2008-12-16 11:30:16 +03:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
2000-07-05 15:24:26 +04:00
Winbind status program .
2003-08-12 04:46:15 +04:00
Copyright ( C ) Tim Potter 2000 - 2003
2009-08-12 19:50:04 +04:00
Copyright ( C ) Andrew Bartlett 2002 - 2007
2009-12-21 23:50:43 +03:00
Copyright ( C ) Volker Lendecke 2009
2008-12-16 11:30:16 +03:00
2000-07-05 15:24:26 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2000-07-05 15:24:26 +04:00
( at your option ) any later version .
2008-12-16 11:30:16 +03:00
2000-07-05 15:24:26 +04:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2008-12-16 11:30:16 +03:00
2000-07-05 15:24:26 +04:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2000-07-05 15:24:26 +04:00
*/
# include "includes.h"
2007-09-14 15:56:10 +04:00
# include "winbind_client.h"
2007-12-21 20:59:56 +03:00
# include "libwbclient/wbclient.h"
2009-08-12 19:25:46 +04:00
# include "lib/popt/popt.h"
2009-03-16 13:27:58 +03:00
# include "../libcli/auth/libcli_auth.h"
2010-04-12 00:38:38 +04:00
# if (_SAMBA_BUILD_) >= 4
2009-08-12 19:25:46 +04:00
# include "lib/cmdline/popt_common.h"
# endif
2009-08-12 19:50:04 +04:00
# ifdef DBGC_CLASS
2002-07-15 14:35:28 +04:00
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_WINBIND
2009-08-12 19:50:04 +04:00
# endif
2002-07-15 14:35:28 +04:00
2008-03-28 18:55:53 +03:00
static struct wbcInterfaceDetails * init_interface_details ( void )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
static struct wbcInterfaceDetails * details ;
if ( details ) {
return details ;
}
wbc_status = wbcInterfaceDetails ( & details ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr , " could not obtain winbind interface "
" details! \n " ) ;
2008-03-28 18:55:53 +03:00
}
return details ;
}
2009-08-12 17:51:20 +04:00
static char winbind_separator ( void )
2002-01-10 14:28:14 +03:00
{
2008-03-28 18:55:53 +03:00
struct wbcInterfaceDetails * details ;
2007-10-19 04:40:25 +04:00
static bool got_sep ;
2002-03-20 06:54:47 +03:00
static char sep ;
if ( got_sep )
return sep ;
2002-01-10 14:28:14 +03:00
2008-03-28 18:55:53 +03:00
details = init_interface_details ( ) ;
2002-01-10 14:28:14 +03:00
2008-03-28 18:55:53 +03:00
if ( ! details ) {
2005-12-21 15:52:04 +03:00
d_fprintf ( stderr , " could not obtain winbind separator! \n " ) ;
2009-08-12 17:51:20 +04:00
return 0 ;
2002-01-10 14:28:14 +03:00
}
2008-03-28 18:55:53 +03:00
sep = details - > winbind_separator ;
2008-02-04 19:25:06 +03:00
got_sep = true ;
2002-01-10 14:28:14 +03:00
2010-04-18 16:09:22 +04:00
wbcFreeMemory ( details ) ;
2002-03-20 06:54:47 +03:00
if ( ! sep ) {
2005-12-21 15:52:04 +03:00
d_fprintf ( stderr , " winbind separator was NULL! \n " ) ;
2009-08-12 17:51:20 +04:00
return 0 ;
2002-01-10 14:28:14 +03:00
}
2008-10-28 09:36:36 +03:00
2002-03-20 06:54:47 +03:00
return sep ;
2002-01-10 14:28:14 +03:00
}
2002-11-13 02:20:50 +03:00
static const char * get_winbind_domain ( void )
2002-01-26 12:55:38 +03:00
{
2008-03-28 18:55:53 +03:00
static struct wbcInterfaceDetails * details ;
2002-01-26 12:55:38 +03:00
2008-03-28 18:55:53 +03:00
details = init_interface_details ( ) ;
2008-02-04 19:23:28 +03:00
2008-03-28 18:55:53 +03:00
if ( ! details ) {
2005-12-21 15:52:04 +03:00
d_fprintf ( stderr , " could not obtain winbind domain name! \n " ) ;
2009-08-12 17:51:20 +04:00
return 0 ;
2002-01-26 12:55:38 +03:00
}
2008-03-28 18:55:53 +03:00
return details - > netbios_domain ;
2002-01-26 12:55:38 +03:00
}
2009-08-12 19:24:19 +04:00
static const char * get_winbind_netbios_name ( void )
{
static struct wbcInterfaceDetails * details ;
details = init_interface_details ( ) ;
if ( ! details ) {
d_fprintf ( stderr , " could not obtain winbind netbios name! \n " ) ;
return 0 ;
}
return details - > netbios_name ;
}
2002-01-10 13:23:54 +03:00
/* Copy of parse_domain_user from winbindd_util.c. Parse a string of the
form DOMAIN / user into a domain and a user */
2008-02-04 19:23:28 +03:00
static bool parse_wbinfo_domain_user ( const char * domuser , fstring domain ,
2002-03-20 06:54:47 +03:00
fstring user )
2002-01-10 13:23:54 +03:00
{
2002-01-10 14:28:14 +03:00
2002-03-20 06:54:47 +03:00
char * p = strchr ( domuser , winbind_separator ( ) ) ;
2002-01-10 13:23:54 +03:00
2002-01-18 05:37:55 +03:00
if ( ! p ) {
2007-08-28 00:09:37 +04:00
/* Maybe it was a UPN? */
if ( ( p = strchr ( domuser , ' @ ' ) ) ! = NULL ) {
fstrcpy ( domain , " " ) ;
fstrcpy ( user , domuser ) ;
2008-02-04 19:25:06 +03:00
return true ;
2007-08-28 00:09:37 +04:00
}
2008-02-04 19:23:28 +03:00
2002-01-18 05:37:55 +03:00
fstrcpy ( user , domuser ) ;
2002-01-26 12:55:38 +03:00
fstrcpy ( domain , get_winbind_domain ( ) ) ;
2008-02-04 19:25:06 +03:00
return true ;
2002-01-18 05:37:55 +03:00
}
2008-02-04 19:23:28 +03:00
2002-01-10 13:23:54 +03:00
fstrcpy ( user , p + 1 ) ;
fstrcpy ( domain , domuser ) ;
domain [ PTR_DIFF ( p , domuser ) ] = 0 ;
2003-07-03 23:11:31 +04:00
strupper_m ( domain ) ;
2002-03-20 06:54:47 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2002-01-10 13:23:54 +03:00
}
2008-10-28 09:46:44 +03:00
/* Parse string of "uid,sid" or "gid,sid" into separate int and string values.
