022-08-24 03:34:43 +03:00
cli_state_restore_tcon_share ( cli , orig_tcon , orig_share ) ;
2004-10-12 15:58:01 +04:00
return ;
}
2009-05-01 02:26:43 +04:00
if ( ! NT_STATUS_IS_OK ( cli_ntcreate ( cli , " \\ " , 0 , READ_CONTROL_ACCESS , 0 ,
2014-05-09 07:55:57 +04:00
FILE_SHARE_READ | FILE_SHARE_WRITE ,
FILE_OPEN , 0x0 , 0x0 , & fnum , NULL ) ) ) {
2011-07-22 19:07:30 +04:00
cli_query_secdesc ( cli , fnum , mem_ctx , & root_sd ) ;
2004-10-12 15:58:01 +04:00
}
for ( i = 0 ; i < num_tokens ; i + + ) {
2015-05-07 03:00:06 +03:00
uint32_t acc_granted ;
2004-10-12 15:58:01 +04:00
if ( share_sd ! = NULL ) {
2023-09-26 22:39:04 +03:00
status = se_access_check ( share_sd , tokens [ i ] . token ,
2008-10-31 20:51:45 +03:00
1 , & acc_granted ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-10-12 15:58:01 +04:00
DEBUG ( 1 , ( " Could not check share_sd for "
" user %s \n " ,
tokens [ i ] . name ) ) ;
continue ;
}
}
if ( root_sd = = NULL ) {
d_printf ( " %s \n " , tokens [ i ] . name ) ;
continue ;
}
2023-09-26 22:39:04 +03:00
status = se_access_check ( root_sd , tokens [ i ] . token ,
1 , & acc_granted ) ;
2008-10-31 20:51:45 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2004-10-12 15:58:01 +04:00
DEBUG ( 1 , ( " Could not check root_sd for user %s \n " ,
tokens [ i ] . name ) ) ;
continue ;
}
d_printf ( " %s \n " , tokens [ i ] . name ) ;
}
2009-05-04 00:45:42 +04:00
if ( fnum ! = ( uint16_t ) - 1 )
2004-10-12 15:58:01 +04:00
cli_close ( cli , fnum ) ;
cli_tdis ( cli ) ;
2022-08-24 03:34:43 +03:00
cli_state_restore_tcon_share ( cli , orig_tcon , orig_share ) ;
2011-08-21 20:37:10 +04:00
2004-10-12 15:58:01 +04:00
return ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* List shares on a remote RPC server , including the security descriptors .
2004-10-12 15:58:01 +04:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2004-10-12 15:58:01 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param domain_sid The domain sid acquired from the remote server .
2004-10-12 15:58:01 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-10-12 15:58:01 +04:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_share_allowedusers_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2005-09-30 21:13:37 +04:00
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2004-10-12 15:58:01 +04:00
{
2007-10-19 04:40:25 +04:00
bool r ;
2004-10-12 15:58:01 +04:00
FILE * f ;
2012-10-01 08:16:18 +04:00
NTSTATUS nt_status = NT_STATUS_OK ;
uint32_t total_entries = 0 ;
uint32_t resume_handle = 0 ;
uint32_t preferred_len = 0xffffffff ;
uint32_t i ;
struct dcerpc_binding_handle * b = NULL ;
struct srvsvc_NetShareInfoCtr info_ctr ;
struct srvsvc_NetShareCtr1 ctr1 ;
WERROR result ;
2004-10-12 15:58:01 +04:00
struct user_token * tokens = NULL ;
int num_tokens = 0 ;
if ( argc = = 0 ) {
f = stdin ;
} else {
2018-05-01 05:37:08 +03:00
if ( strequal ( argv [ 0 ] , " - " ) ) {
f = stdin ;
} else {
f = fopen ( argv [ 0 ] , " r " ) ;
}
argv + + ;
argc - - ;
2004-10-12 15:58:01 +04:00
}
if ( f = = NULL ) {
DEBUG ( 0 , ( " Could not open userlist: %s \n " , strerror ( errno ) ) ) ;
return NT_STATUS_UNSUCCESSFUL ;
}
r = get_user_tokens_from_file ( f , & num_tokens , & tokens ) ;
if ( f ! = stdin )
fclose ( f ) ;
if ( ! r ) {
DEBUG ( 0 , ( " Could not read users from file \n " ) ) ;
return NT_STATUS_UNSUCCESSFUL ;
}
for ( i = 0 ; i < num_tokens ; i + + )
2023-09-26 22:39:04 +03:00
collect_alias_memberships ( tokens [ i ] . token ) ;
2004-10-12 15:58:01 +04:00
2012-10-01 08:16:18 +04:00
ZERO_STRUCT ( info_ctr ) ;
ZERO_STRUCT ( ctr1 ) ;
info_ctr . level = 1 ;
info_ctr . ctr . ctr1 = & ctr1 ;
b = pipe_hnd - > binding_handle ;
2018-05-01 05:37:08 +03:00
if ( argc ! = 0 ) {
/* Show results only for shares listed on the command line. */
while ( * argv ) {
const char * netname = * argv + + ;
d_printf ( " %s \n " , netname ) ;
show_userlist ( pipe_hnd , cli , mem_ctx , netname ,
num_tokens , tokens ) ;
}
goto done ;
}
2012-10-01 08:16:18 +04:00
/* Issue the NetShareEnum RPC call and retrieve the response */
nt_status = dcerpc_srvsvc_NetShareEnumAll ( b ,
talloc_tos ( ) ,
pipe_hnd - > desthost ,
& info_ctr ,
preferred_len ,
& total_entries ,
& resume_handle ,
& result ) ;
/* Was it successful? */
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
/* Nope. Go clean up. */
goto done ;
}
2004-10-12 15:58:01 +04:00
2012-10-01 08:16:18 +04:00
if ( ! W_ERROR_IS_OK ( result ) ) {
/* Nope. Go clean up. */
nt_status = werror_to_ntstatus ( result ) ;
goto done ;
}
2004-10-12 15:58:01 +04:00
2012-10-01 08:16:18 +04:00
if ( total_entries = = 0 ) {
2004-10-12 15:58:01 +04:00
goto done ;
}
2012-10-01 08:16:18 +04:00
/* For each returned entry... */
for ( i = 0 ; i < info_ctr . ctr . ctr1 - > count ; i + + ) {
const char * netname = info_ctr . ctr . ctr1 - > array [ i ] . name ;
2004-10-12 15:58:01 +04:00
2012-10-01 08:16:18 +04:00
if ( info_ctr . ctr . ctr1 - > array [ i ] . type ! = STYPE_DISKTREE ) {
2004-10-12 15:58:01 +04:00
continue ;
2012-10-01 08:16:18 +04:00
}
2004-10-12 15:58:01 +04:00
d_printf ( " %s \n " , netname ) ;
2013-09-13 13:11:55 +04:00
show_userlist ( pipe_hnd , cli , mem_ctx , netname ,
2004-10-12 15:58:01 +04:00
num_tokens , tokens ) ;
}
done :
2023-09-26 23:35:19 +03:00
TALLOC_FREE ( tokens ) ;
2015-08-04 12:18:34 +03:00
TALLOC_FREE ( server_aliases ) ;
2004-10-12 15:58:01 +04:00
2012-10-01 08:16:18 +04:00
return nt_status ;
2004-10-12 15:58:01 +04:00
}
2008-05-10 01:22:12 +04:00
static int rpc_share_allowedusers ( struct net_context * c , int argc ,
const char * * argv )
2004-10-12 15:58:01 +04:00
{
int result ;
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc share allowedusers \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " List allowed users " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2012-01-10 14:53:42 +04:00
result = run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2004-10-12 15:58:01 +04:00
rpc_aliaslist_internals ,
argc , argv ) ;
if ( result ! = 0 )
return result ;
2012-01-10 14:53:42 +04:00
result = run_rpc_command ( c , NULL , & ndr_table_lsarpc , 0 ,
2004-10-12 15:58:01 +04:00
rpc_aliaslist_dump ,
argc , argv ) ;
if ( result ! = 0 )
return result ;
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_srvsvc , 0 ,
2004-10-12 15:58:01 +04:00
rpc_share_allowedusers_internals ,
argc , argv ) ;
}
2008-05-10 01:22:12 +04:00
int net_usersidlist ( struct net_context * c , int argc , const char * * argv )
2004-10-12 15:58:01 +04:00
{
int num_tokens = 0 ;
struct user_token * tokens = NULL ;
int i ;
if ( argc ! = 0 ) {
2008-05-10 01:22:12 +04:00
net_usersidlist_usage ( c , argc , argv ) ;
2004-10-12 15:58:01 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! get_user_tokens ( c , & num_tokens , & tokens ) ) {
2004-10-12 15:58:01 +04:00
DEBUG ( 0 , ( " Could not get the user/sid list \n " ) ) ;
2011-12-06 11:11:11 +04:00
return - 1 ;
2004-10-12 15:58:01 +04:00
}
for ( i = 0 ; i < num_tokens ; i + + ) {
dump_user_token ( & tokens [ i ] ) ;
}
2023-09-26 23:35:19 +03:00
TALLOC_FREE ( tokens ) ;
2011-12-06 11:11:11 +04:00
return 0 ;
2004-10-12 15:58:01 +04:00
}
2008-05-10 01:22:12 +04:00
int net_usersidlist_usage ( struct net_context * c , int argc , const char * * argv )
2004-10-12 15:58:01 +04:00
{
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " net usersidlist \n "
" \t prints out a list of all users the running winbind knows \n "
" \t about, together with all their SIDs. This is used as \n "
" \t input to the 'net rpc share allowedusers' command. \n \n " ) ) ;
2004-10-12 15:58:01 +04:00
2008-05-10 01:22:12 +04:00
net_common_flags_usage ( c , argc , argv ) ;
2004-10-12 15:58:01 +04:00
return - 1 ;
}
2008-05-08 13:23:38 +04:00
/**
2002-07-15 14:35:28 +04:00
* ' net rpc share ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc_share ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-09-04 17:37:03 +04:00
NET_API_STATUS status ;
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" add " ,
rpc_share_add ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Add share " ) ,
N_ ( " net rpc share add \n "
" Add share " )
2008-05-21 12:27:59 +04:00
} ,
{
" delete " ,
rpc_share_delete ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Remove share " ) ,
N_ ( " net rpc share delete \n "
" Remove share " )
2008-05-21 12:27:59 +04:00
} ,
{
" allowedusers " ,
rpc_share_allowedusers ,
NET_TRANSPORT_RPC ,
2018-10-23 03:46:38 +03:00
N_ ( " List allowed users " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc share allowedusers \n "
2018-10-23 03:46:38 +03:00
" List allowed users " )
2008-05-21 12:27:59 +04:00
} ,
{
" migrate " ,
rpc_share_migrate ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate share to local server " ) ,
N_ ( " net rpc share migrate \n "
" Migrate share to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" list " ,
rpc_share_list ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List shares " ) ,
N_ ( " net rpc share list \n "
" List shares " )
2008-05-21 12:27:59 +04:00
} ,
{ NULL , NULL , 0 , NULL , NULL }
2002-07-15 14:35:28 +04:00
} ;
2023-09-07 15:53:22 +03:00
status = libnetapi_net_init ( & c - > netapi_ctx , c - > lp_ctx , c - > creds ) ;
2008-09-04 17:37:03 +04:00
if ( status ! = 0 ) {
return - 1 ;
}
2021-03-25 13:44:36 +03:00
2008-05-21 12:27:59 +04:00
if ( argc = = 0 ) {
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc share \n "
2009-08-04 10:28:50 +04:00
" List shares \n "
" Alias for net rpc share list \n " ) ) ;
2008-05-21 12:27:59 +04:00
net_display_usage_from_functable ( func ) ;
return 0 ;
}
2008-09-10 12:53:46 +04:00
return rpc_share_list ( c , argc , argv ) ;
2008-05-21 12:27:59 +04:00
}
2002-07-15 14:35:28 +04:00
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc share " , func ) ;
2002-07-15 14:35:28 +04:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_share_list ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-09-10 12:53:46 +04:00
return werror_to_ntstatus ( W_ERROR ( rpc_share_list ( c , argc , argv ) ) ) ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_share_add ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-09-04 17:41:45 +04:00
NET_API_STATUS status ;
2008-03-10 16:25:45 +03:00
uint32_t parm_err = 0 ;
2008-09-04 17:41:45 +04:00
struct SHARE_INFO_2 i2 ;
2006-02-04 01:19:41 +03:00
if ( ( argc < 2 ) | | ( argc > 3 ) ) {
2010-01-19 11:23:42 +03:00
d_fprintf ( stderr , _ ( " Usage: %s <share> <path> [comment] \n " ) ,
2006-02-04 01:19:41 +03:00
ctx - > whoami ) ;
return NT_STATUS_INVALID_PARAMETER ;
}
2008-09-04 17:41:45 +04:00
i2 . shi2_netname = argv [ 0 ] ;
i2 . shi2_type = STYPE_DISKTREE ;
i2 . shi2_remark = ( argc = = 3 ) ? argv [ 2 ] : " " ;
i2 . shi2_permissions = 0 ;
i2 . shi2_max_uses = 0 ;
i2 . shi2_current_uses = 0 ;
i2 . shi2_path = argv [ 1 ] ;
i2 . shi2_passwd = NULL ;
2008-03-10 16:25:45 +03:00
2008-09-04 17:41:45 +04:00
status = NetShareAdd ( pipe_hnd - > desthost ,
2 ,
( uint8_t * ) & i2 ,
& parm_err ) ;
2008-03-10 16:25:45 +03:00
2008-09-04 17:41:45 +04:00
return werror_to_ntstatus ( W_ERROR ( status ) ) ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_share_delete ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
if ( argc ! = 1 ) {
2010-01-19 13:43:54 +03:00
d_fprintf ( stderr , " %s %s <share> \n " , _ ( " Usage: " ) , ctx - > whoami ) ;
2006-02-04 01:19:41 +03:00
return NT_STATUS_INVALID_PARAMETER ;
}
2008-09-04 17:46:21 +04:00
return werror_to_ntstatus ( W_ERROR ( NetShareDel ( pipe_hnd - > desthost , argv [ 0 ] , 0 ) ) ) ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_sh_share_info ( struct net_context * c ,
TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx ,
struct rpc_pipe_client * pipe_hnd ,
int argc , const char * * argv )
{
2008-03-10 07:17:09 +03:00
union srvsvc_NetShareInfo info ;
2007-10-11 00:34:30 +04:00
WERROR result ;
2008-03-10 07:17:09 +03:00
NTSTATUS status ;
2011-01-12 15:11:41 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2006-02-04 01:19:41 +03:00
if ( argc ! = 1 ) {
2010-01-19 13:43:54 +03:00
d_fprintf ( stderr , " %s %s <share> \n " , _ ( " Usage: " ) , ctx - > whoami ) ;
2006-02-04 01:19:41 +03:00
return NT_STATUS_INVALID_PARAMETER ;
}
2011-01-12 15:11:41 +03:00
status = dcerpc_srvsvc_NetShareGetInfo ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-03-10 07:17:09 +03:00
argv [ 0 ] ,
2 ,
& info ,
& result ) ;
2011-01-12 15:11:41 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
result = ntstatus_to_werror ( status ) ;
goto done ;
}
if ( ! W_ERROR_IS_OK ( result ) ) {
2006-02-04 01:19:41 +03:00
goto done ;
}
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Name: %s \n " ) , info . info2 - > name ) ;
d_printf ( _ ( " Comment: %s \n " ) , info . info2 - > comment ) ;
d_printf ( _ ( " Path: %s \n " ) , info . info2 - > path ) ;
d_printf ( _ ( " Password: %s \n " ) , info . info2 - > password ) ;
2006-02-04 01:19:41 +03:00
done :
2007-10-11 00:34:30 +04:00
return werror_to_ntstatus ( result ) ;
2006-02-04 01:19:41 +03:00
}
2008-05-10 01:22:12 +04:00
struct rpc_sh_cmd * net_rpc_share_cmds ( struct net_context * c , TALLOC_CTX * mem_ctx ,
2006-02-04 01:19:41 +03:00
struct rpc_sh_ctx * ctx )
{
static struct rpc_sh_cmd cmds [ ] = {
2012-01-10 14:53:42 +04:00
{ " list " , NULL , & ndr_table_srvsvc , rpc_sh_share_list ,
2009-11-08 21:37:26 +03:00
N_ ( " List available shares " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " add " , NULL , & ndr_table_srvsvc , rpc_sh_share_add ,
2009-11-08 21:37:26 +03:00
N_ ( " Add a share " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " delete " , NULL , & ndr_table_srvsvc , rpc_sh_share_delete ,
2009-11-08 21:37:26 +03:00
N_ ( " Delete a share " ) } ,
2006-02-04 01:19:41 +03:00
2012-01-10 14:53:42 +04:00
{ " info " , NULL , & ndr_table_srvsvc , rpc_sh_share_info ,
2009-11-08 21:37:26 +03:00
N_ ( " Get information about a share " ) } ,
2006-02-04 01:19:41 +03:00
2009-11-08 21:37:26 +03:00
{ NULL , NULL , 0 , NULL , NULL }
2006-02-04 01:19:41 +03:00
} ;
return cmds ;
2006-05-17 15:14:26 +04:00
}
2006-02-04 01:19:41 +03:00
2002-07-15 14:35:28 +04:00
/****************************************************************************/
2008-05-10 01:22:12 +04:00
static int rpc_file_usage ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-05-13 15:52:58 +04:00
return net_file_usage ( c , argc , argv ) ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Close a file on a remote RPC server .
