2008-02-15 16:13:11 +03:00
/*
2002-08-23 02:48:54 +04:00
Unix SMB / CIFS implementation .
dump the remote SAM using rpc samsync operations
Copyright ( C ) Andrew Tridgell 2002
Copyright ( C ) Tim Potter 2001 , 2002
2005-07-07 01:02:43 +04:00
Copyright ( C ) Jim McDonough < jmcd @ us . ibm . com > 2005
2002-10-01 22:26:00 +04:00
Modified by Volker Lendecke 2002
2005-09-30 21:13:37 +04:00
Copyright ( C ) Jeremy Allison 2005.
2008-02-27 21:38:48 +03:00
Copyright ( C ) Guenther Deschner 2008.
2002-08-23 02:48:54 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2002-08-23 02:48:54 +04:00
( at your option ) any later version .
2008-02-15 16:13:11 +03:00
2002-08-23 02:48:54 +04:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2008-02-15 16:13:11 +03:00
2002-08-23 02:48:54 +04:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2002-08-23 02:48:54 +04:00
*/
# include "includes.h"
2004-10-07 08:01:18 +04:00
# include "utils/net.h"
2002-08-23 02:48:54 +04:00
2002-08-29 12:00:15 +04:00
/* dump sam database via samsync rpc calls */
2008-05-10 01:22:12 +04:00
NTSTATUS rpc_samdump_internals ( struct net_context * c ,
const DOM_SID * domain_sid ,
2008-02-15 16:13:11 +03:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-02-15 16:13:11 +03:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
2008-02-15 16:13:11 +03:00
const char * * argv )
2002-08-29 12:00:15 +04:00
{
2008-06-13 23:25:53 +04:00
struct samsync_context * ctx = NULL ;
NTSTATUS status ;
2008-06-12 14:35:46 +04:00
2008-06-23 19:03:53 +04:00
status = libnet_samsync_init_context ( mem_ctx ,
domain_sid ,
& ctx ) ;
2008-06-13 23:25:53 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2008-06-12 14:35:46 +04:00
2008-06-23 19:29:01 +04:00
ctx - > mode = NET_SAMSYNC_MODE_DUMP ;
ctx - > cli = pipe_hnd ;
ctx - > delta_fn = display_sam_entries ;
ctx - > domain_name = domain_name ;
2008-06-11 03:46:58 +04:00
2008-06-23 19:29:01 +04:00
libnet_samsync ( SAM_DATABASE_DOMAIN , ctx ) ;
2008-06-11 03:46:58 +04:00
2008-06-23 19:29:01 +04:00
libnet_samsync ( SAM_DATABASE_BUILTIN , ctx ) ;
libnet_samsync ( SAM_DATABASE_PRIVS , ctx ) ;
2002-08-23 02:48:54 +04:00
2008-06-13 23:25:53 +04:00
TALLOC_FREE ( ctx ) ;
2005-09-30 21:13:37 +04:00
return NT_STATUS_OK ;
2002-08-23 02:48:54 +04:00
}
2002-09-18 10:34:10 +04:00
2008-02-15 16:13:11 +03:00
/**
2005-07-07 01:02:43 +04:00
* Basic usage function for ' net rpc vampire '
2008-05-10 01:22:12 +04:00
*
* @ param c A net_context structure
2005-07-07 01:02:43 +04:00
* @ param argc Standard main ( ) style argc
* @ param argc Standard main ( ) style argv . Initial components are already
* stripped
* */
2008-05-10 01:22:12 +04:00
int rpc_vampire_usage ( struct net_context * c , int argc , const char * * argv )
2008-02-15 16:13:11 +03:00
{
2008-06-18 14:52:00 +04:00
d_printf ( " net rpc vampire ([ldif [<ldif-filename>] | [keytab] [<keytab-filename]) [options] \n "
2006-07-29 19:45:19 +04:00
" \t to pull accounts from a remote PDC where we are a BDC \n "