* Return true if input was valid , false otherwise . */
static bool parse_mapping_arg ( char * arg , int * id , char * * sid )
{
char * tmp , * endptr ;
if ( ! arg | | ! * arg )
return false ;
tmp = strtok ( arg , " , " ) ;
* sid = strtok ( NULL , " , " ) ;
if ( ! tmp | | ! * tmp | | ! * sid | | ! * * sid )
return false ;
/* Because atoi() can return 0 on invalid input, which would be a valid
2008-12-09 01:52:14 +03:00
* UID / GID we must use strtoul ( ) and do error checking */
* id = strtoul ( tmp , & endptr , 10 ) ;
2008-10-28 09:46:44 +03:00
if ( endptr [ 0 ] ! = ' \0 ' )
return false ;
return true ;
}
2006-04-23 15:11:27 +04:00
/* pull pwent info for a given user */
2007-10-19 04:40:25 +04:00
static bool wbinfo_get_userinfo ( char * user )
2006-04-23 15:11:27 +04:00
{
2007-12-21 20:59:56 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2008-02-04 19:23:28 +03:00
struct passwd * pwd = NULL ;
2006-04-23 15:11:27 +04:00
2007-12-21 20:59:56 +03:00
wbc_status = wbcGetpwnam ( user , & pwd ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2008-02-04 19:23:28 +03:00
2009-05-12 08:56:57 +04:00
d_printf ( " %s:%s:%u:%u:%s:%s:%s \n " ,
2007-12-21 20:59:56 +03:00
pwd - > pw_name ,
pwd - > pw_passwd ,
2009-05-12 08:56:57 +04:00
( unsigned int ) pwd - > pw_uid ,
( unsigned int ) pwd - > pw_gid ,
2007-12-21 20:59:56 +03:00
pwd - > pw_gecos ,
pwd - > pw_dir ,
pwd - > pw_shell ) ;
2008-02-04 19:23:28 +03:00
2007-12-21 20:59:56 +03:00
return true ;
2006-04-23 15:11:27 +04:00
}
2007-08-12 21:36:42 +04:00
/* pull pwent info for a given uid */
2007-10-19 04:40:25 +04:00
static bool wbinfo_get_uidinfo ( int uid )
2007-08-12 21:36:42 +04:00
{
2007-12-21 20:59:56 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2008-02-04 19:23:28 +03:00
struct passwd * pwd = NULL ;
2007-08-12 21:36:42 +04:00
2007-12-21 20:59:56 +03:00
wbc_status = wbcGetpwuid ( uid , & pwd ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2008-02-04 19:23:28 +03:00
2009-05-12 08:56:57 +04:00
d_printf ( " %s:%s:%u:%u:%s:%s:%s \n " ,
2007-12-21 20:59:56 +03:00
pwd - > pw_name ,
pwd - > pw_passwd ,
2009-05-12 08:56:57 +04:00
( unsigned int ) pwd - > pw_uid ,
( unsigned int ) pwd - > pw_gid ,
2007-12-21 20:59:56 +03:00
pwd - > pw_gecos ,
pwd - > pw_dir ,
pwd - > pw_shell ) ;
2008-02-04 19:23:28 +03:00
2007-12-21 20:59:56 +03:00
return true ;
2007-08-12 21:36:42 +04:00
}
2009-02-10 22:06:44 +03:00
static bool wbinfo_get_user_sidinfo ( const char * sid_str )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct passwd * pwd = NULL ;
struct wbcDomainSid sid ;
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
wbc_status = wbcGetpwsid ( & sid , & pwd ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2009-05-12 08:56:57 +04:00
d_printf ( " %s:%s:%u:%u:%s:%s:%s \n " ,
2009-02-10 22:06:44 +03:00
pwd - > pw_name ,
pwd - > pw_passwd ,
2009-05-12 08:56:57 +04:00
( unsigned int ) pwd - > pw_uid ,
( unsigned int ) pwd - > pw_gid ,
2009-02-10 22:06:44 +03:00
pwd - > pw_gecos ,
pwd - > pw_dir ,
pwd - > pw_shell ) ;
return true ;
}
2006-07-11 22:01:26 +04:00
/* pull grent for a given group */
2008-03-24 22:44:34 +03:00
static bool wbinfo_get_groupinfo ( const char * group )
2006-07-11 22:01:26 +04:00
{
2008-03-24 22:44:34 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct group * grp ;
2009-08-08 15:42:55 +04:00
char * * mem ;
2006-07-11 22:01:26 +04:00
2008-03-24 22:44:34 +03:00
wbc_status = wbcGetgrnam ( group , & grp ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-24 22:44:34 +03:00
}
2009-08-08 15:42:55 +04:00
d_printf ( " %s:%s:%u: " ,
2008-03-24 22:44:34 +03:00
grp - > gr_name ,
grp - > gr_passwd ,
2009-05-12 08:56:57 +04:00
( unsigned int ) grp - > gr_gid ) ;
2006-07-11 22:01:26 +04:00
2009-08-08 15:42:55 +04:00
mem = grp - > gr_mem ;
while ( * mem ! = NULL ) {
d_printf ( " %s%s " , * mem , * ( mem + 1 ) ! = NULL ? " , " : " " ) ;
mem + = 1 ;
}
d_printf ( " \n " ) ;
2008-03-24 22:44:34 +03:00
wbcFreeMemory ( grp ) ;
2008-02-04 19:23:28 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2006-07-11 22:01:26 +04:00
}
2008-12-26 13:02:02 +03:00
/* pull grent for a given gid */
static bool wbinfo_get_gidinfo ( int gid )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct group * grp ;
2009-08-08 15:42:55 +04:00
char * * mem ;
2008-12-26 13:02:02 +03:00
wbc_status = wbcGetgrgid ( gid , & grp ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2009-08-08 15:42:55 +04:00
d_printf ( " %s:%s:%u: " ,
2008-12-26 13:02:02 +03:00
grp - > gr_name ,
grp - > gr_passwd ,
2009-05-12 08:56:57 +04:00
( unsigned int ) grp - > gr_gid ) ;
2008-12-26 13:02:02 +03:00
2009-08-08 15:42:55 +04:00
mem = grp - > gr_mem ;
while ( * mem ! = NULL ) {
d_printf ( " %s%s " , * mem , * ( mem + 1 ) ! = NULL ? " , " : " " ) ;
mem + = 1 ;
}
d_printf ( " \n " ) ;
2008-12-26 13:02:02 +03:00
wbcFreeMemory ( grp ) ;
return true ;
}
2000-10-13 09:19:57 +04:00
/* List groups a user is a member of */
2008-04-06 13:58:58 +04:00
static bool wbinfo_get_usergroups ( const char * user )
2000-10-11 09:25:32 +04:00
{
2008-04-06 13:58:58 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
uint32_t num_groups ;
uint32_t i ;
gid_t * groups = NULL ;
2000-10-11 09:25:32 +04:00
/* Send request */
2008-04-06 13:58:58 +04:00
wbc_status = wbcGetGroups ( user , & num_groups , & groups ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-04-06 13:58:58 +04:00
}
2000-10-11 09:25:32 +04:00
2008-04-06 13:58:58 +04:00
for ( i = 0 ; i < num_groups ; i + + ) {
d_printf ( " %d \n " , ( int ) groups [ i ] ) ;
}
2002-01-11 06:49:51 +03:00
2008-04-06 13:58:58 +04:00
wbcFreeMemory ( groups ) ;
2000-10-11 09:25:32 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2000-10-11 09:25:32 +04:00
}
2003-11-19 11:11:14 +03:00
/* List group SIDs a user SID is a member of */
2008-03-24 00:41:45 +03:00
static bool wbinfo_get_usersids ( const char * user_sid_str )
2003-11-19 11:11:14 +03:00
{
2008-03-24 00:41:45 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
uint32_t num_sids ;
uint32_t i ;
struct wbcDomainSid user_sid , * sids = NULL ;
2003-11-19 11:11:14 +03:00
/* Send request */
2008-03-24 00:41:45 +03:00
wbc_status = wbcStringToSid ( user_sid_str , & user_sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2003-11-19 11:11:14 +03:00
2008-03-24 00:41:45 +03:00
wbc_status = wbcLookupUserSids ( & user_sid , false , & num_sids , & sids ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-24 00:41:45 +03:00
}