2002-07-15 14:35:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2002-07-15 14:35:28 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_file_close ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2008-05-10 01:22:12 +04:00
return rpc_file_usage ( c , argc , argv ) ;
2002-07-15 14:35:28 +04:00
}
2008-09-10 12:34:13 +04:00
return NetFileClose ( c - > opt_host , atoi ( argv [ 0 ] ) ) ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
* Formatted print of open file info
2002-07-15 14:35:28 +04:00
*
2008-09-10 12:34:28 +04:00
* @ param r struct FILE_INFO_3 contents
2002-07-15 14:35:28 +04:00
* */
2008-09-10 12:34:28 +04:00
static void display_file_info_3 ( struct FILE_INFO_3 * r )
2002-07-15 14:35:28 +04:00
{
2017-01-10 14:22:28 +03:00
d_printf ( " %-7.1 " PRIu32 " %-20.20s 0x%-4.2x %-6.1u %s \n " ,
2008-09-10 12:34:28 +04:00
r - > fi3_id , r - > fi3_username , r - > fi3_permissions ,
r - > fi3_num_locks , r - > fi3_pathname ) ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-09-10 12:34:28 +04:00
* List files for a user on a remote RPC server .
2002-07-15 14:35:28 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
*
2008-09-10 12:34:28 +04:00
* @ return A shell status integer ( 0 for success ) . .
2002-07-15 14:35:28 +04:00
* */
2008-09-10 12:34:28 +04:00
static int rpc_file_user ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-09-10 12:34:28 +04:00
NET_API_STATUS status ;
2015-05-07 03:00:06 +03:00
uint32_t preferred_len = 0xffffffff , i ;
2013-02-20 12:03:17 +04:00
char * username = NULL ;
2008-03-10 19:08:55 +03:00
uint32_t total_entries = 0 ;
2008-09-10 12:34:28 +04:00
uint32_t entries_read = 0 ;
2008-03-10 19:08:55 +03:00
uint32_t resume_handle = 0 ;
2008-09-10 12:34:28 +04:00
struct FILE_INFO_3 * i3 = NULL ;
if ( c - > display_usage ) {
return rpc_file_usage ( c , argc , argv ) ;
}
2002-07-15 14:35:28 +04:00
/* if argc > 0, must be user command */
2008-09-10 12:34:28 +04:00
if ( argc > 0 ) {
2002-08-17 18:45:04 +04:00
username = smb_xstrdup ( argv [ 0 ] ) ;
2008-09-10 12:34:28 +04:00
}
2002-07-15 14:35:28 +04:00
2008-09-10 12:34:28 +04:00
status = NetFileEnum ( c - > opt_host ,
NULL ,
username ,
3 ,
2009-02-01 02:31:16 +03:00
( uint8_t * * ) ( void * ) & i3 ,
2008-09-10 12:34:28 +04:00
preferred_len ,
& entries_read ,
& total_entries ,
& resume_handle ) ;
2008-03-10 19:08:55 +03:00
2008-09-10 12:34:28 +04:00
if ( status ! = 0 ) {
2002-07-15 14:35:28 +04:00
goto done ;
2008-09-10 12:34:28 +04:00
}
2002-07-15 14:35:28 +04:00
/* Display results */
2009-08-04 10:28:50 +04:00
d_printf ( _ (
2008-05-21 12:27:59 +04:00
" \n Enumerating open files on remote server: \n \n "
" \n FileId Opened by Perms Locks Path "
2009-08-04 10:28:50 +04:00
" \n ------ --------- ----- ----- ---- \n " ) ) ;
2008-09-10 12:34:28 +04:00
for ( i = 0 ; i < entries_read ; i + + ) {
display_file_info_3 ( & i3 [ i ] ) ;
2002-07-15 14:35:28 +04:00
}
2008-09-10 12:34:28 +04:00
done :
2013-02-20 12:03:17 +04:00
SAFE_FREE ( username ) ;
2008-09-10 12:34:28 +04:00
return status ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2002-07-15 14:35:28 +04:00
* ' net rpc file ' entrypoint .
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-07-15 14:35:28 +04:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc_file ( struct net_context * c , int argc , const char * * argv )
2002-07-15 14:35:28 +04:00
{
2008-09-10 12:34:13 +04:00
NET_API_STATUS status ;
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" close " ,
rpc_file_close ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Close opened file " ) ,
N_ ( " net rpc file close \n "
" Close opened file " )
2008-05-21 12:27:59 +04:00
} ,
{
" user " ,
rpc_file_user ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List files opened by user " ) ,
N_ ( " net rpc file user \n "
" List files opened by user " )
2008-05-21 12:27:59 +04:00
} ,
2002-07-15 14:35:28 +04:00
#if 0
2008-05-21 12:27:59 +04:00
{
" info " ,
rpc_file_info ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Display information about opened file " ) ,
N_ ( " net rpc file info \n "
" Display information about opened file " )
2008-05-21 12:27:59 +04:00
} ,
2002-07-15 14:35:28 +04:00
# endif
2008-05-21 12:27:59 +04:00
{ NULL , NULL , 0 , NULL , NULL }
2002-07-15 14:35:28 +04:00
} ;
2023-09-07 15:53:22 +03:00
status = libnetapi_net_init ( & c - > netapi_ctx , c - > lp_ctx , c - > creds ) ;
2021-03-25 13:44:36 +03:00
if ( status ! = 0 ) {
return - 1 ;
2008-09-10 12:34:13 +04:00
}
2008-05-21 12:27:59 +04:00
if ( argc = = 0 ) {
if ( c - > display_usage ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Usage: \n " ) ) ;
d_printf ( _ ( " net rpc file \n "
" List opened files \n " ) ) ;
2008-05-21 12:27:59 +04:00
net_display_usage_from_functable ( func ) ;
return 0 ;
}
2008-09-10 12:34:28 +04:00
return rpc_file_user ( c , argc , argv ) ;
2008-05-21 12:27:59 +04:00
}
2002-07-15 14:35:28 +04:00
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc file " , func ) ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* ABORT the shutdown of a remote RPC Server , over initshutdown pipe .
2002-07-15 14:35:28 +04:00
*
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function , except for
2008-05-08 13:23:38 +04:00
* argc , argv which are passed through .
2001-12-31 16:00:59 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param domain_sid The domain sid acquired from the remote server .
2001-12-31 16:00:59 +03:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-31 16:00:59 +03:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_shutdown_abort_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
struct cli_state * cli ,
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
2008-05-08 13:23:38 +04:00
const char * * argv )
2001-12-31 16:00:59 +03:00
{
2011-01-11 18:47:34 +03:00
NTSTATUS status = NT_STATUS_UNSUCCESSFUL ;
WERROR result ;
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2008-05-08 13:23:38 +04:00
2011-01-11 18:47:34 +03:00
status = dcerpc_initshutdown_Abort ( b , mem_ctx , NULL , & result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( W_ERROR_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " \n Shutdown successfully aborted \n " ) ) ;
2003-10-24 18:03:18 +04:00
DEBUG ( 5 , ( " cmd_shutdown_abort: query succeeded \n " ) ) ;
2004-11-15 23:57:27 +03:00
} else
2003-10-24 18:03:18 +04:00
DEBUG ( 5 , ( " cmd_shutdown_abort: query failed \n " ) ) ;
2008-05-08 13:23:38 +04:00
2011-01-11 18:47:34 +03:00
return werror_to_ntstatus ( result ) ;
2003-10-24 18:03:18 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* ABORT the shutdown of a remote RPC Server , over winreg pipe .
2003-10-24 18:03:18 +04:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-05-08 13:23:38 +04:00
* argc , argv which are passed through .
2003-10-24 18:03:18 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param domain_sid The domain sid acquired from the remote server .
2003-10-24 18:03:18 +04:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2003-10-24 18:03:18 +04:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_reg_shutdown_abort_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
struct cli_state * cli ,
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
2008-05-08 13:23:38 +04:00
const char * * argv )
2003-10-24 18:03:18 +04:00
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL ;
2011-01-12 23:59:23 +03:00
WERROR werr ;
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2008-05-08 13:23:38 +04:00
2011-01-12 23:59:23 +03:00
result = dcerpc_winreg_AbortSystemShutdown ( b , mem_ctx , NULL , & werr ) ;
2008-05-08 13:23:38 +04:00
2011-01-12 23:59:23 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
DEBUG ( 5 , ( " cmd_reg_abort_shutdown: query failed \n " ) ) ;
return result ;
}
if ( W_ERROR_IS_OK ( werr ) ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " \n Shutdown successfully aborted \n " ) ) ;
2001-12-31 16:00:59 +03:00
DEBUG ( 5 , ( " cmd_reg_abort_shutdown: query succeeded \n " ) ) ;
2004-11-15 23:57:27 +03:00
} else
2001-12-31 16:00:59 +03:00
DEBUG ( 5 , ( " cmd_reg_abort_shutdown: query failed \n " ) ) ;
2008-05-08 13:23:38 +04:00
2011-01-12 23:59:23 +03:00
return werror_to_ntstatus ( werr ) ;
2001-12-31 16:00:59 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* ABORT the shutdown of a remote RPC server .
2001-12-31 16:00:59 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-31 16:00:59 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2001-12-31 16:00:59 +03:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_shutdown_abort ( struct net_context * c , int argc ,
const char * * argv )
2001-12-31 16:00:59 +03:00
{
2008-05-21 12:27:59 +04:00
int rc = - 1 ;
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc abortshutdown \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Abort a scheduled shutdown " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2012-01-10 14:53:42 +04:00
rc = run_rpc_command ( c , NULL , & ndr_table_initshutdown , 0 ,
2008-05-21 12:27:59 +04:00
rpc_shutdown_abort_internals , argc , argv ) ;
2003-10-24 18:03:18 +04:00
if ( rc = = 0 )
return rc ;
DEBUG ( 1 , ( " initshutdown pipe didn't work, trying winreg pipe \n " ) ) ;
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_winreg , 0 ,
2003-10-24 18:03:18 +04:00
rpc_reg_shutdown_abort_internals ,
2001-12-31 16:00:59 +03:00
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Shut down a remote RPC Server via initshutdown pipe .
2001-12-31 16:00:59 +03:00
*
2002-09-25 19:19:00 +04:00
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2001-12-31 16:00:59 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param domain_sid The domain sid acquired from the remote server .
2001-12-31 16:00:59 +03:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-31 16:00:59 +03:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
NTSTATUS rpc_init_shutdown_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2004-11-15 23:57:27 +03:00
{
2011-01-11 18:47:34 +03:00
NTSTATUS status = NT_STATUS_UNSUCCESSFUL ;
WERROR result ;
2009-08-04 10:28:50 +04:00
const char * msg = N_ ( " This machine will be shutdown shortly " ) ;
2015-05-07 03:00:06 +03:00
uint32_t timeout = 20 ;
2008-10-15 18:13:02 +04:00
struct lsa_StringLarge msg_string ;
2011-01-11 18:47:34 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2004-11-15 23:57:27 +03:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_comment ) {
msg = c - > opt_comment ;
2004-11-15 23:57:27 +03:00
}
2008-05-10 01:22:12 +04:00
if ( c - > opt_timeout ) {
timeout = c - > opt_timeout ;
2004-11-15 23:57:27 +03:00
}
2008-10-15 18:13:02 +04:00
msg_string . string = msg ;
2006-09-26 19:15:26 +04:00
2004-11-15 23:57:27 +03:00
/* create an entry */
2011-01-11 18:47:34 +03:00
status = dcerpc_initshutdown_Init ( b , mem_ctx , NULL ,
2008-05-10 01:22:12 +04:00
& msg_string , timeout , c - > opt_force , c - > opt_reboot ,
2011-01-11 18:47:34 +03:00
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( W_ERROR_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " \n Shutdown of remote machine succeeded \n " ) ) ;
2004-11-15 23:57:27 +03:00
DEBUG ( 5 , ( " Shutdown of remote machine succeeded \n " ) ) ;
2005-10-11 22:42:25 +04:00
} else {
DEBUG ( 1 , ( " Shutdown of remote machine failed! \n " ) ) ;
}
2011-01-11 18:47:34 +03:00
return werror_to_ntstatus ( result ) ;
2004-11-15 23:57:27 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Shut down a remote RPC Server via winreg pipe .
2004-11-15 23:57:27 +03:00
*
* All parameters are provided by the run_rpc_command function , except for
2008-06-12 12:55:55 +04:00
* argc , argv which are passed through .