" \t \t no args puts accounts in local passdb from smb.conf \n "
" \t \t ldif - put accounts in ldif format (file defaults to "
2008-06-18 14:52:00 +04:00
" /tmp/tmp.ldif) \n "
" \t \t keytab - put account passwords in krb5 keytab (defaults "
" to system keytab) \n " ) ;
2005-07-07 01:02:43 +04:00
2008-05-10 01:22:12 +04:00
net_common_flags_usage ( c , argc , argv ) ;
2005-07-07 01:02:43 +04:00
return - 1 ;
}
2002-09-18 10:34:10 +04:00
/* dump sam database via samsync rpc calls */
2008-05-10 01:22:12 +04:00
NTSTATUS rpc_vampire_internals ( struct net_context * c ,
const DOM_SID * domain_sid ,
2008-02-15 16:13:11 +03:00
const char * domain_name ,
2005-09-30 21:13:37 +04:00
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
2008-02-15 16:13:11 +03:00
TALLOC_CTX * mem_ctx ,
2005-09-30 21:13:37 +04:00
int argc ,
2008-02-15 16:13:11 +03:00
const char * * argv )
2002-09-18 10:34:10 +04:00
{
2008-06-13 23:46:59 +04:00
NTSTATUS result ;
2008-06-13 23:25:53 +04:00
struct samsync_context * ctx = NULL ;
2008-06-12 14:35:46 +04:00
2004-02-08 13:59:09 +03:00
if ( ! sid_equal ( domain_sid , get_global_sam_sid ( ) ) ) {
d_printf ( " Cannot import users from %s at this time, "
" as the current domain: \n \t %s: %s \n conflicts "
" with the remote domain \n \t %s: %s \n "
2006-07-29 19:45:19 +04:00
" Perhaps you need to set: \n \n \t security=user \n \t "
" workgroup=%s \n \n in your smb.conf? \n " ,
2004-02-08 13:59:09 +03:00
domain_name ,
2006-07-29 19:45:19 +04:00
get_global_sam_name ( ) ,
2008-06-13 23:46:59 +04:00
sid_string_dbg ( get_global_sam_sid ( ) ) ,
domain_name ,
sid_string_dbg ( domain_sid ) ,
2004-02-08 13:59:09 +03:00
domain_name ) ;
return NT_STATUS_UNSUCCESSFUL ;
2002-09-18 10:34:10 +04:00
}
2008-06-23 19:29:01 +04:00
result = libnet_samsync_init_context ( mem_ctx ,
domain_sid ,
& ctx ) ;
if ( ! NT_STATUS_IS_OK ( result ) ) {
return result ;
}
ctx - > mode = NET_SAMSYNC_MODE_FETCH_PASSDB ;
ctx - > cli = pipe_hnd ;
ctx - > delta_fn = fetch_sam_entries ;
ctx - > domain_name = domain_name ;
2008-06-12 14:35:46 +04:00
/* fetch domain */
2008-06-23 19:29:01 +04:00
result = libnet_samsync ( SAM_DATABASE_DOMAIN , ctx ) ;
2008-06-17 21:49:58 +04:00
if ( ! NT_STATUS_IS_OK ( result ) & & ctx - > error_message ) {
d_fprintf ( stderr , " %s \n " , ctx - > error_message ) ;
2003-06-16 09:39:26 +04:00
goto fail ;
}
2002-09-24 10:50:11 +04:00
2008-06-17 21:49:58 +04:00
if ( ctx - > result_message ) {
d_fprintf ( stdout , " %s \n " , ctx - > result_message ) ;
}
2008-06-12 14:35:46 +04:00
/* fetch builtin */
2008-06-13 23:57:32 +04:00
ctx - > domain_sid = sid_dup_talloc ( mem_ctx , & global_sid_Builtin ) ;
ctx - > domain_sid_str = sid_string_talloc ( mem_ctx , ctx - > domain_sid ) ;
2008-06-23 19:29:01 +04:00
result = libnet_samsync ( SAM_DATABASE_BUILTIN , ctx ) ;
2008-06-17 21:49:58 +04:00
if ( ! NT_STATUS_IS_OK ( result ) & & ctx - > error_message ) {
d_fprintf ( stderr , " %s \n " , ctx - > error_message ) ;