2003-11-19 11:11:14 +03:00
2008-03-24 00:41:45 +03:00
for ( i = 0 ; i < num_sids ; i + + ) {
char * str = NULL ;
wbc_status = wbcSidToString ( & sids [ i ] , & str ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
wbcFreeMemory ( sids ) ;
return false ;
}
d_printf ( " %s \n " , str ) ;
wbcFreeMemory ( str ) ;
2003-11-19 11:11:14 +03:00
}
2008-03-24 00:41:45 +03:00
wbcFreeMemory ( sids ) ;
2003-11-19 11:11:14 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2003-11-19 11:11:14 +03:00
}
2008-03-24 00:41:45 +03:00
static bool wbinfo_get_userdomgroups ( const char * user_sid_str )
2005-06-09 02:10:34 +04:00
{
2008-03-24 00:41:45 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
uint32_t num_sids ;
uint32_t i ;
struct wbcDomainSid user_sid , * sids = NULL ;
2005-06-09 02:10:34 +04:00
/* Send request */
2008-03-24 00:41:45 +03:00
wbc_status = wbcStringToSid ( user_sid_str , & user_sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2005-06-09 02:10:34 +04:00
2008-03-24 00:41:45 +03:00
wbc_status = wbcLookupUserSids ( & user_sid , true , & num_sids , & sids ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-24 00:41:45 +03:00
}
2005-06-09 02:10:34 +04:00
2008-03-24 00:41:45 +03:00
for ( i = 0 ; i < num_sids ; i + + ) {
char * str = NULL ;
wbc_status = wbcSidToString ( & sids [ i ] , & str ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
wbcFreeMemory ( sids ) ;
return false ;
}
d_printf ( " %s \n " , str ) ;
wbcFreeMemory ( str ) ;
}
2008-02-04 19:23:28 +03:00
2008-03-24 00:41:45 +03:00
wbcFreeMemory ( sids ) ;
2005-06-09 02:10:34 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2005-06-09 02:10:34 +04:00
}
2009-02-11 00:59:10 +03:00
static bool wbinfo_get_sidaliases ( const char * domain ,
const char * user_sid_str )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainInfo * dinfo = NULL ;
uint32_t i ;
struct wbcDomainSid user_sid ;
uint32_t * alias_rids = NULL ;
uint32_t num_alias_rids ;
char * domain_sid_str = NULL ;
/* Send request */
if ( ( domain = = NULL ) | | ( strequal ( domain , " . " ) ) | |
( domain [ 0 ] = = ' \0 ' ) ) {
domain = get_winbind_domain ( ) ;
}
/* Send request */
wbc_status = wbcDomainInfo ( domain , & dinfo ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
d_printf ( " wbcDomainInfo(%s) failed: %s \n " , domain ,
wbcErrorString ( wbc_status ) ) ;
goto done ;
}
wbc_status = wbcStringToSid ( user_sid_str , & user_sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
goto done ;
}
wbc_status = wbcGetSidAliases ( & dinfo - > sid , & user_sid , 1 ,
& alias_rids , & num_alias_rids ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
goto done ;
}
wbc_status = wbcSidToString ( & dinfo - > sid , & domain_sid_str ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
goto done ;
}
for ( i = 0 ; i < num_alias_rids ; i + + ) {
d_printf ( " %s-%d \n " , domain_sid_str , alias_rids [ i ] ) ;
}
wbcFreeMemory ( alias_rids ) ;
done :
if ( domain_sid_str ) {
wbcFreeMemory ( domain_sid_str ) ;
}
if ( dinfo ) {
wbcFreeMemory ( dinfo ) ;
}
return ( WBC_ERR_SUCCESS = = wbc_status ) ;
}
2002-03-29 18:37:39 +03:00
/* Convert NetBIOS name to IP */
2008-04-14 11:35:15 +04:00
static bool wbinfo_wins_byname ( const char * name )
2002-03-29 18:37:39 +03:00
{
2008-04-14 11:35:15 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2008-04-21 00:13:40 +04:00
char * ip = NULL ;
2002-03-29 18:37:39 +03:00
2008-04-14 11:35:15 +04:00
wbc_status = wbcResolveWinsByName ( name , & ip ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2002-03-29 18:37:39 +03:00
}
/* Display response */
2008-04-14 11:35:15 +04:00
d_printf ( " %s \n " , ip ) ;
wbcFreeMemory ( ip ) ;
2002-03-29 18:37:39 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2002-03-29 18:37:39 +03:00
}
/* Convert IP to NetBIOS name */
2008-04-14 11:35:15 +04:00
static bool wbinfo_wins_byip ( const char * ip )
2002-03-29 18:37:39 +03:00
{
2008-04-14 11:35:15 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2008-04-21 00:17:39 +04:00
char * name = NULL ;
2002-03-29 18:37:39 +03:00
2008-04-14 11:35:15 +04:00
wbc_status = wbcResolveWinsByIP ( ip , & name ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2002-03-29 18:37:39 +03:00
}
/* Display response */
2008-04-14 11:35:15 +04:00
d_printf ( " %s \n " , name ) ;
wbcFreeMemory ( name ) ;
2002-03-29 18:37:39 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2002-03-29 18:37:39 +03:00
}
2008-03-26 02:58:40 +03:00
/* List all/trusted domains */
2000-07-05 15:24:26 +04:00
2008-03-26 02:58:40 +03:00
static bool wbinfo_list_domains ( bool list_all_domains , bool verbose )
2000-07-05 15:24:26 +04:00
{
2008-04-17 20:07:18 +04:00
struct wbcDomainInfo * domain_list = NULL ;
size_t num_domains ;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2008-03-26 02:58:40 +03:00
bool print_all = ! list_all_domains & & verbose ;
2008-04-17 20:07:18 +04:00
int i ;
2008-03-26 02:58:40 +03:00
2008-04-17 20:07:18 +04:00
wbc_status = wbcListTrusts ( & domain_list , & num_domains ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2000-07-05 15:24:26 +04:00
2008-04-17 20:07:18 +04:00
if ( print_all ) {
2008-12-16 11:30:16 +03:00
d_printf ( " %-16s%-24s%-12s%-12s%-5s%-5s \n " ,
" Domain Name " , " DNS Domain " , " Trust Type " ,
2008-04-17 20:07:18 +04:00
" Transitive " , " In " , " Out " ) ;
}
2000-07-05 15:24:26 +04:00
2008-04-17 20:07:18 +04:00
for ( i = 0 ; i < num_domains ; i + + ) {
2008-07-21 13:52:10 +04:00
if ( print_all ) {
d_printf ( " %-16s " , domain_list [ i ] . short_name ) ;
} else {
d_printf ( " %s " , domain_list [ i ] . short_name ) ;
d_printf ( " \n " ) ;
2008-04-17 20:07:18 +04:00
continue ;
}
2000-07-05 15:24:26 +04:00
2008-04-17 20:07:18 +04:00
d_printf ( " %-24s " , domain_list [ i ] . dns_name ) ;
switch ( domain_list [ i ] . trust_type ) {
case WBC_DOMINFO_TRUSTTYPE_NONE :
d_printf ( " None " ) ;
break ;
2008-12-16 11:30:16 +03:00
case WBC_DOMINFO_TRUSTTYPE_FOREST :
2008-04-17 20:07:18 +04:00
d_printf ( " Forest " ) ;
break ;
2008-12-16 11:30:16 +03:00
case WBC_DOMINFO_TRUSTTYPE_EXTERNAL :
2008-04-17 20:07:18 +04:00
d_printf ( " External " ) ;
break ;
case WBC_DOMINFO_TRUSTTYPE_IN_FOREST :
d_printf ( " In-Forest " ) ;
break ;
}
2000-07-05 15:24:26 +04:00
2008-04-17 20:07:18 +04:00
if ( domain_list [ i ] . trust_flags & WBC_DOMINFO_TRUST_TRANSITIVE ) {
d_printf ( " Yes " ) ;
} else {
d_printf ( " No " ) ;
}
2005-06-09 02:10:34 +04:00
2008-04-17 20:07:18 +04:00