2004-11-15 23:57:27 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param domain_sid The domain sid acquired from the remote server .
2004-11-15 23:57:27 +03:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-11-15 23:57:27 +03:00
*
* @ return Normal NTSTATUS return .
* */
2008-05-10 01:22:12 +04:00
NTSTATUS rpc_reg_shutdown_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2001-12-31 16:00:59 +03:00
{
2009-08-04 10:28:50 +04:00
const char * msg = N_ ( " This machine will be shutdown shortly " ) ;
2015-05-07 03:00:06 +03:00
uint32_t timeout = 20 ;
2008-10-15 18:13:02 +04:00
struct lsa_StringLarge msg_string ;
2006-09-26 19:15:26 +04:00
NTSTATUS result ;
2007-12-03 20:40:36 +03:00
WERROR werr ;
2011-01-12 23:59:23 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2001-12-31 16:00:59 +03:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_comment ) {
msg = c - > opt_comment ;
2001-12-31 16:00:59 +03:00
}
2008-10-15 18:13:02 +04:00
msg_string . string = msg ;
2006-09-26 19:15:26 +04:00
2008-05-10 01:22:12 +04:00
if ( c - > opt_timeout ) {
timeout = c - > opt_timeout ;
2001-12-31 16:00:59 +03:00
}
/* create an entry */
2011-01-12 23:59:23 +03:00
result = dcerpc_winreg_InitiateSystemShutdown ( b , mem_ctx , NULL ,
2008-05-10 01:22:12 +04:00
& msg_string , timeout , c - > opt_force , c - > opt_reboot ,
& werr ) ;
2011-01-12 23:59:23 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
d_fprintf ( stderr , " \n Shutdown of remote machine failed \n " ) ;
return result ;
}
2001-12-31 16:00:59 +03:00
2011-01-12 23:59:23 +03:00
if ( W_ERROR_IS_OK ( werr ) ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " \n Shutdown of remote machine succeeded \n " ) ) ;
2005-10-11 22:42:25 +04:00
} else {
2006-01-18 00:22:00 +03:00
d_fprintf ( stderr , " \n Shutdown of remote machine failed \n " ) ;
2007-12-03 20:40:36 +03:00
if ( W_ERROR_EQUAL ( werr , WERR_MACHINE_LOCKED ) )
2006-01-18 00:22:00 +03:00
d_fprintf ( stderr , " \n Machine locked, use -f switch to force \n " ) ;
2005-10-11 22:42:25 +04:00
else
2008-11-01 19:19:26 +03:00
d_fprintf ( stderr , " \n result was: %s \n " , win_errstr ( werr ) ) ;
2004-11-15 23:57:27 +03:00
}
2001-12-31 16:00:59 +03:00
2011-01-12 23:59:23 +03:00
return werror_to_ntstatus ( werr ) ;
2001-12-31 16:00:59 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Shut down a remote RPC server .
2001-12-31 16:00:59 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-31 16:00:59 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2001-12-31 16:00:59 +03:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_shutdown ( struct net_context * c , int argc , const char * * argv )
2001-12-31 16:00:59 +03:00
{
2008-05-21 12:27:59 +04:00
int rc = - 1 ;
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc shutdown \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Shut down a remote RPC server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2012-01-10 14:53:42 +04:00
rc = run_rpc_command ( c , NULL , & ndr_table_initshutdown , 0 ,
2009-11-08 21:37:26 +03:00
rpc_init_shutdown_internals , argc , argv ) ;
2004-11-15 23:57:27 +03:00
2005-10-11 22:42:25 +04:00
if ( rc ) {
DEBUG ( 1 , ( " initshutdown pipe failed, trying winreg pipe \n " ) ) ;
2012-01-10 14:53:42 +04:00
rc = run_rpc_command ( c , NULL , & ndr_table_winreg , 0 ,
2005-10-11 22:42:25 +04:00
rpc_reg_shutdown_internals , argc , argv ) ;
}
2004-11-15 23:57:27 +03:00
2005-10-11 22:42:25 +04:00
return rc ;
2001-12-31 16:00:59 +03:00
}
2002-03-01 05:56:35 +03:00
/***************************************************************************
NT Domain trusts code ( i . e . ' net rpc trustdom ' functionality )
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
/**
* Add interdomain trust account to the RPC server .
* All parameters ( except for argc and argv ) are passed by run_rpc_command
* function .
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param domain_sid The domain sid acquired from the server .
2002-03-01 05:56:35 +03:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return normal NTSTATUS return code .
2002-03-01 05:56:35 +03:00
*/
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_trustdom_add_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
const char * * argv )
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol , user_pol ;
2011-01-18 14:06:42 +03:00
NTSTATUS status , result ;
2002-03-01 05:56:35 +03:00
char * acct_name ;
2008-02-01 16:21:54 +03:00
struct lsa_String lsa_acct_name ;
2015-05-07 03:00:06 +03:00
uint32_t acb_info ;
uint32_t acct_flags = 0 ;
uint32_t user_rid ;
2008-02-01 16:21:54 +03:00
uint32_t access_granted = 0 ;
2008-02-12 22:01:36 +03:00
union samr_UserInfo info ;
2008-06-28 04:26:41 +04:00
unsigned int orig_timeout ;
2011-01-18 14:06:42 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2012-08-01 12:48:53 +04:00
DATA_BLOB session_key = data_blob_null ;
2019-07-16 16:49:43 +03:00
TALLOC_CTX * frame = NULL ;
2002-03-01 05:56:35 +03:00
2003-05-11 20:59:06 +04:00
if ( argc ! = 2 ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc trustdom add <domain_name> "
2009-08-04 10:28:50 +04:00
" <trust password> \n " ) ) ;
2002-07-15 14:35:28 +04:00
return NT_STATUS_INVALID_PARAMETER ;
2002-03-01 05:56:35 +03:00
}
2019-07-16 16:49:43 +03:00
frame = talloc_stackframe ( ) ;
2010-01-19 13:43:54 +03:00
/*
2002-03-01 05:56:35 +03:00
* Make valid trusting domain account ( ie . uppercased and with ' $ ' appended )
*/
2008-02-01 16:21:54 +03:00
2002-03-01 05:56:35 +03:00
if ( asprintf ( & acct_name , " %s$ " , argv [ 0 ] ) < 0 ) {
2019-07-16 16:49:43 +03:00
status = NT_STATUS_NO_MEMORY ;
2002-03-01 05:56:35 +03:00
}
2012-08-09 02:35:28 +04:00
if ( ! strupper_m ( acct_name ) ) {
2019-07-16 16:49:43 +03:00
status = NT_STATUS_INVALID_PARAMETER ;
goto done ;
2012-08-09 02:35:28 +04:00
}
2002-03-01 05:56:35 +03:00
2008-02-01 16:21:54 +03:00
init_lsa_String ( & lsa_acct_name , acct_name ) ;
2024-09-14 16:54:25 +03:00
status = dcerpc_binding_handle_transport_session_key (
b , frame , & session_key ) ;
2012-08-01 12:48:53 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 0 , ( " Error getting session_key of SAM pipe. Error was %s \n " ,
nt_errstr ( status ) ) ) ;
goto done ;
}
2002-08-17 18:45:04 +04:00
/* Get samr policy handle */
2019-07-16 16:49:43 +03:00
status = dcerpc_samr_Connect2 ( b , frame ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 14:06:42 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2002-03-01 05:56:35 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:06:42 +03:00
status = result ;
2002-03-01 05:56:35 +03:00
goto done ;
}
2008-02-01 13:12:05 +03:00
2002-03-01 05:56:35 +03:00
/* Get domain policy handle */
2019-07-16 16:49:43 +03:00
status = dcerpc_samr_OpenDomain ( b , frame ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , domain_sid ) ,
2011-01-18 14:06:42 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2002-03-01 05:56:35 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:06:42 +03:00
status = result ;
2002-03-01 05:56:35 +03:00
goto done ;
}
2008-06-28 04:26:41 +04:00
/* This call can take a long time - allow the server to time out.
* 35 seconds should do it . */
2008-06-28 12:38:33 +04:00
orig_timeout = rpccli_set_timeout ( pipe_hnd , 35000 ) ;
2008-06-28 04:26:41 +04:00
2002-03-01 05:56:35 +03:00
/* Create trusting domain's account */
2008-01-25 03:00:51 +03:00
acb_info = ACB_NORMAL ;
acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
SEC_STD_WRITE_DAC | SEC_STD_DELETE |
SAMR_USER_ACCESS_SET_PASSWORD |
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES ;
2002-03-01 05:56:35 +03:00
2019-07-16 16:49:43 +03:00
status = dcerpc_samr_CreateUser2 ( b , frame ,
2008-02-01 16:21:54 +03:00
& domain_pol ,
& lsa_acct_name ,
acb_info ,
acct_flags ,
& user_pol ,
& access_granted ,
2011-01-18 14:06:42 +03:00
& user_rid ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2008-06-28 04:26:41 +04:00
/* And restore our original timeout. */
2008-06-28 12:38:33 +04:00
rpccli_set_timeout ( pipe_hnd , orig_timeout ) ;
2008-06-28 04:26:41 +04:00
2002-03-01 05:56:35 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:06:42 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " net rpc trustdom add: create user %s failed %s \n " ) ,
2008-06-28 04:26:41 +04:00
acct_name , nt_errstr ( result ) ) ;
2002-03-01 05:56:35 +03:00
goto done ;
}
2003-05-11 20:59:06 +04:00
{
2008-07-30 21:52:56 +04:00
struct samr_CryptPassword crypt_pwd ;
2003-05-11 20:59:06 +04:00
2008-12-06 02:28:34 +03:00
ZERO_STRUCT ( info . info23 ) ;
2008-02-12 22:01:36 +03:00
2019-05-29 17:22:11 +03:00
status = init_samr_CryptPassword ( argv [ 1 ] ,
& session_key ,
& crypt_pwd ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2008-07-30 21:52:56 +04:00
2008-12-06 02:28:34 +03:00
info . info23 . info . fields_present = SAMR_FIELD_ACCT_FLAGS |
SAMR_FIELD_NT_PASSWORD_PRESENT ;
info . info23 . info . acct_flags = ACB_DOMTRUST ;
info . info23 . password = crypt_pwd ;
2008-02-12 22:01:36 +03:00
2019-07-16 16:49:43 +03:00
status = dcerpc_samr_SetUserInfo2 ( b , frame ,
2008-02-12 22:01:36 +03:00
& user_pol ,
23 ,
2011-01-18 14:06:42 +03:00
& info ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2003-05-11 20:59:06 +04:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:06:42 +03:00
status = result ;
2003-05-12 03:49:36 +04:00
DEBUG ( 0 , ( " Could not set trust account password: %s \n " ,
2003-05-11 20:59:06 +04:00
nt_errstr ( result ) ) ) ;
goto done ;
}
}
2019-07-16 16:49:43 +03:00
status = NT_STATUS_OK ;
2002-03-01 05:56:35 +03:00
done :
SAFE_FREE ( acct_name ) ;
2012-08-01 12:48:53 +04:00
data_blob_clear_free ( & session_key ) ;
2019-07-16 16:49:43 +03:00
TALLOC_FREE ( frame ) ;
2011-01-18 14:06:42 +03:00
return status ;
2002-03-01 05:56:35 +03:00
}
/**
* Create interdomain trust account for a remote domain .
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard argc .
* @ param argv Standard argv without initial components .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return Integer status ( 0 means success ) .
2002-03-01 05:56:35 +03:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_trustdom_add ( struct net_context * c , int argc , const char * * argv )
2002-03-01 05:56:35 +03:00
{
2008-05-21 12:27:59 +04:00
if ( argc > 0 & & ! c - > display_usage ) {
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2008-05-10 01:22:12 +04:00
rpc_trustdom_add_internals , argc , argv ) ;
2003-08-16 01:57:59 +04:00
} else {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc trustdom add <domain_name> <trust "
2009-08-04 10:28:50 +04:00
" password> \n " ) ) ;
2003-08-16 01:57:59 +04:00
return - 1 ;
}
2002-03-01 05:56:35 +03:00
}
2005-06-09 02:10:34 +04:00
2005-02-28 13:55:13 +03:00
/**
2005-02-28 14:17:13 +03:00
* Remove interdomain trust account from the RPC server .
2005-02-28 13:55:13 +03:00
* All parameters ( except for argc and argv ) are passed by run_rpc_command
* function .
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param domain_sid The domain sid acquired from the server .
2005-02-28 13:55:13 +03:00
* @ param cli A cli_state connected to the server .
2008-06-12 12:55:55 +04:00
* @ param mem_ctx Talloc context , destroyed on completion of the function .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2005-02-28 13:55:13 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return normal NTSTATUS return code .