2003-06-16 09:39:26 +04:00
goto fail ;
2004-02-08 13:59:09 +03:00
}
2002-09-18 10:34:10 +04:00
2008-06-17 21:49:58 +04:00
if ( ctx - > result_message ) {
d_fprintf ( stdout , " %s \n " , ctx - > result_message ) ;
}
2008-06-13 23:25:53 +04:00
2006-07-29 19:45:19 +04:00
fail :
2008-06-17 21:49:58 +04:00
TALLOC_FREE ( ctx ) ;
2004-02-08 13:59:09 +03:00
return result ;
2002-09-18 10:34:10 +04:00
}
2008-06-13 23:46:59 +04:00
NTSTATUS rpc_vampire_ldif_internals ( struct net_context * c ,
const DOM_SID * domain_sid ,
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
{
NTSTATUS status ;
struct samsync_context * ctx = NULL ;
2008-06-23 19:03:53 +04:00
status = libnet_samsync_init_context ( mem_ctx ,
domain_sid ,
& ctx ) ;
2008-06-13 23:46:59 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( argc > = 1 ) {
2008-06-16 15:49:05 +04:00
ctx - > output_filename = argv [ 0 ] ;
2008-06-13 23:46:59 +04:00
}
2008-06-23 19:29:01 +04:00
ctx - > mode = NET_SAMSYNC_MODE_FETCH_LDIF ;
ctx - > cli = pipe_hnd ;
ctx - > delta_fn = fetch_sam_entries_ldif ;
ctx - > domain_name = domain_name ;
2008-06-13 23:46:59 +04:00
/* fetch domain */
2008-06-23 19:29:01 +04:00
status = libnet_samsync ( SAM_DATABASE_DOMAIN , ctx ) ;
2008-06-17 21:49:58 +04:00
if ( ! NT_STATUS_IS_OK ( status ) & & ctx - > error_message ) {
d_fprintf ( stderr , " %s \n " , ctx - > error_message ) ;
2008-06-13 23:46:59 +04:00
goto fail ;
}
2008-06-17 21:49:58 +04:00
if ( ctx - > result_message ) {
d_fprintf ( stdout , " %s \n " , ctx - > result_message ) ;
}
2008-06-13 23:46:59 +04:00
/* fetch builtin */
2008-06-13 23:57:32 +04:00
ctx - > domain_sid = sid_dup_talloc ( mem_ctx , & global_sid_Builtin ) ;
ctx - > domain_sid_str = sid_string_talloc ( mem_ctx , ctx - > domain_sid ) ;
2008-06-23 19:29:01 +04:00
status = libnet_samsync ( SAM_DATABASE_BUILTIN , ctx ) ;
2008-06-17 21:49:58 +04:00
if ( ! NT_STATUS_IS_OK ( status ) & & ctx - > error_message ) {
d_fprintf ( stderr , " %s \n " , ctx - > error_message ) ;
2008-06-13 23:46:59 +04:00
goto fail ;
}
2008-06-17 21:49:58 +04:00
if ( ctx - > result_message ) {
d_fprintf ( stdout , " %s \n " , ctx - > result_message ) ;
}
2008-06-13 23:46:59 +04:00
fail :
2008-06-17 21:49:58 +04:00
TALLOC_FREE ( ctx ) ;
2008-06-13 23:46:59 +04:00
return status ;
}
int rpc_vampire_ldif ( struct net_context * c , int argc , const char * * argv )
{
if ( c - > display_usage ) {
d_printf ( " Usage \n "
" net rpc vampire ldif \n "
" Dump remote SAM database to LDIF file or stdout \n " ) ;
return 0 ;
}
2008-07-20 20:36:31 +04:00
return run_rpc_command ( c , NULL , & ndr_table_netlogon . syntax_id , 0 ,
rpc_vampire_ldif_internals , argc , argv ) ;
2008-06-13 23:46:59 +04:00
}
2008-06-18 14:52:00 +04:00
NTSTATUS rpc_vampire_keytab_internals ( struct net_context * c ,
const DOM_SID * domain_sid ,
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
{
NTSTATUS status ;
struct samsync_context * ctx = NULL ;
status = libnet_samsync_init_context ( mem_ctx ,