if ( domain_list [ i ] . trust_flags & WBC_DOMINFO_TRUST_INCOMING ) {
d_printf ( " Yes " ) ;
} else {
d_printf ( " No " ) ;
2008-03-26 02:58:40 +03:00
}
2008-04-17 20:07:18 +04:00
if ( domain_list [ i ] . trust_flags & WBC_DOMINFO_TRUST_OUTGOING ) {
d_printf ( " Yes " ) ;
} else {
d_printf ( " No " ) ;
2005-06-09 02:10:34 +04:00
}
2008-03-26 02:58:40 +03:00
2008-04-17 20:07:18 +04:00
d_printf ( " \n " ) ;
2000-07-05 15:24:26 +04:00
}
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
2006-05-31 21:15:33 +04:00
/* List own domain */
2007-10-19 04:40:25 +04:00
static bool wbinfo_list_own_domain ( void )
2006-05-31 21:15:33 +04:00
{
d_printf ( " %s \n " , get_winbind_domain ( ) ) ;
2008-02-04 19:25:06 +03:00
return true ;
2006-05-31 21:15:33 +04:00
}
2002-01-31 14:49:29 +03:00
/* show sequence numbers */
2007-10-19 04:40:25 +04:00
static bool wbinfo_show_sequence ( const char * domain )
2002-01-31 14:49:29 +03:00
{
2009-08-12 17:51:20 +04:00
d_printf ( " This command has been deprecated. Please use the "
" --online-status option instead. \n " ) ;
2008-04-23 00:29:53 +04:00
return false ;
}
2002-01-31 14:49:29 +03:00
2008-04-23 00:29:53 +04:00
/* show sequence numbers */
static bool wbinfo_show_onlinestatus ( const char * domain )
{
struct wbcDomainInfo * domain_list = NULL ;
size_t num_domains ;
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
int i ;
2002-03-20 06:54:47 +03:00
2008-04-23 00:29:53 +04:00
wbc_status = wbcListTrusts ( & domain_list , & num_domains ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-04-23 00:29:53 +04:00
}
2002-01-31 14:49:29 +03:00
2008-04-23 00:29:53 +04:00
for ( i = 0 ; i < num_domains ; i + + ) {
bool is_offline ;
2002-03-20 06:54:47 +03:00
2008-04-23 00:29:53 +04:00
if ( domain ) {
if ( ! strequal ( domain_list [ i ] . short_name , domain ) ) {
continue ;
}
2007-10-01 19:35:05 +04:00
}
2008-04-23 00:29:53 +04:00
2009-08-12 17:51:20 +04:00
is_offline = ( domain_list [ i ] . domain_flags &
WBC_DOMINFO_DOMAIN_OFFLINE ) ;
2008-12-16 11:30:16 +03:00
d_printf ( " %s : %s \n " ,
2008-04-23 00:29:53 +04:00
domain_list [ i ] . short_name ,
is_offline ? " offline " : " online " ) ;
2002-01-31 14:49:29 +03:00
}
2008-02-04 19:25:06 +03:00
return true ;
2002-01-31 14:49:29 +03:00
}
2008-04-23 00:29:53 +04:00
2004-01-04 14:51:31 +03:00
/* Show domain info */
2008-03-24 23:05:30 +03:00
static bool wbinfo_domain_info ( const char * domain )
2004-01-04 14:51:31 +03:00
{
2008-03-24 23:05:30 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainInfo * dinfo = NULL ;
char * sid_str = NULL ;
2004-01-04 14:51:31 +03:00
2009-08-12 17:51:20 +04:00
if ( ( domain = = NULL ) | | ( strequal ( domain , " . " ) ) | | ( domain [ 0 ] = = ' \0 ' ) ) {
2008-03-24 23:05:30 +03:00
domain = get_winbind_domain ( ) ;
}
2004-01-04 14:51:31 +03:00
/* Send request */
2008-03-24 23:05:30 +03:00
wbc_status = wbcDomainInfo ( domain , & dinfo ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
wbc_status = wbcSidToString ( & dinfo - > sid , & sid_str ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
wbcFreeMemory ( dinfo ) ;
2008-02-04 19:25:06 +03:00
return false ;
2008-03-24 23:05:30 +03:00
}
2004-01-04 14:51:31 +03:00
/* Display response */
2008-03-24 23:05:30 +03:00
d_printf ( " Name : %s \n " , dinfo - > short_name ) ;
d_printf ( " Alt_Name : %s \n " , dinfo - > dns_name ) ;
2004-01-04 14:51:31 +03:00
2008-03-24 23:05:30 +03:00
d_printf ( " SID : %s \n " , sid_str ) ;
2004-01-04 14:51:31 +03:00
2004-01-08 11:19:18 +03:00
d_printf ( " Active Directory : %s \n " ,
2008-04-22 21:22:59 +04:00
( dinfo - > domain_flags & WBC_DOMINFO_DOMAIN_AD ) ? " Yes " : " No " ) ;
2004-01-08 11:19:18 +03:00
d_printf ( " Native : %s \n " ,
2009-08-12 17:51:20 +04:00
( dinfo - > domain_flags & WBC_DOMINFO_DOMAIN_NATIVE ) ?
" Yes " : " No " ) ;
2004-01-04 14:51:31 +03:00
2004-01-08 11:19:18 +03:00
d_printf ( " Primary : %s \n " ,
2009-08-12 17:51:20 +04:00
( dinfo - > domain_flags & WBC_DOMINFO_DOMAIN_PRIMARY ) ?
" Yes " : " No " ) ;
2008-03-24 23:05:30 +03:00
wbcFreeMemory ( sid_str ) ;
wbcFreeMemory ( dinfo ) ;
2004-01-04 14:51:31 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2004-01-04 14:51:31 +03:00
}
2005-06-09 02:10:34 +04:00
/* Get a foreign DC's name */
2007-10-19 04:40:25 +04:00
static bool wbinfo_getdcname ( const char * domain_name )
2005-06-09 02:10:34 +04:00
{
struct winbindd_request request ;
struct winbindd_response response ;
ZERO_STRUCT ( request ) ;
ZERO_STRUCT ( response ) ;
fstrcpy ( request . domain_name , domain_name ) ;
/* Send request */
2009-08-12 17:51:20 +04:00
if ( winbindd_request_response ( WINBINDD_GETDCNAME , & request ,
& response ) ! = NSS_STATUS_SUCCESS ) {
d_fprintf ( stderr , " Could not get dc name for %s \n " , domain_name ) ;
2008-02-04 19:25:06 +03:00
return false ;
2005-06-09 02:10:34 +04:00
}
/* Display response */
d_printf ( " %s \n " , response . data . dc_name ) ;
2008-02-04 19:25:06 +03:00
return true ;
2005-06-09 02:10:34 +04:00
}
2007-08-28 19:20:54 +04:00
/* Find a DC */
2007-10-19 04:40:25 +04:00
static bool wbinfo_dsgetdcname ( const char * domain_name , uint32_t flags )
2007-08-28 19:20:54 +04:00
{
2009-10-19 18:54:37 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainControllerInfoEx * dc_info ;
char * str = NULL ;
2007-08-28 19:20:54 +04:00
2009-10-19 18:54:37 +04:00
wbc_status = wbcLookupDomainControllerEx ( domain_name , NULL , NULL ,
flags | DS_DIRECTORY_SERVICE_REQUIRED ,
& dc_info ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
printf ( " Could not find dc for %s \n " , domain_name ) ;
2008-02-04 19:25:06 +03:00
return false ;
2007-08-28 19:20:54 +04:00
}
2009-10-19 18:54:37 +04:00
wbcGuidToString ( dc_info - > domain_guid , & str ) ;
2007-08-28 19:20:54 +04:00
2009-10-19 18:54:37 +04:00
d_printf ( " %s \n " , dc_info - > dc_unc ) ;
d_printf ( " %s \n " , dc_info - > dc_address ) ;
d_printf ( " %d \n " , dc_info - > dc_address_type ) ;
d_printf ( " %s \n " , str ) ;
d_printf ( " %s \n " , dc_info - > domain_name ) ;
d_printf ( " %s \n " , dc_info - > forest_name ) ;
d_printf ( " 0x%08x \n " , dc_info - > dc_flags ) ;
d_printf ( " %s \n " , dc_info - > dc_site_name ) ;
d_printf ( " %s \n " , dc_info - > client_site_name ) ;
2007-08-28 19:20:54 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2007-08-28 19:20:54 +04:00
}
2000-07-05 15:24:26 +04:00
/* Check trust account password */
2009-10-07 12:43:53 +04:00
static bool wbinfo_check_secret ( const char * domain )