2005-02-28 13:55:13 +03:00
*/
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_trustdom_del_internals ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
const char * * argv )
{
2009-03-19 00:49:41 +03:00
struct policy_handle connect_pol , domain_pol , user_pol ;
2011-01-18 14:08:02 +03:00
NTSTATUS status , result ;
2005-02-28 13:55:13 +03:00
char * acct_name ;
2010-05-21 05:25:01 +04:00
struct dom_sid trust_acct_sid ;
2008-02-08 16:50:04 +03:00
struct samr_Ids user_rids , name_types ;
struct lsa_String lsa_acct_name ;
2011-01-18 14:08:02 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2005-02-28 13:55:13 +03:00
if ( argc ! = 1 ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc trustdom del <domain_name> \n " ) ) ;
2005-02-28 13:55:13 +03:00
return NT_STATUS_INVALID_PARAMETER ;
}
2008-05-08 13:23:38 +04:00
/*
2005-02-28 13:55:13 +03:00
* Make valid trusting domain account ( ie . uppercased and with ' $ ' appended )
*/
2005-03-22 18:45:38 +03:00
acct_name = talloc_asprintf ( mem_ctx , " %s$ " , argv [ 0 ] ) ;
if ( acct_name = = NULL )
2005-02-28 13:55:13 +03:00
return NT_STATUS_NO_MEMORY ;
2012-08-09 02:35:28 +04:00
if ( ! strupper_m ( acct_name ) ) {
TALLOC_FREE ( acct_name ) ;
return NT_STATUS_INVALID_PARAMETER ;
}
2005-02-28 13:55:13 +03:00
/* Get samr policy handle */
2011-01-18 14:08:02 +03:00
status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2008-02-04 21:43:07 +03:00
MAXIMUM_ALLOWED_ACCESS ,
2011-01-18 14:08:02 +03:00
& connect_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2005-02-28 13:55:13 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:08:02 +03:00
status = result ;
2005-02-28 13:55:13 +03:00
goto done ;
}
2008-02-01 13:12:05 +03:00
2005-02-28 13:55:13 +03:00
/* Get domain policy handle */
2011-01-18 14:08:02 +03:00
status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2011-05-06 01:56:30 +04:00
discard_const_p ( struct dom_sid2 , domain_sid ) ,
2011-01-18 14:08:02 +03:00
& domain_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
goto done ;
}
2005-02-28 13:55:13 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:08:02 +03:00
status = result ;
2005-02-28 13:55:13 +03:00
goto done ;
}
2008-02-08 16:50:04 +03:00
init_lsa_String ( & lsa_acct_name , acct_name ) ;
2011-01-18 14:08:02 +03:00
status = dcerpc_samr_LookupNames ( b , mem_ctx ,
2008-02-08 16:50:04 +03:00
& domain_pol ,
1 ,
& lsa_acct_name ,
& user_rids ,
2011-01-18 14:08:02 +03:00
& name_types ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_printf ( _ ( " net rpc trustdom del: LookupNames on user %s "
" failed %s \n " ) ,
acct_name , nt_errstr ( status ) ) ;
goto done ;
}
2005-02-28 13:55:13 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:08:02 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " net rpc trustdom del: LookupNames on user %s "
" failed %s \n " ) ,
2008-06-28 04:26:41 +04:00
acct_name , nt_errstr ( result ) ) ;
2005-02-28 13:55:13 +03:00
goto done ;
}
2013-11-08 09:40:55 +04:00
if ( user_rids . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
if ( name_types . count ! = 1 ) {
status = NT_STATUS_INVALID_NETWORK_RESPONSE ;
goto done ;
}
2005-02-28 13:55:13 +03:00
2011-01-18 14:08:02 +03:00
status = dcerpc_samr_OpenUser ( b , mem_ctx ,
2008-02-01 13:57:53 +03:00
& domain_pol ,
MAXIMUM_ALLOWED_ACCESS ,
2008-02-08 16:50:04 +03:00
user_rids . ids [ 0 ] ,
2011-01-18 14:08:02 +03:00
& user_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_printf ( _ ( " net rpc trustdom del: OpenUser on user %s failed "
" %s \n " ) ,
acct_name , nt_errstr ( status ) ) ;
goto done ;
}
2005-02-28 13:55:13 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:08:02 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " net rpc trustdom del: OpenUser on user %s failed "
" %s \n " ) ,
2008-06-28 04:26:41 +04:00
acct_name , nt_errstr ( result ) ) ;
2005-02-28 13:55:13 +03:00
goto done ;
}
/* append the rid to the domain sid */
2010-01-10 19:39:27 +03:00
if ( ! sid_compose ( & trust_acct_sid , domain_sid , user_rids . ids [ 0 ] ) ) {
2005-02-28 13:55:13 +03:00
goto done ;
}
/* remove the sid */
2011-01-18 14:08:02 +03:00
status = dcerpc_samr_RemoveMemberFromForeignDomain ( b , mem_ctx ,
2008-02-05 13:21:07 +03:00
& user_pol ,
2011-01-18 14:08:02 +03:00
& trust_acct_sid ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_printf ( _ ( " net rpc trustdom del: RemoveMemberFromForeignDomain "
" on user %s failed %s \n " ) ,
acct_name , nt_errstr ( status ) ) ;
goto done ;
}
2005-02-28 13:55:13 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:08:02 +03:00
status = result ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " net rpc trustdom del: RemoveMemberFromForeignDomain "
" on user %s failed %s \n " ) ,
2008-06-28 04:26:41 +04:00
acct_name , nt_errstr ( result ) ) ;
2005-02-28 13:55:13 +03:00
goto done ;
}
2011-01-18 14:08:02 +03:00
2005-02-28 13:55:13 +03:00
/* Delete user */
2011-01-18 14:08:02 +03:00
status = dcerpc_samr_DeleteUser ( b , mem_ctx ,
& user_pol ,
& result ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
d_printf ( _ ( " net rpc trustdom del: DeleteUser on user %s failed "
" %s \n " ) ,
acct_name , nt_errstr ( status ) ) ;
goto done ;
}
2005-02-28 13:55:13 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
2011-01-18 14:08:02 +03:00
result = status ;
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " net rpc trustdom del: DeleteUser on user %s failed "
" %s \n " ) ,
2008-06-28 04:26:41 +04:00
acct_name , nt_errstr ( result ) ) ;
2005-02-28 13:55:13 +03:00
goto done ;
}
if ( ! NT_STATUS_IS_OK ( result ) ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Could not set trust account password: %s \n " ) ,
2008-06-28 04:26:41 +04:00
nt_errstr ( result ) ) ;
goto done ;
2005-02-28 13:55:13 +03:00
}
done :
2011-01-18 14:08:02 +03:00
return status ;
2005-02-28 13:55:13 +03:00
}
2002-03-01 05:56:35 +03:00
/**
* Delete interdomain trust account for a remote domain .
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard argc .
* @ param argv Standard argv without initial components .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return Integer status ( 0 means success ) .
2002-03-01 05:56:35 +03:00
* */
2005-02-28 13:55:13 +03:00
2008-05-10 01:22:12 +04:00
static int rpc_trustdom_del ( struct net_context * c , int argc , const char * * argv )
2002-03-01 05:56:35 +03:00
{
2008-05-21 12:27:59 +04:00
if ( argc > 0 & & ! c - > display_usage ) {
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_samr , 0 ,
2008-05-10 01:22:12 +04:00
rpc_trustdom_del_internals , argc , argv ) ;
2005-02-28 13:55:13 +03:00
} else {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc trustdom del <domain> \n " ) ) ;
2005-02-28 13:55:13 +03:00
return - 1 ;
}
2002-03-01 05:56:35 +03:00
}
2008-04-02 14:29:24 +04:00
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_trustdom_get_pdc ( struct net_context * c ,
struct cli_state * cli ,
2008-04-02 14:29:24 +04:00
TALLOC_CTX * mem_ctx ,
const char * domain_name )
{
char * dc_name = NULL ;
const char * buffer = NULL ;
struct rpc_pipe_client * netr ;
NTSTATUS status ;
2011-01-12 13:27:26 +03:00
WERROR result ;
struct dcerpc_binding_handle * b ;
2008-04-02 14:29:24 +04:00
/* Use NetServerEnum2 */
if ( cli_get_pdc_name ( cli , domain_name , & dc_name ) ) {
SAFE_FREE ( dc_name ) ;
return NT_STATUS_OK ;
}
2023-07-06 06:57:08 +03:00
DEBUG ( 1 , ( " NetServerEnum2 error: Couldn't find primary domain controller "
" for domain %s \n " , domain_name ) ) ;
2008-04-02 14:29:24 +04:00
/* Try netr_GetDcName */
2013-05-24 15:29:28 +04:00
status = cli_rpc_pipe_open_noauth ( cli , & ndr_table_netlogon ,
2008-07-20 13:04:31 +04:00
& netr ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2008-04-02 14:29:24 +04:00
return status ;
}
2011-01-12 13:27:26 +03:00
b = netr - > binding_handle ;
status = dcerpc_netr_GetDcName ( b , mem_ctx ,
2011-07-22 18:47:35 +04:00
netr - > desthost ,
2008-04-02 14:29:24 +04:00
domain_name ,
& buffer ,
2011-01-12 13:27:26 +03:00
& result ) ;
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( netr ) ;
2008-04-02 14:29:24 +04:00
2011-01-12 13:27:26 +03:00
if ( NT_STATUS_IS_OK ( status ) & & W_ERROR_IS_OK ( result ) ) {
2008-04-02 14:29:24 +04:00
return status ;
}
2023-07-06 06:57:08 +03:00
DEBUG ( 1 , ( " netr_GetDcName error: Couldn't find primary domain controller "
" for domain %s \n " , domain_name ) ) ;
2008-04-02 14:29:24 +04:00
2011-01-12 13:27:26 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
return werror_to_ntstatus ( result ) ;
2008-04-02 14:29:24 +04:00
}
2002-03-01 05:56:35 +03:00
/**
* Establish trust relationship to a trusting domain .
* Interdomain account must already be created on remote PDC .
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard argc .
* @ param argv Standard argv without initial components .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return Integer status ( 0 means success ) .
2002-03-01 05:56:35 +03:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_trustdom_establish ( struct net_context * c , int argc ,
const char * * argv )
2002-08-17 18:45:04 +04:00
{
2005-09-30 21:13:37 +04:00
struct cli_state * cli = NULL ;
2007-10-25 01:16:54 +04:00
struct sockaddr_storage server_ss ;
2005-09-30 21:13:37 +04:00
struct rpc_pipe_client * pipe_hnd = NULL ;
2009-03-19 00:49:41 +03:00
struct policy_handle connect_hnd ;
2024-04-30 10:55:15 +03:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2011-01-18 19:25:02 +03:00
NTSTATUS nt_status , result ;
2010-05-21 05:25:01 +04:00
struct dom_sid * domain_sid ;
2002-03-01 05:56:35 +03:00
char * domain_name ;
char * acct_name ;
2024-01-10 17:06:14 +03:00
const char * pwd = NULL ;
2002-03-01 05:56:35 +03:00
fstring pdc_name ;
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation * info = NULL ;
2011-01-18 19:25:02 +03:00
struct dcerpc_binding_handle * b ;
2023-08-31 17:22:02 +03:00
union lsa_revision_info out_revision_info = {
. info1 = {
. revision = 0 ,
} ,
} ;
uint32_t out_version = 0 ;
2024-06-06 18:31:10 +03:00
int rc = - 1 ;
2002-03-01 05:56:35 +03:00
/*
* Connect to \ \ server \ ipc $ as ' our domain ' account with password
*/
2008-05-21 12:27:59 +04:00
if ( argc ! = 1 | | c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc trustdom establish <domain_name> \n " ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-07-15 14:35:28 +04:00
}
2024-06-06 18:37:32 +03:00
domain_name = talloc_strdup_upper ( frame , argv [ 0 ] ) ;
if ( domain_name = = NULL ) {
2024-06-06 18:31:10 +03:00
goto out ;
2012-08-09 02:35:28 +04:00
}
2002-11-29 05:58:59 +03:00
/* account name used at first is our domain's name with '$' */
2024-06-06 18:37:32 +03:00
acct_name = talloc_asprintf_strupper_m ( frame , " %s$ " , lp_workgroup ( ) ) ;
if ( acct_name = = NULL ) {
2024-06-06 18:31:10 +03:00
goto out ;
2012-08-09 02:35:28 +04:00
}
2024-01-10 17:06:14 +03:00
cli_credentials_set_username ( c - > creds , acct_name , CRED_SPECIFIED ) ;
2007-10-25 01:16:54 +04:00
2002-03-01 05:56:35 +03:00
/* find the domain controller */
2007-10-25 01:16:54 +04:00
if ( ! net_find_pdc ( & server_ss , pdc_name , domain_name ) ) {
2003-08-14 00:53:48 +04:00
DEBUG ( 0 , ( " Couldn't find domain controller for domain %s \n " , domain_name ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-03-01 05:56:35 +03:00
}
/* connect to ipc$ as username/password */
2008-05-10 01:22:12 +04:00
nt_status = connect_to_ipc ( c , & cli , & server_ss , pdc_name ) ;
2002-03-01 05:56:35 +03:00
if ( ! NT_STATUS_EQUAL ( nt_status , NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT ) ) {
/* Is it trusting domain account for sure ? */
DEBUG ( 0 , ( " Couldn't verify trusting domain account. Error was %s \n " ,
2002-03-17 07:36:35 +03:00
nt_errstr ( nt_status ) ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-03-01 05:56:35 +03:00
}
2006-02-08 07:03:47 +03:00
/* store who we connected to */
2006-03-10 00:07:15 +03:00
saf_store ( domain_name , pdc_name ) ;
2007-10-25 01:16:54 +04:00
2002-03-01 05:56:35 +03:00
/*
* Connect to \ \ server \ ipc $ again ( this time anonymously )
*/
2007-10-25 01:16:54 +04:00
2008-05-10 01:22:12 +04:00
nt_status = connect_to_ipc_anonymous ( c , & cli , & server_ss ,
( char * ) pdc_name ) ;
2007-12-04 01:09:48 +03:00
2002-03-01 05:56:35 +03:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't connect to domain %s controller. Error was %s. \n " ,
2002-03-17 07:36:35 +03:00
domain_name , nt_errstr ( nt_status ) ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-03-01 05:56:35 +03:00
}
2005-06-09 02:10:34 +04:00
2008-04-02 14:29:24 +04:00
/* Make sure we're talking to a proper server */
2024-04-30 10:55:15 +03:00
nt_status = rpc_trustdom_get_pdc ( c , cli , frame , domain_name ) ;
2008-04-02 14:29:24 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2024-06-06 18:31:10 +03:00
goto out ;
2008-04-02 14:29:24 +04:00
}
2002-03-01 05:56:35 +03:00
/*
* Call LsaOpenPolicy and LsaQueryInfo
*/
2008-05-08 13:23:38 +04:00
2013-05-24 15:29:28 +04:00
nt_status = cli_rpc_pipe_open_noauth ( cli , & ndr_table_lsarpc ,
2008-07-20 13:04:31 +04:00
& pipe_hnd ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2005-09-30 21:13:37 +04:00
DEBUG ( 0 , ( " Could not initialise lsa pipe. Error was %s \n " , nt_errstr ( nt_status ) ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-03-01 05:56:35 +03:00
}
2011-01-18 19:25:02 +03:00
b = pipe_hnd - > binding_handle ;
2023-08-31 17:22:02 +03:00
nt_status = dcerpc_lsa_open_policy_fallback ( b ,
2024-04-30 10:55:15 +03:00
frame ,
2023-08-31 17:22:02 +03:00
pipe_hnd - > srv_name_slash ,
true ,
KEY_QUERY_VALUE ,
& out_version ,
& out_revision_info ,
& connect_hnd ,
& result ) ;
if ( any_nt_status_not_ok ( nt_status , result , & nt_status ) ) {
DBG_ERR ( " Couldn't open policy handle: %s \n " ,
nt_errstr ( nt_status ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-03-01 05:56:35 +03:00
}
/* Querying info level 5 */
2008-02-08 04:12:30 +03:00
2024-04-30 10:55:15 +03:00
nt_status = dcerpc_lsa_QueryInfoPolicy ( b , frame ,
2008-02-08 04:12:30 +03:00
& connect_hnd ,
LSA_POLICY_INFO_ACCOUNT_DOMAIN ,
2011-01-18 19:25:02 +03:00
& info ,
& result ) ;
2002-03-01 05:56:35 +03:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " LSA Query Info failed. Returned error was %s \n " ,
2002-03-17 07:36:35 +03:00
nt_errstr ( nt_status ) ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-03-01 05:56:35 +03:00
}
2011-01-18 19:25:02 +03:00
if ( NT_STATUS_IS_ERR ( result ) ) {
DEBUG ( 0 , ( " LSA Query Info failed. Returned error was %s \n " ,
nt_errstr ( result ) ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2011-01-18 19:25:02 +03:00
}
2002-03-01 05:56:35 +03:00
2008-02-08 04:12:30 +03:00
domain_sid = info - > account_domain . sid ;
2002-03-01 05:56:35 +03:00
/* There should be actually query info level 3 (following nt serv behaviour),
but I still don ' t know if it ' s _really_ necessary */
2008-05-08 13:23:38 +04:00
2002-07-15 14:35:28 +04:00
/*
* Store the password in secrets db
*/
2024-01-10 17:06:14 +03:00
pwd = cli_credentials_get_password ( c - > creds ) ;
if ( ! pdb_set_trusteddom_pw ( domain_name , pwd , domain_sid ) ) {
2002-07-15 14:35:28 +04:00
DEBUG ( 0 , ( " Storing password for trusted domain failed. \n " ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-07-15 14:35:28 +04:00
}
2008-05-08 13:23:38 +04:00
2002-03-01 05:56:35 +03:00
/*
* Close the pipes and clean up
*/
2008-05-08 13:23:38 +04:00
2024-04-30 10:55:15 +03:00
nt_status = dcerpc_lsa_Close ( b , frame , & connect_hnd , & result ) ;
2002-03-01 05:56:35 +03:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't close LSA pipe. Error was %s \n " ,
2002-03-17 07:36:35 +03:00
nt_errstr ( nt_status ) ) ) ;
2024-06-06 18:31:10 +03:00
goto out ;
2002-03-01 05:56:35 +03:00
}
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Trust to domain %s established \n " ) , domain_name ) ;
2024-06-06 18:31:10 +03:00
rc = 0 ;
out :
cli_shutdown ( cli ) ;
2024-04-30 10:55:15 +03:00
TALLOC_FREE ( frame ) ;
2024-06-06 18:31:10 +03:00
return rc ;
2002-03-01 05:56:35 +03:00
}
/**
2008-06-12 12:55:55 +04:00
* Revoke trust relationship to the remote domain .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard argc .