domain_sid ,
& ctx ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
if ( argc > = 1 ) {
ctx - > output_filename = argv [ 0 ] ;
}
ctx - > mode = NET_SAMSYNC_MODE_FETCH_KEYTAB ;
ctx - > cli = pipe_hnd ;
ctx - > delta_fn = fetch_sam_entries_keytab ;
ctx - > domain_name = domain_name ;
ctx - > username = c - > opt_user_name ;
ctx - > password = c - > opt_password ;
/* fetch domain */
status = libnet_samsync ( SAM_DATABASE_DOMAIN , ctx ) ;
if ( ! NT_STATUS_IS_OK ( status ) & & ctx - > error_message ) {
d_fprintf ( stderr , " %s \n " , ctx - > error_message ) ;
goto out ;
}
if ( ctx - > result_message ) {
d_fprintf ( stdout , " %s \n " , ctx - > result_message ) ;
}
out :
TALLOC_FREE ( ctx ) ;
return status ;
}
2008-07-17 15:06:46 +04:00
static NTSTATUS rpc_vampire_keytab_ds_internals ( struct net_context * c ,
const DOM_SID * domain_sid ,
const char * domain_name ,
struct cli_state * cli ,
struct rpc_pipe_client * pipe_hnd ,
TALLOC_CTX * mem_ctx ,
int argc ,
const char * * argv )
2008-06-27 17:36:19 +04:00
{
NTSTATUS status ;
struct dssync_context * ctx = NULL ;
status = libnet_dssync_init_context ( mem_ctx ,
& ctx ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
return status ;
}
2008-07-30 00:52:59 +04:00
ctx - > repl_nodiff = c - > opt_repl_nodiff ? true : false ;
2008-06-27 17:36:19 +04:00
if ( argc > = 1 ) {
ctx - > output_filename = argv [ 0 ] ;
}
2008-07-18 02:18:40 +04:00
if ( argc > = 2 ) {
ctx - > object_dn = argv [ 1 ] ;
ctx - > single = true ;
}
2008-06-27 17:36:19 +04:00
ctx - > cli = pipe_hnd ;
ctx - > domain_name = domain_name ;
2008-07-16 19:12:04 +04:00
ctx - > ops = & libnet_dssync_keytab_ops ;
2008-06-27 17:36:19 +04:00
status = libnet_dssync ( mem_ctx , ctx ) ;
if ( ! NT_STATUS_IS_OK ( status ) & & ctx - > error_message ) {
d_fprintf ( stderr , " %s \n " , ctx - > error_message ) ;
goto out ;
}
if ( ctx - > result_message ) {
d_fprintf ( stdout , " %s \n " , ctx - > result_message ) ;
}
out :
TALLOC_FREE ( ctx ) ;
return status ;
}
2008-06-18 14:52:00 +04:00
/**
* Basic function for ' net rpc vampire keytab '
*
* @ param c A net_context structure
* @ param argc Standard main ( ) style argc
* @ param argc Standard main ( ) style argv . Initial components are already
* stripped
* */
int rpc_vampire_keytab ( struct net_context * c , int argc , const char * * argv )
{
2008-06-27 17:36:19 +04:00
int ret = 0 ;
2008-06-18 14:52:00 +04:00
if ( c - > display_usage ) {
d_printf ( " Usage \n "
" net rpc vampire keytab \n "
" Dump remote SAM database to Kerberos keytab file \n " ) ;
return 0 ;
}
2008-07-20 20:36:31 +04:00
ret = run_rpc_command ( c , NULL , & ndr_table_drsuapi . syntax_id ,
NET_FLAGS_SEAL ,
2008-06-27 17:36:19 +04:00
rpc_vampire_keytab_ds_internals , argc , argv ) ;
if ( ret = = 0 ) {
return 0 ;
}
2008-07-20 20:36:31 +04:00
return run_rpc_command ( c , NULL , & ndr_table_netlogon . syntax_id , 0 ,
rpc_vampire_keytab_internals ,
2008-06-18 14:52:00 +04:00
argc , argv ) ;
}