2000-07-05 15:24:26 +04:00
{
2008-04-17 02:17:06 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcAuthErrorInfo * error = NULL ;
2009-10-07 12:43:53 +04:00
const char * domain_name ;
2000-10-13 09:19:57 +04:00
2009-10-07 12:43:53 +04:00
if ( domain ) {
domain_name = domain ;
} else {
domain_name = get_winbind_domain ( ) ;
}
2008-02-04 19:23:28 +03:00
2009-10-07 12:43:53 +04:00
wbc_status = wbcCheckTrustCredentials ( domain_name , & error ) ;
d_printf ( " checking the trust secret for domain %s via RPC calls %s \n " ,
domain_name ,
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
2000-10-13 09:19:57 +04:00
2008-04-17 02:17:06 +04:00
if ( wbc_status = = WBC_ERR_AUTH_ERROR ) {
2008-02-04 19:23:28 +03:00
d_fprintf ( stderr , " error code was %s (0x%x) \n " ,
2008-04-17 02:17:06 +04:00
error - > nt_string , error - > nt_status ) ;
wbcFreeMemory ( error ) ;
}
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2008-02-04 19:23:28 +03:00
2008-04-17 02:17:06 +04:00
return true ;
2000-07-05 15:24:26 +04:00
}
2009-10-06 20:18:00 +04:00
/* Change trust account password */
static bool wbinfo_change_secret ( const char * domain )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcAuthErrorInfo * error = NULL ;
const char * domain_name ;
if ( domain ) {
domain_name = domain ;
} else {
domain_name = get_winbind_domain ( ) ;
}
wbc_status = wbcChangeTrustCredentials ( domain_name , & error ) ;
d_printf ( " changing the trust secret for domain %s via RPC calls %s \n " ,
domain_name ,
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
if ( wbc_status = = WBC_ERR_AUTH_ERROR ) {
d_fprintf ( stderr , " error code was %s (0x%x) \n " ,
error - > nt_string , error - > nt_status ) ;
wbcFreeMemory ( error ) ;
}
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
return true ;
}
2009-12-21 23:50:43 +03:00
/* Check DC connection */
static bool wbinfo_ping_dc ( void )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcAuthErrorInfo * error = NULL ;
wbc_status = wbcPingDc ( NULL , & error ) ;
d_printf ( " checking the NETLOGON dc connection %s \n " ,
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
if ( wbc_status = = WBC_ERR_AUTH_ERROR ) {
d_fprintf ( stderr , " error code was %s (0x%x) \n " ,
error - > nt_string , error - > nt_status ) ;
wbcFreeMemory ( error ) ;
}
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
return true ;
}
2000-07-05 15:24:26 +04:00
/* Convert uid to sid */
2007-10-19 04:40:25 +04:00
static bool wbinfo_uid_to_sid ( uid_t uid )
2000-07-05 15:24:26 +04:00
{
2008-03-28 21:34:10 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
char * sid_str = NULL ;
2000-07-05 15:24:26 +04:00
/* Send request */
2008-03-28 21:34:10 +03:00
wbc_status = wbcUidToSid ( uid , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2002-03-20 06:54:47 +03:00
2008-03-28 21:34:10 +03:00
wbc_status = wbcSidToString ( & sid , & sid_str ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-28 21:34:10 +03:00
}
2000-07-05 15:24:26 +04:00
/* Display response */
2008-03-28 21:34:10 +03:00
d_printf ( " %s \n " , sid_str ) ;
wbcFreeMemory ( sid_str ) ;
2000-07-05 15:24:26 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
/* Convert gid to sid */
2007-10-19 04:40:25 +04:00
static bool wbinfo_gid_to_sid ( gid_t gid )
2000-07-05 15:24:26 +04:00
{
2008-03-28 21:37:02 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
char * sid_str = NULL ;
2000-07-05 15:24:26 +04:00
/* Send request */
2008-03-28 21:37:02 +03:00
wbc_status = wbcGidToSid ( gid , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2002-03-20 06:54:47 +03:00
2008-03-28 21:37:02 +03:00
wbc_status = wbcSidToString ( & sid , & sid_str ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-28 21:37:02 +03:00
}
2000-07-05 15:24:26 +04:00
/* Display response */
2008-03-28 21:37:02 +03:00
d_printf ( " %s \n " , sid_str ) ;
wbcFreeMemory ( sid_str ) ;
2000-07-05 15:24:26 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
/* Convert sid to uid */
2008-03-28 21:37:50 +03:00
static bool wbinfo_sid_to_uid ( const char * sid_str )
2000-07-05 15:24:26 +04:00
{
2008-03-28 21:37:50 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
uid_t uid ;
2000-07-05 15:24:26 +04:00
/* Send request */
2008-03-28 21:37:50 +03:00
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2002-03-20 06:54:47 +03:00
2008-03-28 21:37:50 +03:00
wbc_status = wbcSidToUid ( & sid , & uid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-28 21:37:50 +03:00
}
2000-07-05 15:24:26 +04:00
/* Display response */
2008-03-28 21:37:50 +03:00
d_printf ( " %d \n " , ( int ) uid ) ;
2000-07-05 15:24:26 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
2008-03-28 21:38:24 +03:00
static bool wbinfo_sid_to_gid ( const char * sid_str )
2000-07-05 15:24:26 +04:00
{
2008-03-28 21:38:24 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
gid_t gid ;
2000-07-05 15:24:26 +04:00
/* Send request */
2008-03-28 21:38:24 +03:00
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2002-03-20 06:54:47 +03:00
2008-03-28 21:38:24 +03:00
wbc_status = wbcSidToGid ( & sid , & gid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-28 21:38:24 +03:00
}
2000-07-05 15:24:26 +04:00
/* Display response */
2008-03-28 21:38:24 +03:00
d_printf ( " %d \n " , ( int ) gid ) ;
2000-07-05 15:24:26 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
2007-10-19 04:40:25 +04:00
static bool wbinfo_allocate_uid ( void )
2004-04-07 16:43:44 +04:00
{
2008-03-28 21:39:16 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2006-02-04 01:19:41 +03:00
uid_t uid ;
2004-04-07 16:43:44 +04:00
2008-03-28 21:39:16 +03:00
/* Send request */
wbc_status = wbcAllocateUid ( & uid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-28 21:39:16 +03:00
}
/* Display response */
2004-04-07 16:43:44 +04:00
2009-05-12 08:56:57 +04:00
d_printf ( " New uid: %u \n " , ( unsigned int ) uid ) ;
2006-02-04 01:19:41 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2006-02-04 01:19:41 +03:00
}
2007-10-19 04:40:25 +04:00
static bool wbinfo_allocate_gid ( void )
2006-02-04 01:19:41 +03:00
{
2008-03-28 21:39:43 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2006-02-04 01:19:41 +03:00
gid_t gid ;
2008-03-28 21:39:43 +03:00
/* Send request */
wbc_status = wbcAllocateGid ( & gid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-28 21:39:43 +03:00
}
/* Display response */
2006-02-04 01:19:41 +03:00
2009-05-12 08:56:57 +04:00
d_printf ( " New gid: %u \n " , ( unsigned int ) gid ) ;