* @ param argv Standard argv without initial components .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return Integer status ( 0 means success ) .
2002-03-01 05:56:35 +03:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_trustdom_revoke ( struct net_context * c , int argc ,
const char * * argv )
2002-08-17 18:45:04 +04:00
{
2002-03-01 05:56:35 +03:00
char * domain_name ;
2007-01-16 11:17:26 +03:00
int rc = - 1 ;
2002-03-01 05:56:35 +03:00
2008-05-21 12:27:59 +04:00
if ( argc < 1 | | c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n %s " ,
_ ( " Usage: " ) ,
_ ( " net rpc trustdom revoke <domain_name> \n "
2009-08-04 10:28:50 +04:00
" Revoke trust relationship \n "
" domain_name \t Name of domain to revoke trust \n " ) ) ;
2008-05-21 12:27:59 +04:00
return - 1 ;
}
2008-05-08 13:23:38 +04:00
2002-03-01 05:56:35 +03:00
/* generate upper cased domain name */
domain_name = smb_xstrdup ( argv [ 0 ] ) ;
2012-08-09 02:35:28 +04:00
if ( ! strupper_m ( domain_name ) ) {
SAFE_FREE ( domain_name ) ;
return - 1 ;
}
2002-03-01 05:56:35 +03:00
/* delete password of the trust */
2007-01-16 11:17:26 +03:00
if ( ! pdb_del_trusteddom_pw ( domain_name ) ) {
2002-03-01 05:56:35 +03:00
DEBUG ( 0 , ( " Failed to revoke relationship to the trusted domain %s \n " ,
domain_name ) ) ;
2007-01-16 11:17:26 +03:00
goto done ;
2002-03-01 05:56:35 +03:00
} ;
2008-05-08 13:23:38 +04:00
2007-01-16 11:17:26 +03:00
rc = 0 ;
done :
SAFE_FREE ( domain_name ) ;
return rc ;
2002-03-01 05:56:35 +03:00
}
2008-05-10 01:22:12 +04:00
static NTSTATUS rpc_query_domain_sid ( struct net_context * c ,
2010-05-21 05:25:01 +04:00
const struct dom_sid * domain_sid ,
2008-05-08 13:23:38 +04:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2002-08-17 18:45:04 +04:00
{
2018-12-06 19:53:24 +03:00
struct dom_sid_buf sid_str ;
d_printf ( " %s \n " , dom_sid_str_buf ( domain_sid , & sid_str ) ) ;
2002-08-17 18:45:04 +04:00
return NT_STATUS_OK ;
2003-09-22 21:53:59 +04:00
}
2002-08-17 18:45:04 +04:00
2010-05-21 05:25:01 +04:00
static void print_trusted_domain ( struct dom_sid * dom_sid , const char * trusted_dom_name )
2005-06-08 17:59:03 +04:00
{
2018-12-06 19:53:24 +03:00
struct dom_sid_buf sid_str ;
2005-06-08 17:59:03 +04:00
2018-12-06 19:53:24 +03:00
d_printf ( " %-20s%s \n " ,
trusted_dom_name ,
dom_sid_str_buf ( dom_sid , & sid_str ) ) ;
2005-06-08 17:59:03 +04:00
}
2005-09-30 21:13:37 +04:00
static NTSTATUS vampire_trusted_domain ( struct rpc_pipe_client * pipe_hnd ,
2008-05-08 13:23:38 +04:00
TALLOC_CTX * mem_ctx ,
2009-03-19 00:49:41 +03:00
struct policy_handle * pol ,
2010-05-21 05:25:01 +04:00
struct dom_sid dom_sid ,
2005-06-08 17:59:03 +04:00
const char * trusted_dom_name )
{
2011-01-18 19:25:02 +03:00
NTSTATUS nt_status , result ;
2008-04-09 00:55:52 +04:00
union lsa_TrustedDomainInfo * info = NULL ;
2005-07-28 19:01:29 +04:00
char * cleartextpwd = NULL ;
2011-07-25 05:21:31 +04:00
DATA_BLOB session_key ;
2009-05-13 17:17:46 +04:00
DATA_BLOB data = data_blob_null ;
2011-01-18 19:25:02 +03:00
struct dcerpc_binding_handle * b = pipe_hnd - > binding_handle ;
2005-06-08 17:59:03 +04:00
2011-01-18 19:25:02 +03:00
nt_status = dcerpc_lsa_QueryTrustedDomainInfoBySid ( b , mem_ctx ,
2008-01-14 17:33:26 +03:00
pol ,
& dom_sid ,
LSA_TRUSTED_DOMAIN_INFO_PASSWORD ,
2011-01-18 19:25:02 +03:00
& info ,
& result ) ;
2005-06-08 17:59:03 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Could not query trusted domain info. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
goto done ;
}
2011-01-18 19:25:02 +03:00
if ( NT_STATUS_IS_ERR ( result ) ) {
nt_status = result ;
DEBUG ( 0 , ( " Could not query trusted domain info. Error was %s \n " ,
nt_errstr ( result ) ) ) ;
goto done ;
}
2005-06-08 17:59:03 +04:00
2008-04-09 00:55:52 +04:00
data = data_blob ( info - > password . password - > data ,
info - > password . password - > length ) ;
2008-01-14 17:33:26 +03:00
2024-09-14 16:54:25 +03:00
nt_status = dcerpc_binding_handle_transport_session_key (
b , mem_ctx , & session_key ) ;
2011-07-25 05:21:31 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 0 , ( " Could not retrieve session key: %s \n " , nt_errstr ( nt_status ) ) ) ;
2008-04-21 10:01:51 +04:00
goto done ;
}
2011-07-25 05:21:31 +04:00
cleartextpwd = sess_decrypt_string ( mem_ctx , & data , & session_key ) ;
data_blob_free ( & session_key ) ;
2005-06-08 17:59:03 +04:00
if ( cleartextpwd = = NULL ) {
DEBUG ( 0 , ( " retrieved NULL password \n " ) ) ;
nt_status = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
2008-05-08 13:23:38 +04:00
2007-01-16 11:17:26 +03:00
if ( ! pdb_set_trusteddom_pw ( trusted_dom_name , cleartextpwd , & dom_sid ) ) {
2005-06-08 17:59:03 +04:00
DEBUG ( 0 , ( " Storing password for trusted domain failed. \n " ) ) ;
nt_status = NT_STATUS_UNSUCCESSFUL ;
goto done ;
}
2005-12-19 05:22:13 +03:00
# ifdef DEBUG_PASSWORD
2018-12-10 14:47:36 +03:00
{
struct dom_sid_buf buf ;
DEBUG ( 100 , ( " successfully vampired trusted domain [%s], "
" sid: [%s], password: [%s] \n " ,
trusted_dom_name ,
dom_sid_str_buf ( & dom_sid , & buf ) ,
cleartextpwd ) ) ;
}
2005-12-19 05:22:13 +03:00
# endif
2005-06-08 17:59:03 +04:00
done :
SAFE_FREE ( cleartextpwd ) ;
data_blob_free ( & data ) ;
return nt_status ;
}
2008-05-10 01:22:12 +04:00
static int rpc_trustdom_vampire ( struct net_context * c , int argc ,
const char * * argv )
2005-06-08 17:59:03 +04:00
{
/* common variables */
TALLOC_CTX * mem_ctx ;
2005-09-30 21:13:37 +04:00
struct cli_state * cli = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
2011-01-18 19:25:02 +03:00
NTSTATUS nt_status , result ;
2005-06-08 17:59:03 +04:00
const char * domain_name = NULL ;
2009-03-19 00:49:41 +03:00
struct policy_handle connect_hnd ;
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation * info = NULL ;
2005-06-08 17:59:03 +04:00
/* trusted domains listing variables */
2008-02-13 02:25:40 +03:00
unsigned int enum_ctx = 0 ;
struct lsa_DomainList dom_list ;
2005-06-08 17:59:03 +04:00
fstring pdc_name ;
2011-01-18 19:25:02 +03:00
struct dcerpc_binding_handle * b ;
2023-08-31 17:22:02 +03:00
union lsa_revision_info out_revision_info = {
. info1 = {
. revision = 0 ,
} ,
} ;
uint32_t out_version = 0 ;
2005-06-08 17:59:03 +04:00
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc trustdom vampire \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Vampire trust relationship from remote server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2005-06-08 17:59:03 +04:00
/*
* Listing trusted domains ( stored in secrets . tdb , if local )
*/
mem_ctx = talloc_init ( " trust relationships vampire " ) ;
/*
* set domain and pdc name to local samba server ( default )
* or to remote one given in command line
*/
2011-05-13 22:21:30 +04:00
if ( strcasecmp_m ( c - > opt_workgroup , lp_workgroup ( ) ) ) {
2008-05-10 01:22:12 +04:00
domain_name = c - > opt_workgroup ;
c - > opt_target_workgroup = c - > opt_workgroup ;
2005-06-08 17:59:03 +04:00
} else {
2011-06-09 09:31:03 +04:00
fstrcpy ( pdc_name , lp_netbios_name ( ) ) ;
2005-06-08 17:59:03 +04:00
domain_name = talloc_strdup ( mem_ctx , lp_workgroup ( ) ) ;
2008-05-10 01:22:12 +04:00
c - > opt_target_workgroup = domain_name ;
2005-06-08 17:59:03 +04:00
} ;
/* open \PIPE\lsarpc and open policy handle */
2008-05-10 01:22:12 +04:00
nt_status = net_make_ipc_connection ( c , NET_FLAGS_PDC , & cli ) ;
2007-09-17 19:11:20 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't connect to domain controller: %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return - 1 ;
} ;
2013-05-24 15:29:28 +04:00
nt_status = cli_rpc_pipe_open_noauth ( cli , & ndr_table_lsarpc ,
2008-07-20 13:04:31 +04:00
& pipe_hnd ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2005-09-30 21:13:37 +04:00
DEBUG ( 0 , ( " Could not initialise lsa pipe. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return - 1 ;
} ;
2011-01-18 19:25:02 +03:00
b = pipe_hnd - > binding_handle ;
2023-08-31 17:22:02 +03:00
nt_status = dcerpc_lsa_open_policy_fallback ( b ,
mem_ctx ,
pipe_hnd - > srv_name_slash ,
false ,
KEY_QUERY_VALUE ,
& out_version ,
& out_revision_info ,
& connect_hnd ,
& result ) ;
if ( any_nt_status_not_ok ( nt_status , result , & nt_status ) ) {
DBG_ERR ( " Couldn't open policy handle: %s \n " ,
nt_errstr ( nt_status ) ) ;
2005-09-30 21:13:37 +04:00
cli_shutdown ( cli ) ;
2023-08-31 17:22:02 +03:00
talloc_free ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return - 1 ;
2023-08-31 17:22:02 +03:00
}
2005-06-08 17:59:03 +04:00
/* query info level 5 to obtain sid of a domain being queried */
2011-01-18 19:25:02 +03:00
nt_status = dcerpc_lsa_QueryInfoPolicy ( b , mem_ctx ,
2008-02-08 04:12:30 +03:00
& connect_hnd ,
LSA_POLICY_INFO_ACCOUNT_DOMAIN ,
2011-01-18 19:25:02 +03:00
& info ,
& result ) ;
2005-06-08 17:59:03 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " LSA Query Info failed. Returned error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2005-09-30 21:13:37 +04:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return - 1 ;
}
2011-01-18 19:25:02 +03:00
if ( NT_STATUS_IS_ERR ( result ) ) {
DEBUG ( 0 , ( " LSA Query Info failed. Returned error was %s \n " ,
nt_errstr ( result ) ) ) ;
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
}
2005-06-08 17:59:03 +04:00
/*
* Keep calling LsaEnumTrustdom over opened pipe until
* the end of enumeration is reached
*/
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Vampire trusted domains: \n \n " ) ) ;
2005-06-08 17:59:03 +04:00
do {
2021-07-25 11:22:37 +03:00
uint32_t i ;
2011-01-18 19:25:02 +03:00
nt_status = dcerpc_lsa_EnumTrustDom ( b , mem_ctx ,
2008-02-13 02:25:40 +03:00
& connect_hnd ,
& enum_ctx ,
& dom_list ,
2011-01-18 19:25:02 +03:00
( uint32_t ) - 1 ,
& result ) ;
2005-06-08 17:59:03 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't enumerate trusted domains. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2005-09-30 21:13:37 +04:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return - 1 ;
} ;
2011-01-18 19:25:02 +03:00
if ( NT_STATUS_IS_ERR ( result ) ) {
nt_status = result ;
DEBUG ( 0 , ( " Couldn't enumerate trusted domains. Error was %s \n " ,
nt_errstr ( result ) ) ) ;
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
} ;
2005-06-08 17:59:03 +04:00
2008-02-13 02:25:40 +03:00
for ( i = 0 ; i < dom_list . count ; i + + ) {
print_trusted_domain ( dom_list . domains [ i ] . sid ,
dom_list . domains [ i ] . name . string ) ;
2005-06-08 17:59:03 +04:00
2011-08-21 20:37:10 +04:00
nt_status = vampire_trusted_domain ( pipe_hnd , mem_ctx , & connect_hnd ,
2008-02-13 02:25:40 +03:00
* dom_list . domains [ i ] . sid ,
dom_list . domains [ i ] . name . string ) ;
2005-09-30 21:13:37 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return - 1 ;
2005-09-30 21:13:37 +04:00
}
2005-06-08 17:59:03 +04:00
} ;
/*
* in case of no trusted domains say something rather
* than just display blank line
*/
2009-08-04 10:28:50 +04:00
if ( ! dom_list . count ) d_printf ( _ ( " none \n " ) ) ;
2005-06-08 17:59:03 +04:00
} while ( NT_STATUS_EQUAL ( nt_status , STATUS_MORE_ENTRIES ) ) ;
/* close this connection before doing next one */
2011-01-18 19:25:02 +03:00
nt_status = dcerpc_lsa_Close ( b , mem_ctx , & connect_hnd , & result ) ;
2005-06-08 17:59:03 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't properly close lsa policy handle. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2005-09-30 21:13:37 +04:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return - 1 ;
} ;
/* close lsarpc pipe and connection to IPC$ */
cli_shutdown ( cli ) ;
2008-05-08 13:23:38 +04:00
talloc_destroy ( mem_ctx ) ;
2005-06-08 17:59:03 +04:00
return 0 ;
}
2002-08-17 18:45:04 +04:00
2008-05-10 01:22:12 +04:00
static int rpc_trustdom_list ( struct net_context * c , int argc , const char * * argv )
2002-08-17 18:45:04 +04:00
{
/* common variables */
TALLOC_CTX * mem_ctx ;
2005-09-30 21:13:37 +04:00
struct cli_state * cli = NULL , * remote_cli = NULL ;
struct rpc_pipe_client * pipe_hnd = NULL ;
2011-01-18 14:10:02 +03:00
NTSTATUS nt_status , result ;
2003-01-03 11:28:12 +03:00
const char * domain_name = NULL ;
2010-05-21 05:25:01 +04:00
struct dom_sid * queried_dom_sid ;
2002-08-17 18:45:04 +04:00
int ascii_dom_name_len ;
2009-03-19 00:49:41 +03:00
struct policy_handle connect_hnd ;
2008-02-08 04:12:30 +03:00
union lsa_PolicyInformation * info = NULL ;
2011-01-18 14:10:02 +03:00
struct dcerpc_binding_handle * b = NULL ;
2008-02-08 04:12:30 +03:00