2004-04-07 16:43:44 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2004-04-07 16:43:44 +04:00
}
2008-10-28 09:46:44 +03:00
static bool wbinfo_set_uid_mapping ( uid_t uid , const char * sid_str )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
/* Send request */
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
wbc_status = wbcSetUidMapping ( uid , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
/* Display response */
2009-05-12 08:56:57 +04:00
d_printf ( " uid %u now mapped to sid %s \n " ,
( unsigned int ) uid , sid_str ) ;
2008-10-28 09:46:44 +03:00
return true ;
}
static bool wbinfo_set_gid_mapping ( gid_t gid , const char * sid_str )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
/* Send request */
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
wbc_status = wbcSetGidMapping ( gid , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
/* Display response */
2009-05-12 08:56:57 +04:00
d_printf ( " gid %u now mapped to sid %s \n " ,
( unsigned int ) gid , sid_str ) ;
2008-10-28 09:46:44 +03:00
return true ;
}
2008-10-28 09:37:55 +03:00
static bool wbinfo_remove_uid_mapping ( uid_t uid , const char * sid_str )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
/* Send request */
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
wbc_status = wbcRemoveUidMapping ( uid , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
/* Display response */
2009-05-12 08:56:57 +04:00
d_printf ( " Removed uid %u to sid %s mapping \n " ,
( unsigned int ) uid , sid_str ) ;
2008-10-28 09:37:55 +03:00
return true ;
}
static bool wbinfo_remove_gid_mapping ( gid_t gid , const char * sid_str )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
/* Send request */
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
wbc_status = wbcRemoveGidMapping ( gid , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
/* Display response */
2009-05-12 08:56:57 +04:00
d_printf ( " Removed gid %u to sid %s mapping \n " ,
( unsigned int ) gid , sid_str ) ;
2008-10-28 09:37:55 +03:00
return true ;
}
2000-07-05 15:24:26 +04:00
/* Convert sid to string */
2008-04-02 07:26:36 +04:00
static bool wbinfo_lookupsid ( const char * sid_str )
2000-07-05 15:24:26 +04:00
{
2008-04-02 07:26:36 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
char * domain ;
char * name ;
enum wbcSidType type ;
2000-07-05 15:24:26 +04:00
/* Send off request */
2008-04-02 07:26:36 +04:00
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2002-03-20 06:54:47 +03:00
2008-04-02 07:26:36 +04:00
wbc_status = wbcLookupSid ( & sid , & domain , & name , & type ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-04-02 07:26:36 +04:00
}
2000-07-05 15:24:26 +04:00
/* Display response */
2008-04-02 07:26:36 +04:00
d_printf ( " %s%c%s %d \n " ,
domain , winbind_separator ( ) , name , type ) ;
2000-07-05 15:24:26 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
2008-10-22 13:21:31 +04:00
/* Convert sid to fullname */
static bool wbinfo_lookupsid_fullname ( const char * sid_str )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
char * domain ;
char * name ;
enum wbcSidType type ;
/* Send off request */
wbc_status = wbcStringToSid ( sid_str , & sid ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
wbc_status = wbcGetDisplayName ( & sid , & domain , & name , & type ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
/* Display response */
d_printf ( " %s%c%s %d \n " ,
domain , winbind_separator ( ) , name , type ) ;
return true ;
}
2006-07-11 22:01:26 +04:00
/* Lookup a list of RIDs */
2008-04-02 08:03:48 +04:00
static bool wbinfo_lookuprids ( const char * domain , const char * arg )
2006-07-11 22:01:26 +04:00
{
2008-04-02 08:03:48 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainInfo * dinfo = NULL ;
char * domain_name = NULL ;
const char * * names = NULL ;
enum wbcSidType * types = NULL ;
2006-07-11 22:01:26 +04:00
size_t i ;
int num_rids ;
2009-08-12 17:59:14 +04:00
uint32_t * rids = NULL ;
2006-07-11 22:01:26 +04:00
const char * p ;
2007-12-08 04:32:32 +03:00
char * ridstr ;
2008-04-07 14:19:25 +04:00
TALLOC_CTX * mem_ctx = NULL ;
2008-04-02 08:03:48 +04:00
bool ret = false ;
2007-02-16 23:27:30 +03:00
2009-08-12 17:51:20 +04:00
if ( ( domain = = NULL ) | | ( strequal ( domain , " . " ) ) | | ( domain [ 0 ] = = ' \0 ' ) ) {
2008-04-02 08:03:48 +04:00
domain = get_winbind_domain ( ) ;
}
2007-02-16 22:49:12 +03:00
/* Send request */
2008-04-02 08:03:48 +04:00
wbc_status = wbcDomainInfo ( domain , & dinfo ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
d_printf ( " wbcDomainInfo(%s) failed: %s \n " , domain ,
wbcErrorString ( wbc_status ) ) ;
goto done ;
2006-07-11 22:01:26 +04:00
}
mem_ctx = talloc_new ( NULL ) ;
if ( mem_ctx = = NULL ) {
d_printf ( " talloc_new failed \n " ) ;
2008-04-02 08:03:48 +04:00
goto done ;
2006-07-11 22:01:26 +04:00
}
num_rids = 0 ;
rids = NULL ;
p = arg ;
2007-12-08 04:32:32 +03:00
while ( next_token_talloc ( mem_ctx , & p , & ridstr , " , \n " ) ) {
2009-08-12 17:59:14 +04:00
uint32_t rid = strtoul ( ridstr , NULL , 10 ) ;
2009-08-12 18:18:54 +04:00
rids = talloc_realloc ( mem_ctx , rids , uint32_t , num_rids + 1 ) ;
if ( rids = = NULL ) {
d_printf ( " talloc_realloc failed \n " ) ;
}
rids [ num_rids ] = rid ;
num_rids + = 1 ;
2006-07-11 22:01:26 +04:00
}
if ( rids = = NULL ) {
2008-04-02 08:03:48 +04:00
d_printf ( " no rids \n " ) ;
goto done ;
2006-07-11 22:01:26 +04:00
}
2008-04-02 08:03:48 +04:00
wbc_status = wbcLookupRids ( & dinfo - > sid , num_rids , rids ,
( const char * * ) & domain_name , & names , & types ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
d_printf ( " winbind_lookup_rids failed: %s \n " ,
wbcErrorString ( wbc_status ) ) ;
goto done ;
2006-07-11 22:01:26 +04:00
}
d_printf ( " Domain: %s \n " , domain_name ) ;
for ( i = 0 ; i < num_rids ; i + + ) {
d_printf ( " %8d: %s (%s) \n " , rids [ i ] , names [ i ] ,
2009-08-12 19:43:40 +04:00
wbcSidTypeString ( types [ i ] ) ) ;
2006-07-11 22:01:26 +04:00
}
2008-04-02 08:03:48 +04:00
ret = true ;
done :
if ( dinfo ) {
wbcFreeMemory ( dinfo ) ;
}
if ( domain_name ) {
wbcFreeMemory ( domain_name ) ;
}
if ( names ) {
wbcFreeMemory ( names ) ;
}
if ( types ) {
wbcFreeMemory ( types ) ;
}
2006-07-11 22:01:26 +04:00
TALLOC_FREE ( mem_ctx ) ;
2008-04-02 08:03:48 +04:00
return ret ;
2006-07-11 22:01:26 +04:00
}
2000-07-05 15:24:26 +04:00
/* Convert string to sid */
2008-04-02 08:10:04 +04:00
static bool wbinfo_lookupname ( const char * full_name )
2000-07-05 15:24:26 +04:00
{
2008-04-02 08:10:04 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcDomainSid sid ;
char * sid_str ;
enum wbcSidType type ;
fstring domain_name ;
fstring account_name ;
2000-07-05 15:24:26 +04:00
/* Send off request */
2008-04-02 08:10:04 +04:00
parse_wbinfo_domain_user ( full_name , domain_name ,
account_name ) ;
2000-07-05 15:24:26 +04:00
2008-04-02 08:10:04 +04:00
wbc_status = wbcLookupName ( domain_name , account_name ,
& sid , & type ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
return false ;
}
2002-01-26 12:55:38 +03:00
2008-04-02 08:10:04 +04:00
wbc_status = wbcSidToString ( & sid , & sid_str ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-04-02 08:10:04 +04:00
}
2000-07-05 15:24:26 +04:00
/* Display response */
2009-08-12 19:43:40 +04:00
d_printf ( " %s %s (%d) \n " , sid_str , wbcSidTypeString ( type ) , type ) ;
2008-04-02 08:10:04 +04:00
wbcFreeMemory ( sid_str ) ;
2000-07-05 15:24:26 +04:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
2009-08-12 19:25:14 +04:00
static char * wbinfo_prompt_pass ( TALLOC_CTX * mem_ctx ,
const char * prefix ,
2008-08-19 17:32:37 +04:00
const char * username )
{
char * prompt ;
const char * ret = NULL ;
2009-08-12 19:25:14 +04:00
prompt = talloc_asprintf ( mem_ctx , " Enter %s's " , username ) ;
2008-08-19 17:32:37 +04:00
if ( ! prompt ) {
return NULL ;
}
if ( prefix ) {
prompt = talloc_asprintf_append ( prompt , " %s " , prefix ) ;
if ( ! prompt ) {
return NULL ;
}
}
prompt = talloc_asprintf_append ( prompt , " password: " ) ;
if ( ! prompt ) {
return NULL ;
}
ret = getpass ( prompt ) ;
TALLOC_FREE ( prompt ) ;
2009-08-12 19:25:14 +04:00
return talloc_strdup ( mem_ctx , ret ) ;
2008-08-19 17:32:37 +04:00
}
2001-08-22 06:48:16 +04:00
/* Authenticate a user with a plaintext password */
2009-08-12 17:59:14 +04:00
static bool wbinfo_auth_krb5 ( char * username , const char * cctype , uint32_t flags )
2006-02-04 01:19:41 +03:00
{
2009-06-18 18:33:46 +04:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
char * s = NULL ;
char * p = NULL ;
char * password = NULL ;
char * name = NULL ;
2009-08-12 19:50:04 +04:00
char * local_cctype = NULL ;
2009-06-18 18:33:46 +04:00
uid_t uid ;
struct wbcLogonUserParams params ;
struct wbcLogonUserInfo * info ;
struct wbcAuthErrorInfo * error ;
struct wbcUserPasswordPolicyInfo * policy ;
2009-08-12 19:25:14 +04:00
TALLOC_CTX * frame = talloc_tos ( ) ;
2006-02-04 01:19:41 +03:00
2009-08-12 19:25:14 +04:00
if ( ( s = talloc_strdup ( frame , username ) ) = = NULL ) {
2009-06-18 18:33:46 +04:00
return false ;
}
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
if ( ( p = strchr ( s , ' % ' ) ) ! = NULL ) {
2006-02-04 01:19:41 +03:00
* p = 0 ;
2009-06-18 18:33:46 +04:00
p + + ;
2009-08-12 19:25:14 +04:00
password = talloc_strdup ( frame , p ) ;
2008-08-19 17:09:12 +04:00
} else {
2009-08-12 19:25:14 +04:00
password = wbinfo_prompt_pass ( frame , NULL , username ) ;
2008-08-19 17:09:12 +04:00
}
2006-02-04 01:19:41 +03:00
2009-08-12 19:50:04 +04:00
local_cctype = talloc_strdup ( frame , cctype ) ;
2009-06-18 18:33:46 +04:00
name = s ;
uid = geteuid ( ) ;
params . username = name ;
params . password = password ;
params . num_blobs = 0 ;
params . blobs = NULL ;
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
wbc_status = wbcAddNamedBlob ( & params . num_blobs ,
& params . blobs ,
" flags " ,
0 ,
( uint8_t * ) & flags ,
sizeof ( flags ) ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
goto done ;
}
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
wbc_status = wbcAddNamedBlob ( & params . num_blobs ,
& params . blobs ,
" user_uid " ,
0 ,
( uint8_t * ) & uid ,
sizeof ( uid ) ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
goto done ;
}
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
wbc_status = wbcAddNamedBlob ( & params . num_blobs ,
& params . blobs ,
" krb5_cc_type " ,
0 ,
2009-08-12 19:50:04 +04:00
( uint8_t * ) local_cctype ,
2009-06-18 18:33:46 +04:00
strlen ( cctype ) + 1 ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
goto done ;
}
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
wbc_status = wbcLogonUser ( & params , & info , & error , & policy ) ;
2006-02-04 01:19:41 +03:00
2009-08-12 17:51:20 +04:00
d_printf ( " plaintext kerberos password authentication for [%s] %s "
" (requesting cctype: %s) \n " ,
username , WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ,
cctype ) ;
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
if ( error ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" error code was %s (0x%x) \n error messsage was: %s \n " ,
2009-06-18 18:33:46 +04:00
error - > nt_string ,
error - > nt_status ,
error - > display_string ) ;
}
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
if ( WBC_ERROR_IS_OK ( wbc_status ) ) {
if ( flags & WBFLAG_PAM_INFO3_TEXT ) {
2009-08-12 17:51:20 +04:00
if ( info & & info - > info & & info - > info - > user_flags &
NETLOGON_CACHED_ACCOUNT ) {
d_printf ( " user_flgs: "
" NETLOGON_CACHED_ACCOUNT \n " ) ;
2006-02-04 01:19:41 +03:00
}
}
2009-06-18 18:33:46 +04:00
if ( info ) {
int i ;
for ( i = 0 ; i < info - > num_blobs ; i + + ) {
2009-08-12 17:51:20 +04:00
if ( strequal ( info - > blobs [ i ] . name ,
" krb5ccname " ) ) {
d_printf ( " credentials were put "
" in: %s \n " ,
( const char * )
info - > blobs [ i ] . blob . data ) ;
2009-06-18 18:33:46 +04:00
break ;
}
}
2006-02-04 01:19:41 +03:00
} else {
d_printf ( " no credentials cached \n " ) ;
}
}
2009-06-18 18:33:46 +04:00
done :
wbcFreeMemory ( params . blobs ) ;
2006-02-04 01:19:41 +03:00
2009-06-18 18:33:46 +04:00
return WBC_ERROR_IS_OK ( wbc_status ) ;
2006-02-04 01:19:41 +03:00
}
/* Authenticate a user with a plaintext password */
2007-10-19 04:40:25 +04:00
static bool wbinfo_auth ( char * username )
2001-08-22 06:48:16 +04:00
{
2007-12-21 20:59:56 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
2008-02-04 19:23:28 +03:00
char * s = NULL ;
char * p = NULL ;
2008-08-19 17:09:12 +04:00
char * password = NULL ;
2008-02-04 19:23:28 +03:00
char * name = NULL ;
2009-08-12 19:25:14 +04:00
TALLOC_CTX * frame = talloc_tos ( ) ;
2007-12-21 20:59:56 +03:00
2009-08-12 19:25:14 +04:00
if ( ( s = talloc_strdup ( frame , username ) ) = = NULL ) {
2007-12-21 20:59:56 +03:00
return false ;
}
2001-08-22 06:48:16 +04:00
2007-12-21 20:59:56 +03:00
if ( ( p = strchr ( s , ' % ' ) ) ! = NULL ) {