2002-08-17 18:45:04 +04:00
/* trusted domains listing variables */
2003-08-15 08:42:05 +04:00
unsigned int num_domains , enum_ctx = 0 ;
2021-07-25 11:22:37 +03:00
uint32_t i ;
2008-02-13 02:25:40 +03:00
struct lsa_DomainList dom_list ;
2004-01-08 11:19:18 +03:00
fstring pdc_name ;
2009-11-23 00:38:45 +03:00
bool found_domain ;
2008-02-08 04:12:30 +03:00
2002-08-17 18:45:04 +04:00
/* trusting domains listing variables */
2009-03-19 00:49:41 +03:00
struct policy_handle domain_hnd ;
2008-02-12 13:36:33 +03:00
struct samr_SamArray * trusts = NULL ;
2023-08-31 17:22:02 +03:00
union lsa_revision_info out_revision_info = {
. info1 = {
. revision = 0 ,
} ,
} ;
uint32_t out_version = 0 ;
2008-02-12 13:36:33 +03:00
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc trustdom list \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " List incoming and outgoing trust relationships " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2002-08-17 18:45:04 +04:00
/*
* Listing trusted domains ( stored in secrets . tdb , if local )
*/
2002-12-20 23:21:31 +03:00
mem_ctx = talloc_init ( " trust relationships listing " ) ;
2002-08-17 18:45:04 +04:00
/*
* set domain and pdc name to local samba server ( default )
* or to remote one given in command line
*/
2008-05-08 13:23:38 +04:00
2011-05-13 22:21:30 +04:00
if ( strcasecmp_m ( c - > opt_workgroup , lp_workgroup ( ) ) ) {
2008-05-10 01:22:12 +04:00
domain_name = c - > opt_workgroup ;
c - > opt_target_workgroup = c - > opt_workgroup ;
2002-08-17 18:45:04 +04:00
} else {
2011-06-09 09:31:03 +04:00
fstrcpy ( pdc_name , lp_netbios_name ( ) ) ;
2002-08-17 18:45:04 +04:00
domain_name = talloc_strdup ( mem_ctx , lp_workgroup ( ) ) ;
2008-05-10 01:22:12 +04:00
c - > opt_target_workgroup = domain_name ;
2002-08-17 18:45:04 +04:00
} ;
/* open \PIPE\lsarpc and open policy handle */
2008-05-10 01:22:12 +04:00
nt_status = net_make_ipc_connection ( c , NET_FLAGS_PDC , & cli ) ;
2007-09-17 19:11:20 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't connect to domain controller: %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2013-05-24 15:29:28 +04:00
nt_status = cli_rpc_pipe_open_noauth ( cli , & ndr_table_lsarpc ,
2008-07-20 13:04:31 +04:00
& pipe_hnd ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2005-09-30 21:13:37 +04:00
DEBUG ( 0 , ( " Could not initialise lsa pipe. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2011-03-31 16:09:45 +04:00
b = pipe_hnd - > binding_handle ;
2023-08-31 17:22:02 +03:00
nt_status = dcerpc_lsa_open_policy_fallback ( b ,
mem_ctx ,
pipe_hnd - > srv_name_slash ,
true ,
KEY_QUERY_VALUE ,
& out_version ,
& out_revision_info ,
& connect_hnd ,
& result ) ;
if ( any_nt_status_not_ok ( nt_status , result , & nt_status ) ) {
DBG_ERR ( " Couldn't open policy handle: %s \n " ,
nt_errstr ( nt_status ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2023-08-31 17:22:02 +03:00
talloc_free ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
2023-08-31 17:22:02 +03:00
}
2011-08-21 20:37:10 +04:00
2002-08-17 18:45:04 +04:00
/* query info level 5 to obtain sid of a domain being queried */
2011-01-18 19:25:02 +03:00
nt_status = dcerpc_lsa_QueryInfoPolicy ( b , mem_ctx ,
2008-02-08 04:12:30 +03:00
& connect_hnd ,
LSA_POLICY_INFO_ACCOUNT_DOMAIN ,
2011-01-18 19:25:02 +03:00
& info ,
& result ) ;
2003-04-14 08:00:15 +04:00
2002-08-17 18:45:04 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " LSA Query Info failed. Returned error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
}
2011-01-18 19:25:02 +03:00
if ( NT_STATUS_IS_ERR ( result ) ) {
DEBUG ( 0 , ( " LSA Query Info failed. Returned error was %s \n " ,
nt_errstr ( result ) ) ) ;
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
}
2008-02-08 04:12:30 +03:00
queried_dom_sid = info - > account_domain . sid ;
2002-08-17 18:45:04 +04:00
/*
* Keep calling LsaEnumTrustdom over opened pipe until
* the end of enumeration is reached
*/
2009-11-23 00:38:45 +03:00
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Trusted domains list: \n \n " ) ) ;
2002-08-17 18:45:04 +04:00
2009-11-23 00:38:45 +03:00
found_domain = false ;
2002-08-17 18:45:04 +04:00
do {
2011-01-18 19:25:02 +03:00
nt_status = dcerpc_lsa_EnumTrustDom ( b , mem_ctx ,
2008-02-13 02:25:40 +03:00
& connect_hnd ,
& enum_ctx ,
& dom_list ,
2011-01-18 19:25:02 +03:00
( uint32_t ) - 1 ,
& result ) ;
2002-08-17 18:45:04 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't enumerate trusted domains. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2011-01-18 19:25:02 +03:00
if ( NT_STATUS_IS_ERR ( result ) ) {
DEBUG ( 0 , ( " Couldn't enumerate trusted domains. Error was %s \n " ,
nt_errstr ( result ) ) ) ;
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
} ;
2008-02-13 02:25:40 +03:00
for ( i = 0 ; i < dom_list . count ; i + + ) {
print_trusted_domain ( dom_list . domains [ i ] . sid ,
dom_list . domains [ i ] . name . string ) ;
2009-11-23 00:38:45 +03:00
found_domain = true ;
2002-08-17 18:45:04 +04:00
} ;
2008-02-13 02:25:40 +03:00
2002-08-17 18:45:04 +04:00
} while ( NT_STATUS_EQUAL ( nt_status , STATUS_MORE_ENTRIES ) ) ;
2009-11-23 00:38:45 +03:00
/*
* in case of no trusted domains say something rather
* than just display blank line
*/
if ( ! found_domain ) {
d_printf ( _ ( " none \n " ) ) ;
}
2002-08-17 18:45:04 +04:00
/* close this connection before doing next one */
2011-01-18 19:25:02 +03:00
nt_status = dcerpc_lsa_Close ( b , mem_ctx , & connect_hnd , & result ) ;
2002-08-17 18:45:04 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't properly close lsa policy handle. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2011-08-21 20:37:10 +04:00
2008-04-20 15:51:46 +04:00
TALLOC_FREE ( pipe_hnd ) ;
2002-08-17 18:45:04 +04:00
/*
* Listing trusting domains ( stored in passdb backend , if local )
*/
2011-08-21 20:37:10 +04:00
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " \n Trusting domains list: \n \n " ) ) ;
2002-08-17 18:45:04 +04:00
/*
* Open \ PIPE \ samr and get needed policy handles
*/
2013-05-24 15:29:28 +04:00
nt_status = cli_rpc_pipe_open_noauth ( cli , & ndr_table_samr ,
2008-07-20 13:04:31 +04:00
& pipe_hnd ) ;
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
2005-09-30 21:13:37 +04:00
DEBUG ( 0 , ( " Could not initialise samr pipe. Error was %s \n " , nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2008-02-04 21:43:07 +03:00
2011-01-18 14:10:02 +03:00
b = pipe_hnd - > binding_handle ;
2008-02-04 21:43:07 +03:00
/* SamrConnect2 */
2011-01-18 14:10:02 +03:00
nt_status = dcerpc_samr_Connect2 ( b , mem_ctx ,
2008-04-19 23:56:43 +04:00
pipe_hnd - > desthost ,
2009-04-16 02:40:00 +04:00
SAMR_ACCESS_LOOKUP_DOMAIN ,
2011-01-18 14:10:02 +03:00
& connect_hnd ,
& result ) ;
2002-08-17 18:45:04 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't open SAMR policy handle. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2011-01-18 14:10:02 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
nt_status = result ;
DEBUG ( 0 , ( " Couldn't open SAMR policy handle. Error was %s \n " ,
nt_errstr ( result ) ) ) ;
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
} ;
2008-02-01 13:12:05 +03:00
2002-08-17 18:45:04 +04:00
/* SamrOpenDomain - we have to open domain policy handle in order to be
able to enumerate accounts */
2011-01-18 14:10:02 +03:00
nt_status = dcerpc_samr_OpenDomain ( b , mem_ctx ,
2008-02-01 13:12:05 +03:00
& connect_hnd ,
2008-10-23 21:39:14 +04:00
SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS ,
2008-02-01 13:12:05 +03:00
queried_dom_sid ,
2011-01-18 14:10:02 +03:00
& domain_hnd ,
& result ) ;
2002-08-17 18:45:04 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't open domain object. Error was %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2011-01-18 14:10:02 +03:00
if ( ! NT_STATUS_IS_OK ( result ) ) {
nt_status = result ;
DEBUG ( 0 , ( " Couldn't open domain object. Error was %s \n " ,
nt_errstr ( result ) ) ) ;
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
} ;
2008-05-08 13:23:38 +04:00
2002-08-17 18:45:04 +04:00
/*
* perform actual enumeration
*/
2008-05-08 13:23:38 +04:00
2009-11-23 00:38:45 +03:00
found_domain = false ;
2002-08-17 18:45:04 +04:00
enum_ctx = 0 ; /* reset enumeration context from last enumeration */
do {
2008-02-12 13:36:33 +03:00
2011-01-18 14:10:02 +03:00
nt_status = dcerpc_samr_EnumDomainUsers ( b , mem_ctx ,
2008-02-12 13:36:33 +03:00
& domain_hnd ,
& enum_ctx ,
ACB_DOMTRUST ,
& trusts ,
0xffff ,
2011-01-18 14:10:02 +03:00
& num_domains ,
& result ) ;
2002-08-17 18:45:04 +04:00
if ( NT_STATUS_IS_ERR ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't enumerate accounts. Error was: %s \n " ,
nt_errstr ( nt_status ) ) ) ;
2007-03-08 01:29:21 +03:00
cli_shutdown ( cli ) ;
2007-03-01 05:43:33 +03:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return - 1 ;
} ;
2011-01-18 14:10:02 +03:00
if ( NT_STATUS_IS_ERR ( result ) ) {
nt_status = result ;
DEBUG ( 0 , ( " Couldn't enumerate accounts. Error was: %s \n " ,
nt_errstr ( result ) ) ) ;
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
} ;
2008-02-12 13:36:33 +03:00
2002-08-17 18:45:04 +04:00
for ( i = 0 ; i < num_domains ; i + + ) {
2011-05-06 01:56:30 +04:00
char * str = discard_const_p ( char , trusts - > entries [ i ] . name . string ) ;
2008-02-12 13:36:33 +03:00
2009-11-23 00:38:45 +03:00
found_domain = true ;
2002-08-17 18:45:04 +04:00
/*
* get each single domain ' s sid ( do we _really_ need this ? ) :
* 1 ) connect to domain ' s pdc
* 2 ) query the pdc for domain ' s sid
*/
/* get rid of '$' tail */
2008-02-12 13:36:33 +03:00
ascii_dom_name_len = strlen ( str ) ;
2002-08-17 18:45:04 +04:00
if ( ascii_dom_name_len & & ascii_dom_name_len < FSTRING_LEN )
2008-02-12 13:36:33 +03:00
str [ ascii_dom_name_len - 1 ] = ' \0 ' ;
2002-08-17 18:45:04 +04:00
/* set opt_* variables to remote domain */
2012-08-09 02:35:28 +04:00
if ( ! strupper_m ( str ) ) {
cli_shutdown ( cli ) ;
talloc_destroy ( mem_ctx ) ;
return - 1 ;
}
2008-05-10 01:22:12 +04:00
c - > opt_workgroup = talloc_strdup ( mem_ctx , str ) ;
c - > opt_target_workgroup = c - > opt_workgroup ;
2008-02-12 13:36:33 +03:00
2009-10-13 17:56:00 +04:00
d_printf ( " %-20s " , str ) ;
2008-02-12 13:36:33 +03:00
2002-08-17 18:45:04 +04:00
/* connect to remote domain controller */
2008-05-10 01:22:12 +04:00
nt_status = net_make_ipc_connection ( c ,
2007-09-17 19:11:20 +04:00
NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS ,
& remote_cli ) ;
if ( NT_STATUS_IS_OK ( nt_status ) ) {
2002-08-17 18:45:04 +04:00
/* query for domain's sid */
2008-07-20 20:36:31 +04:00
if ( run_rpc_command (
c , remote_cli ,
2012-01-10 14:53:42 +04:00
& ndr_table_lsarpc , 0 ,
2008-07-20 20:36:31 +04:00
rpc_query_domain_sid , argc ,
argv ) )
2009-10-28 16:33:40 +03:00
d_printf ( _ ( " strange - couldn't get domain's sid \n " ) ) ;
2002-08-17 18:45:04 +04:00
cli_shutdown ( remote_cli ) ;
2008-05-08 13:23:38 +04:00
2002-08-17 18:45:04 +04:00
} else {
2009-08-04 10:28:50 +04:00
d_fprintf ( stderr , _ ( " domain controller is not "
" responding: %s \n " ) ,
2007-09-17 19:11:20 +04:00
nt_errstr ( nt_status ) ) ;
2009-10-28 16:33:40 +03:00
d_printf ( _ ( " couldn't get domain's sid \n " ) ) ;
2009-11-23 00:38:45 +03:00
}
}
2008-05-08 13:23:38 +04:00
2011-01-18 14:10:02 +03:00
} while ( NT_STATUS_EQUAL ( result , STATUS_MORE_ENTRIES ) ) ;
2002-08-17 18:45:04 +04:00
2009-11-23 00:38:45 +03:00
if ( ! found_domain ) {
d_printf ( " none \n " ) ;
}
2002-08-17 18:45:04 +04:00
/* close opened samr and domain policy handles */
2011-01-18 14:10:02 +03:00
nt_status = dcerpc_samr_Close ( b , mem_ctx , & domain_hnd , & result ) ;
2002-08-17 18:45:04 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't properly close domain policy handle for domain %s \n " , domain_name ) ) ;
} ;
2008-05-08 13:23:38 +04:00
2011-01-18 14:10:02 +03:00
nt_status = dcerpc_samr_Close ( b , mem_ctx , & connect_hnd , & result ) ;
2002-08-17 18:45:04 +04:00
if ( ! NT_STATUS_IS_OK ( nt_status ) ) {
DEBUG ( 0 , ( " Couldn't properly close samr policy handle for domain %s \n " , domain_name ) ) ;
} ;
2008-05-08 13:23:38 +04:00
2002-08-17 18:45:04 +04:00
/* close samr pipe and connection to IPC$ */
cli_shutdown ( cli ) ;
2008-05-08 13:23:38 +04:00
talloc_destroy ( mem_ctx ) ;
2002-08-17 18:45:04 +04:00
return 0 ;
}
2002-03-01 05:56:35 +03:00
/**
2008-06-12 12:55:55 +04:00
* Entrypoint for ' net rpc trustdom ' code .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ param argc Standard argc .
* @ param argv Standard argv without initial components .
2002-03-01 05:56:35 +03:00
*
2008-06-12 12:55:55 +04:00
* @ return Integer status ( 0 means success ) .
2002-03-01 05:56:35 +03:00
*/
2008-05-10 01:22:12 +04:00
static int rpc_trustdom ( struct net_context * c , int argc , const char * * argv )
2002-03-01 05:56:35 +03:00
{
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" add " ,
rpc_trustdom_add ,
NET_TRANSPORT_RPC ,
2009-10-13 00:37:34 +04:00
N_ ( " Add trusting domain's account " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc trustdom add \n "
2009-10-13 00:37:34 +04:00
" Add trusting domain's account " )
2008-05-21 12:27:59 +04:00
} ,
{
" del " ,
rpc_trustdom_del ,
NET_TRANSPORT_RPC ,
2009-10-13 00:37:34 +04:00
N_ ( " Remove trusting domain's account " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc trustdom del \n "
2009-10-13 00:37:34 +04:00
" Remove trusting domain's account " )
2008-05-21 12:27:59 +04:00
} ,
{
" establish " ,
rpc_trustdom_establish ,
NET_TRANSPORT_RPC ,
2009-10-13 00:37:34 +04:00
N_ ( " Establish outgoing trust relationship " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc trustdom establish \n "
2009-10-13 00:37:34 +04:00
" Establish outgoing trust relationship " )
2008-05-21 12:27:59 +04:00
} ,
{
" revoke " ,
rpc_trustdom_revoke ,
NET_TRANSPORT_RPC ,
2009-10-13 00:37:34 +04:00
N_ ( " Revoke outgoing trust relationship " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc trustdom revoke \n "
2009-10-13 00:37:34 +04:00
" Revoke outgoing trust relationship " )
2008-05-21 12:27:59 +04:00
} ,
{
" list " ,
rpc_trustdom_list ,
NET_TRANSPORT_RPC ,
2009-10-13 00:37:34 +04:00
N_ ( " List in- and outgoing domain trusts " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc trustdom list \n "
2009-10-13 00:37:34 +04:00
" List in- and outgoing domain trusts " )
2008-05-21 12:27:59 +04:00
} ,
{
" vampire " ,
rpc_trustdom_vampire ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Vampire trusts from remote server " ) ,
N_ ( " net rpc trustdom vampire \n "
" Vampire trusts from remote server " )
2008-05-21 12:27:59 +04:00
} ,
{ NULL , NULL , 0 , NULL , NULL }
2002-03-01 05:56:35 +03:00
} ;
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc trustdom " , func ) ;
2002-03-01 05:56:35 +03:00
}
2002-04-05 05:36:28 +04:00
/**
* Check if a server will take rpc commands
* @ param flags Type of server to connect to ( PDC , DMB , localhost )
* if the host is not explicitly specified
2007-10-19 04:40:25 +04:00
* @ return bool ( true means rpc supported )
2002-04-05 05:36:28 +04:00
*/
2008-05-10 01:22:12 +04:00
bool net_rpc_check ( struct net_context * c , unsigned flags )
2002-04-05 05:36:28 +04:00
{
2006-07-11 22:01:26 +04:00
struct cli_state * cli ;
2008-05-12 13:53:23 +04:00
bool ret = false ;
2007-10-25 01:16:54 +04:00
struct sockaddr_storage server_ss ;
2002-04-05 05:36:28 +04:00
char * server_name = NULL ;
2007-06-20 21:38:42 +04:00
NTSTATUS status ;
2002-04-05 05:36:28 +04:00
/* flags (i.e. server type) may depend on command */
2008-05-10 01:22:12 +04:00
if ( ! net_find_server ( c , NULL , flags , & server_ss , & server_name ) )
2008-05-12 13:53:23 +04:00
return false ;
2002-04-05 05:36:28 +04:00
2023-10-31 17:13:04 +03:00
status = cli_connect_nb ( c ,
server_name ,
& server_ss ,
0 ,
0x20 ,
lp_netbios_name ( ) ,
SMB_SIGNING_IPC_DEFAULT ,
0 ,
& cli ) ;
2011-05-28 23:01:59 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
2018-12-17 23:17:24 +03:00
if ( NT_STATUS_EQUAL ( status , NT_STATUS_NOT_SUPPORTED ) ) {
DBG_ERR ( " NetBIOS support disabled, unable to connect \n " ) ;
}
2008-05-12 13:53:23 +04:00
return false ;
2006-07-11 22:01:26 +04:00
}
2023-09-19 21:10:12 +03:00
status = smbXcli_negprot ( cli - > conn ,
cli - > timeout ,
2019-11-22 20:01:45 +03:00
lp_client_min_protocol ( ) ,
2023-09-19 21:10:12 +03:00
lp_client_max_protocol ( ) ,
NULL ,
NULL ,
NULL ) ;
2008-09-11 20:57:49 +04:00
if ( ! NT_STATUS_IS_OK ( status ) )
2002-04-05 05:36:28 +04:00
goto done ;
2012-05-19 20:09:30 +04:00
if ( smbXcli_conn_protocol ( cli - > conn ) < PROTOCOL_NT1 )
2002-04-05 05:36:28 +04:00
goto done ;
2008-05-12 13:53:23 +04:00
ret = true ;
2002-04-05 05:36:28 +04:00
done :
2006-07-11 22:01:26 +04:00
cli_shutdown ( cli ) ;
2002-04-05 05:36:28 +04:00
return ret ;
}
2023-07-18 12:36:49 +03:00
/* synchronise sam database via samsync rpc calls */
2008-06-13 23:46:59 +04:00
static int rpc_vampire ( struct net_context * c , int argc , const char * * argv )
{
struct functable func [ ] = {
2008-06-18 14:52:00 +04:00
{
" keytab " ,
rpc_vampire_keytab ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Dump remote SAM database to Kerberos Keytab " ) ,
N_ ( " net rpc vampire keytab \n "
" Dump remote SAM database to Kerberos keytab "
" file " )
2008-06-18 14:52:00 +04:00
} ,
2008-11-18 15:25:50 +03:00
{
" passdb " ,
rpc_vampire_passdb ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Dump remote SAM database to passdb " ) ,
N_ ( " net rpc vampire passdb \n "
" Dump remote SAM database to passdb " )
2008-11-18 15:25:50 +03:00
} ,
2008-06-18 14:52:00 +04:00
2008-06-13 23:46:59 +04:00
{ NULL , NULL , 0 , NULL , NULL }
} ;
if ( argc = = 0 ) {
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc vampire \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Vampire remote SAM database " ) ) ;
2008-06-13 23:46:59 +04:00
return 0 ;
}
2011-01-04 10:50:20 +03:00
return rpc_vampire_passdb ( c , argc , argv ) ;
2008-05-21 12:27:59 +04:00
}
2008-06-13 23:46:59 +04:00
return net_run_function ( c , argc , argv , " net rpc vampire " , func ) ;
2004-02-08 13:59:09 +03:00
}
2004-08-10 18:27:17 +04:00
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate everything from a print server .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
*
* The order is important !
2008-06-12 12:55:55 +04:00
* To successfully add drivers the print queues have to exist !
* Applying ACLs should be the last step , because you ' re easily locked out .
2004-08-10 18:27:17 +04:00
*
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_migrate_all ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
int ret ;
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer migrate all \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate everything from a print server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2012-01-10 14:53:42 +04:00
ret = run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2008-05-10 01:22:12 +04:00
rpc_printer_migrate_printers_internals , argc ,
argv ) ;
2004-08-10 18:27:17 +04:00
if ( ret )
return ret ;
2012-01-10 14:53:42 +04:00
ret = run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2008-05-10 01:22:12 +04:00
rpc_printer_migrate_drivers_internals , argc ,
argv ) ;
2004-08-10 18:27:17 +04:00
if ( ret )
return ret ;
2012-01-10 14:53:42 +04:00
ret = run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2008-05-10 01:22:12 +04:00
rpc_printer_migrate_forms_internals , argc , argv ) ;
2004-08-10 18:27:17 +04:00
if ( ret )
return ret ;
2012-01-10 14:53:42 +04:00
ret = run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2008-05-10 01:22:12 +04:00
rpc_printer_migrate_settings_internals , argc ,
argv ) ;
2004-08-10 18:27:17 +04:00
if ( ret )
return ret ;
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2008-05-10 01:22:12 +04:00
rpc_printer_migrate_security_internals , argc ,
argv ) ;
2004-08-10 18:27:17 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate print drivers from a print server .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_migrate_drivers ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer migrate drivers \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate print-drivers from a print-server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2004-08-10 18:27:17 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-08-10 18:27:17 +04:00
rpc_printer_migrate_drivers_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate print - forms from a print - server .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_migrate_forms ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer migrate forms \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate print-forms from a print-server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2004-08-10 18:27:17 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-08-10 18:27:17 +04:00
rpc_printer_migrate_forms_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate printers from a print - server .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_migrate_printers ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer migrate printers \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate printers from a print-server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2004-08-10 18:27:17 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-08-10 18:27:17 +04:00
rpc_printer_migrate_printers_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2004-08-10 18:27:17 +04:00
* Migrate printer - ACLs from a print - server
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_migrate_security ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer migrate security \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate printer-ACLs from a print-server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2004-08-10 18:27:17 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-08-10 18:27:17 +04:00
rpc_printer_migrate_security_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Migrate printer - settings from a print - server .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_migrate_settings ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer migrate settings \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Migrate printer-settings from a "
" print-server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2008-05-10 01:22:12 +04:00
if ( ! c - > opt_host ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " no server to migrate \n " ) ) ;
2004-08-21 00:13:05 +04:00
return - 1 ;
}
2004-08-10 18:27:17 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-08-10 18:27:17 +04:00
rpc_printer_migrate_settings_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2004-08-10 18:27:17 +04:00
* ' net rpc printer ' entrypoint .
2008-05-10 01:22:12 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
int rpc_printer_migrate ( struct net_context * c , int argc , const char * * argv )
2004-08-10 18:27:17 +04:00
{
/* ouch: when addriver and setdriver are called from within
rpc_printer_migrate_drivers_internals , the printer - queue already
* has * to exist */
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" all " ,
rpc_printer_migrate_all ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate all from remote to local print server " ) ,
N_ ( " net rpc printer migrate all \n "
" Migrate all from remote to local print server " )
2008-05-21 12:27:59 +04:00
} ,
{
" drivers " ,
rpc_printer_migrate_drivers ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate drivers to local server " ) ,
N_ ( " net rpc printer migrate drivers \n "
" Migrate drivers to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" forms " ,
rpc_printer_migrate_forms ,
NET_TRANSPORT_RPC ,
2023-07-18 12:36:49 +03:00
N_ ( " Migrate forms to local server " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc printer migrate forms \n "
2023-07-18 12:36:49 +03:00
" Migrate forms to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" printers " ,
rpc_printer_migrate_printers ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate printers to local server " ) ,
N_ ( " net rpc printer migrate printers \n "
" Migrate printers to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" security " ,
rpc_printer_migrate_security ,
NET_TRANSPORT_RPC ,
2019-08-29 22:33:56 +03:00
N_ ( " Migrate printer ACLs to local server " ) ,
2009-08-04 10:28:50 +04:00
N_ ( " net rpc printer migrate security \n "
2019-08-29 22:33:56 +03:00
" Migrate printer ACLs to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" settings " ,
rpc_printer_migrate_settings ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate printer settings to local server " ) ,
N_ ( " net rpc printer migrate settings \n "
" Migrate printer settings to local server " )
2008-05-21 12:27:59 +04:00
} ,
{ NULL , NULL , 0 , NULL , NULL }
2004-08-10 18:27:17 +04:00
} ;
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc printer migrate " , func ) ;
2004-08-10 18:27:17 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* List printers on a remote RPC server .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_list ( struct net_context * c , int argc , const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer list \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " List printers on a remote RPC server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-08-10 18:27:17 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-08-10 18:27:17 +04:00
rpc_printer_list_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* List printer - drivers on a remote RPC server .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_driver_list ( struct net_context * c , int argc ,
const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer driver \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " List printer-drivers on a remote RPC server " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-08-10 18:27:17 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2009-11-08 21:37:26 +03:00
rpc_printer_driver_list_internals ,
2004-08-10 18:27:17 +04:00
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Publish printer in ADS via MSRPC .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-10-13 05:40:35 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_publish_publish ( struct net_context * c , int argc ,
const char * * argv )
2004-10-13 05:40:35 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer publish publish \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Publish printer in ADS via MSRPC " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-10-13 05:40:35 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2009-11-08 21:37:26 +03:00
rpc_printer_publish_publish_internals ,
2004-10-13 05:40:35 +04:00
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Update printer in ADS via MSRPC .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-10-13 05:40:35 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_publish_update ( struct net_context * c , int argc , const char * * argv )
2004-10-13 05:40:35 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer publish update \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " Update printer in ADS via MSRPC " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-10-13 05:40:35 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-10-13 05:40:35 +04:00
rpc_printer_publish_update_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* UnPublish printer in ADS via MSRPC .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-10-13 05:40:35 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_publish_unpublish ( struct net_context * c , int argc ,
const char * * argv )
2004-10-13 05:40:35 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer publish unpublish \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: \n " ) ,
_ ( " UnPublish printer in ADS via MSRPC " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-10-13 05:40:35 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-10-13 05:40:35 +04:00
rpc_printer_publish_unpublish_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* List published printers via MSRPC .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-10-13 05:40:35 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_publish_list ( struct net_context * c , int argc ,
const char * * argv )
2004-10-13 05:40:35 +04:00
{
2008-05-21 12:27:59 +04:00
if ( c - > display_usage ) {
2010-01-19 13:43:54 +03:00
d_printf ( " %s \n "
2009-08-04 10:28:50 +04:00
" net rpc printer publish list \n "
2010-01-19 13:43:54 +03:00
" %s \n " ,
_ ( " Usage: " ) ,
_ ( " List published printers via MSRPC " ) ) ;
2008-05-21 12:27:59 +04:00
return 0 ;
}
2004-10-13 05:40:35 +04:00
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2004-10-13 05:40:35 +04:00
rpc_printer_publish_list_internals ,
argc , argv ) ;
}
2008-05-08 13:23:38 +04:00
/**
2008-06-12 12:55:55 +04:00
* Publish printer in ADS .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-10-13 05:40:35 +04:00
*
2008-06-12 12:55:55 +04:00
* @ return A shell status integer ( 0 for success ) .
2004-10-13 05:40:35 +04:00
* */
2008-05-10 01:22:12 +04:00
static int rpc_printer_publish ( struct net_context * c , int argc ,
const char * * argv )
2004-10-13 05:40:35 +04:00
{
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" publish " ,
rpc_printer_publish_publish ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Publish printer in AD " ) ,
N_ ( " net rpc printer publish publish \n "
" Publish printer in AD " )
2008-05-21 12:27:59 +04:00
} ,
{
" update " ,
rpc_printer_publish_update ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Update printer in AD " ) ,
N_ ( " net rpc printer publish update \n "
" Update printer in AD " )
2008-05-21 12:27:59 +04:00
} ,
{
" unpublish " ,
rpc_printer_publish_unpublish ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Unpublish printer " ) ,
N_ ( " net rpc printer publish unpublish \n "
" Unpublish printer " )
2008-05-21 12:27:59 +04:00
} ,
{
" list " ,
rpc_printer_publish_list ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List published printers " ) ,
N_ ( " net rpc printer publish list \n "
" List published printers " )
2008-05-21 12:27:59 +04:00
} ,
{ NULL , NULL , 0 , NULL , NULL }
2004-10-13 05:40:35 +04:00
} ;
2008-05-21 12:27:59 +04:00
if ( argc = = 0 ) {
if ( c - > display_usage ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Usage: \n " ) ) ;
d_printf ( _ ( " net rpc printer publish \n "
" List published printers \n "
" Alias of net rpc printer publish "
" list \n " ) ) ;
2008-05-21 12:27:59 +04:00
net_display_usage_from_functable ( func ) ;
return 0 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2009-11-08 21:37:26 +03:00
rpc_printer_publish_list_internals ,
argc , argv ) ;
2008-05-21 12:27:59 +04:00
}
2004-10-13 05:40:35 +04:00
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc printer publish " , func ) ;
2004-10-13 05:40:35 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2004-08-10 18:27:17 +04:00
* Display rpc printer help page .
2008-05-10 01:22:12 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
int rpc_printer_usage ( struct net_context * c , int argc , const char * * argv )
2004-08-10 18:27:17 +04:00
{
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " net rpc printer LIST [printer] [misc. options] [targets] \n "
" \t lists all printers on print-server \n \n " ) ) ;
d_printf ( _ ( " net rpc printer DRIVER [printer] [misc. options] [targets] \n "
" \t lists all printer-drivers on print-server \n \n " ) ) ;
d_printf ( _ ( " net rpc printer PUBLISH action [printer] [misc. options] [targets] \n "
" \t publishes printer settings in Active Directory \n "
" \t action can be one of PUBLISH, UPDATE, UNPUBLISH or LIST \n \n " ) ) ;
d_printf ( _ ( " net rpc printer MIGRATE PRINTERS [printer] [misc. options] [targets] "
" \n \t migrates printers from remote to local server \n \n " ) ) ;
d_printf ( _ ( " net rpc printer MIGRATE SETTINGS [printer] [misc. options] [targets] "
" \n \t migrates printer-settings from remote to local server \n \n " ) ) ;
d_printf ( _ ( " net rpc printer MIGRATE DRIVERS [printer] [misc. options] [targets] "
" \n \t migrates printer-drivers from remote to local server \n \n " ) ) ;
d_printf ( _ ( " net rpc printer MIGRATE FORMS [printer] [misc. options] [targets] "
" \n \t migrates printer-forms from remote to local server \n \n " ) ) ;
d_printf ( _ ( " net rpc printer MIGRATE SECURITY [printer] [misc. options] [targets] "
" \n \t migrates printer-ACLs from remote to local server \n \n " ) ) ;
d_printf ( _ ( " net rpc printer MIGRATE ALL [printer] [misc. options] [targets] "
" \n \t migrates drivers, forms, queues, settings and acls from \n "
" \t remote to local print-server \n \n " ) ) ;
2008-05-14 16:29:52 +04:00
net_common_methods_usage ( c , argc , argv ) ;
net_common_flags_usage ( c , argc , argv ) ;
2009-08-04 10:28:50 +04:00
d_printf ( _ (
2008-05-14 16:29:52 +04:00
" \t -v or --verbose \t \t \t give verbose output \n "
2009-08-04 10:28:50 +04:00
" \t --destination \t \t migration target server (default: localhost) \n " ) ) ;
2008-05-14 16:29:52 +04:00
return - 1 ;
2004-08-10 18:27:17 +04:00
}
2008-05-08 13:23:38 +04:00
/**
2004-08-10 18:27:17 +04:00
* ' net rpc printer ' entrypoint .
2008-05-10 01:22:12 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2004-08-10 18:27:17 +04:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc_printer ( struct net_context * c , int argc , const char * * argv )
2004-08-10 18:27:17 +04:00
{
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" list " ,
rpc_printer_list ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List all printers on print server " ) ,
N_ ( " net rpc printer list \n "
" List all printers on print server " )
2008-05-21 12:27:59 +04:00
} ,
{
" migrate " ,
rpc_printer_migrate ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Migrate printer to local server " ) ,
N_ ( " net rpc printer migrate \n "
" Migrate printer to local server " )
2008-05-21 12:27:59 +04:00
} ,
{
" driver " ,
rpc_printer_driver_list ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List printer drivers " ) ,
N_ ( " net rpc printer driver \n "
" List printer drivers " )
2008-05-21 12:27:59 +04:00
} ,
{
" publish " ,
rpc_printer_publish ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Publish printer in AD " ) ,
N_ ( " net rpc printer publish \n "
" Publish printer in AD " )
2008-05-21 12:27:59 +04:00
} ,
{ NULL , NULL , 0 , NULL , NULL }
2004-08-10 18:27:17 +04:00
} ;
2008-05-21 12:27:59 +04:00
if ( argc = = 0 ) {
if ( c - > display_usage ) {
2009-08-04 10:28:50 +04:00
d_printf ( _ ( " Usage: \n " ) ) ;
d_printf ( _ ( " net rpc printer \n "
" List printers \n " ) ) ;
2008-05-21 12:27:59 +04:00
net_display_usage_from_functable ( func ) ;
return 0 ;
}
2012-01-10 14:53:42 +04:00
return run_rpc_command ( c , NULL , & ndr_table_spoolss , 0 ,
2009-11-08 21:37:26 +03:00
rpc_printer_list_internals ,
argc , argv ) ;
2002-03-15 23:03:07 +03:00
}
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc printer " , func ) ;
2002-03-15 23:03:07 +03:00
}
2008-05-08 13:23:38 +04:00
/**
2001-12-31 16:00:59 +03:00
* ' net rpc ' entrypoint .
2008-05-10 01:22:12 +04:00
*
2008-06-12 12:55:55 +04:00
* @ param c A net_context structure .
* @ param argc Standard main ( ) style argc .
* @ param argv Standard main ( ) style argv . Initial components are already
* stripped .
2001-12-30 13:54:58 +03:00
* */
2008-05-10 01:22:12 +04:00
int net_rpc ( struct net_context * c , int argc , const char * * argv )
2001-12-03 07:39:23 +03:00
{
2009-04-27 16:39:02 +04:00
NET_API_STATUS status ;
2008-06-07 04:25:08 +04:00
struct functable func [ ] = {
2008-05-21 12:27:59 +04:00
{
" audit " ,
net_rpc_audit ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Modify global audit settings " ) ,
N_ ( " net rpc audit \n "
" Modify global audit settings " )
2008-05-21 12:27:59 +04:00
} ,
{
" info " ,
net_rpc_info ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Show basic info about a domain " ) ,
N_ ( " net rpc info \n "
" Show basic info about a domain " )
2008-05-21 12:27:59 +04:00
} ,
{
" join " ,
net_rpc_join ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Join a domain " ) ,
N_ ( " net rpc join \n "
" Join a domain " )
2008-05-21 12:27:59 +04:00
} ,
{
" oldjoin " ,
net_rpc_oldjoin ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Join a domain created in server manager " ) ,
N_ ( " net rpc oldjoin \n "
" Join a domain created in server manager " )
2008-05-21 12:27:59 +04:00
} ,
{
" testjoin " ,
net_rpc_testjoin ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Test that a join is valid " ) ,
N_ ( " net rpc testjoin \n "
" Test that a join is valid " )
2008-05-21 12:27:59 +04:00
} ,
{
" user " ,
net_rpc_user ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List/modify users " ) ,
N_ ( " net rpc user \n "
" List/modify users " )
2008-05-21 12:27:59 +04:00
} ,
{
" password " ,
rpc_user_password ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Change a user password " ) ,
N_ ( " net rpc password \n "
" Change a user password \n "
" Alias for net rpc user password " )
2008-05-21 12:27:59 +04:00
} ,
{
" group " ,
net_rpc_group ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List/modify groups " ) ,
N_ ( " net rpc group \n "
" List/modify groups " )
2008-05-21 12:27:59 +04:00
} ,
{
" share " ,
net_rpc_share ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List/modify shares " ) ,
N_ ( " net rpc share \n "
" List/modify shares " )
2008-05-21 12:27:59 +04:00
} ,
{
" file " ,
net_rpc_file ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List open files " ) ,
N_ ( " net rpc file \n "
" List open files " )
2008-05-21 12:27:59 +04:00
} ,
{
" printer " ,
net_rpc_printer ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " List/modify printers " ) ,
N_ ( " net rpc printer \n "
" List/modify printers " )
2008-05-21 12:27:59 +04:00
} ,
{
" changetrustpw " ,
net_rpc_changetrustpw ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Change trust account password " ) ,
N_ ( " net rpc changetrustpw \n "
" Change trust account password " )
2008-05-21 12:27:59 +04:00
} ,
{
" trustdom " ,
rpc_trustdom ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Modify domain trusts " ) ,
N_ ( " net rpc trustdom \n "
" Modify domain trusts " )
2008-05-21 12:27:59 +04:00
} ,
{
" abortshutdown " ,
rpc_shutdown_abort ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Abort a remote shutdown " ) ,
N_ ( " net rpc abortshutdown \n "
" Abort a remote shutdown " )
2008-05-21 12:27:59 +04:00
} ,
{
" shutdown " ,
rpc_shutdown ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Shutdown a remote server " ) ,
N_ ( " net rpc shutdown \n "
" Shutdown a remote server " )
2008-05-21 12:27:59 +04:00
} ,
{
" vampire " ,
rpc_vampire ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Sync a remote NT PDC's data into local passdb " ) ,
N_ ( " net rpc vampire \n "
" Sync a remote NT PDC's data into local passdb " )
2008-05-21 12:27:59 +04:00
} ,
{
" getsid " ,
net_rpc_getsid ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Fetch the domain sid into local secrets.tdb " ) ,
N_ ( " net rpc getsid \n "
" Fetch the domain sid into local secrets.tdb " )
2008-05-21 12:27:59 +04:00
} ,
{
" rights " ,
net_rpc_rights ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Manage privileges assigned to SID " ) ,
N_ ( " net rpc rights \n "
" Manage privileges assigned to SID " )
2008-05-21 12:27:59 +04:00
} ,
{
" service " ,
net_rpc_service ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Start/stop/query remote services " ) ,
N_ ( " net rpc service \n "
" Start/stop/query remote services " )
2008-05-21 12:27:59 +04:00
} ,
{
" registry " ,
net_rpc_registry ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Manage registry hives " ) ,
N_ ( " net rpc registry \n "
" Manage registry hives " )
2008-05-21 12:27:59 +04:00
} ,
{
" shell " ,
net_rpc_shell ,
NET_TRANSPORT_RPC ,
2009-08-04 10:28:50 +04:00
N_ ( " Open interactive shell on remote server " ) ,
N_ ( " net rpc shell \n "
" Open interactive shell on remote server " )
2008-05-21 12:27:59 +04:00
} ,
2011-03-24 14:10:13 +03:00
{
" trust " ,
net_rpc_trust ,
NET_TRANSPORT_RPC ,
N_ ( " Manage trusts " ) ,
N_ ( " net rpc trust \n "
" Manage trusts " )
} ,
2011-07-13 22:17:08 +04:00
{
" conf " ,
net_rpc_conf ,
NET_TRANSPORT_RPC ,
N_ ( " Configure a remote samba server " ) ,
N_ ( " net rpc conf \n "
" Configure a remote samba server " )
} ,
2008-05-21 12:27:59 +04:00
{ NULL , NULL , 0 , NULL , NULL }
2001-12-03 07:39:23 +03:00
} ;
2009-04-27 16:39:02 +04:00
2023-09-07 15:53:22 +03:00
status = libnetapi_net_init ( & c - > netapi_ctx , c - > lp_ctx , c - > creds ) ;
2021-03-25 13:44:36 +03:00
if ( status ! = 0 ) {
return - 1 ;
2010-01-24 20:50:48 +03:00
}
2009-04-27 16:39:02 +04:00
2008-06-07 04:25:08 +04:00
return net_run_function ( c , argc , argv , " net rpc " , func ) ;
2001-12-03 07:39:23 +03:00
}