2008-02-04 19:23:28 +03:00
* p = 0 ;
2007-12-21 20:59:56 +03:00
p + + ;
2009-08-12 19:25:14 +04:00
password = talloc_strdup ( frame , p ) ;
2008-02-04 19:07:54 +03:00
} else {
2009-08-12 19:25:14 +04:00
password = wbinfo_prompt_pass ( frame , NULL , username ) ;
2007-12-21 20:59:56 +03:00
}
2001-08-22 06:48:16 +04:00
2007-12-21 20:59:56 +03:00
name = s ;
2001-08-22 06:48:16 +04:00
2007-12-21 20:59:56 +03:00
wbc_status = wbcAuthenticateUser ( name , password ) ;
2001-08-22 06:48:16 +04:00
2008-02-04 19:23:28 +03:00
d_printf ( " plaintext password authentication %s \n " ,
2007-12-21 20:59:56 +03:00
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
2001-08-22 06:48:16 +04:00
2007-12-21 20:59:56 +03:00
#if 0
2002-09-25 19:19:00 +04:00
if ( response . data . auth . nt_status )
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" error code was %s (0x%x) \n error messsage was: %s \n " ,
2008-02-04 19:23:28 +03:00
response . data . auth . nt_status_string ,
2003-04-07 11:32:51 +04:00
response . data . auth . nt_status ,
response . data . auth . error_string ) ;
2007-12-21 20:59:56 +03:00
# endif
2008-02-04 19:23:28 +03:00
return WBC_ERROR_IS_OK ( wbc_status ) ;
2001-08-22 06:48:16 +04:00
}
/* Authenticate a user with a challenge/response */
2009-08-12 17:51:20 +04:00
static bool wbinfo_auth_crap ( char * username , bool use_ntlmv2 , bool use_lanman )
2001-08-22 06:48:16 +04:00
{
2008-01-29 18:21:14 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
struct wbcAuthUserParams params ;
2008-02-15 12:40:43 +03:00
struct wbcAuthUserInfo * info = NULL ;
2008-01-29 18:21:14 +03:00
struct wbcAuthErrorInfo * err = NULL ;
DATA_BLOB lm = data_blob_null ;
DATA_BLOB nt = data_blob_null ;
2008-02-04 19:23:28 +03:00
fstring name_user ;
fstring name_domain ;
2008-08-19 17:09:12 +04:00
char * pass ;
2008-02-04 19:23:28 +03:00
char * p ;
2009-08-12 19:25:14 +04:00
TALLOC_CTX * frame = talloc_tos ( ) ;
2001-08-22 06:48:16 +04:00
2008-02-04 19:23:28 +03:00
p = strchr ( username , ' % ' ) ;
2001-08-22 06:48:16 +04:00
2008-02-04 19:23:28 +03:00
if ( p ) {
* p = 0 ;
2009-08-12 19:25:14 +04:00
pass = talloc_strdup ( frame , p + 1 ) ;
2008-05-27 18:45:04 +04:00
} else {
2009-08-12 19:25:14 +04:00
pass = wbinfo_prompt_pass ( frame , NULL , username ) ;
2002-01-10 13:23:54 +03:00
}
2008-08-19 17:09:12 +04:00
2002-01-10 14:28:14 +03:00
parse_wbinfo_domain_user ( username , name_domain , name_user ) ;
2002-01-10 13:23:54 +03:00
2008-01-29 18:21:14 +03:00
params . account_name = name_user ;
params . domain_name = name_domain ;
params . workstation_name = NULL ;
2005-11-08 09:19:34 +03:00
2008-01-29 18:21:14 +03:00
params . flags = 0 ;
params . parameter_control = WBC_MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT |
WBC_MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT ;
2002-01-10 13:23:54 +03:00
2008-01-29 18:21:14 +03:00
params . level = WBC_AUTH_USER_LEVEL_RESPONSE ;
2001-08-22 06:48:16 +04:00
2008-01-29 18:21:14 +03:00
generate_random_buffer ( params . password . response . challenge , 8 ) ;
2008-02-04 19:23:28 +03:00
2009-08-12 17:51:20 +04:00
if ( use_ntlmv2 ) {
2004-09-30 04:49:41 +04:00
DATA_BLOB server_chal ;
2008-02-04 19:23:28 +03:00
DATA_BLOB names_blob ;
2001-08-22 06:48:16 +04:00
2008-01-29 18:21:14 +03:00
server_chal = data_blob ( params . password . response . challenge , 8 ) ;
2008-02-04 19:23:28 +03:00
2004-09-30 04:49:41 +04:00
/* Pretend this is a login to 'us', for blob purposes */
2009-08-12 19:24:19 +04:00
names_blob = NTLMv2_generate_names_blob ( NULL ,
get_winbind_netbios_name ( ) ,
get_winbind_domain ( ) ) ;
2008-02-04 19:23:28 +03:00
2009-08-12 17:51:20 +04:00
if ( ! SMBNTLMv2encrypt ( NULL , name_user , name_domain , pass ,
& server_chal ,
2004-09-30 04:49:41 +04:00
& names_blob ,
2009-03-16 13:27:58 +03:00
& lm , & nt , NULL , NULL ) ) {
2004-09-30 04:49:41 +04:00
data_blob_free ( & names_blob ) ;
data_blob_free ( & server_chal ) ;
2009-09-04 02:02:13 +04:00
TALLOC_FREE ( pass ) ;
2008-02-04 19:25:06 +03:00
return false ;
2004-09-30 04:49:41 +04:00
}
data_blob_free ( & names_blob ) ;
data_blob_free ( & server_chal ) ;
} else {
2009-08-12 17:51:20 +04:00
if ( use_lanman ) {
2008-01-29 18:21:14 +03:00
bool ok ;
lm = data_blob ( NULL , 24 ) ;
2009-08-12 17:51:20 +04:00
ok = SMBencrypt ( pass ,
params . password . response . challenge ,
2008-01-29 18:21:14 +03:00
lm . data ) ;
if ( ! ok ) {
data_blob_free ( & lm ) ;
}
2004-09-30 04:49:41 +04:00
}
2008-01-29 18:21:14 +03:00
nt = data_blob ( NULL , 24 ) ;
SMBNTencrypt ( pass , params . password . response . challenge ,
nt . data ) ;
2004-09-30 04:49:41 +04:00
}
2001-08-22 06:48:16 +04:00
2008-01-29 18:21:14 +03:00
params . password . response . nt_length = nt . length ;
params . password . response . nt_data = nt . data ;
params . password . response . lm_length = lm . length ;
params . password . response . lm_data = lm . data ;
2008-02-15 12:40:43 +03:00
wbc_status = wbcAuthenticateUserEx ( & params , & info , & err ) ;
2001-08-22 06:48:16 +04:00
/* Display response */
2008-02-04 19:23:28 +03:00
d_printf ( " challenge/response password authentication %s \n " ,
2008-01-29 18:21:14 +03:00
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
2001-08-22 06:48:16 +04:00
2008-01-29 18:21:14 +03:00
if ( wbc_status = = WBC_ERR_AUTH_ERROR ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" error code was %s (0x%x) \n error messsage was: %s \n " ,
2008-01-29 18:21:14 +03:00
err - > nt_string ,
err - > nt_status ,
err - > display_string ) ;
wbcFreeMemory ( err ) ;
2008-02-15 12:40:43 +03:00
} else if ( WBC_ERROR_IS_OK ( wbc_status ) ) {
wbcFreeMemory ( info ) ;
2008-01-29 18:21:14 +03:00
}
2002-02-05 12:40:36 +03:00
2008-01-29 18:21:14 +03:00
data_blob_free ( & nt ) ;
data_blob_free ( & lm ) ;
return WBC_ERROR_IS_OK ( wbc_status ) ;
2001-08-22 06:48:16 +04:00
}
2010-01-09 22:20:36 +03:00
/* Save creds with winbind */
static bool wbinfo_ccache_save ( char * username )
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
char * s = NULL ;
char * p = NULL ;
char * password = NULL ;
char * name = NULL ;
TALLOC_CTX * frame = talloc_stackframe ( ) ;
s = talloc_strdup ( frame , username ) ;
if ( s = = NULL ) {
return false ;
}
p = strchr ( s , ' % ' ) ;
if ( p ! = NULL ) {
* p = 0 ;
p + + ;
password = talloc_strdup ( frame , p ) ;
} else {
password = wbinfo_prompt_pass ( frame , NULL , username ) ;
}
name = s ;
wbc_status = wbcCredentialSave ( name , password ) ;
d_printf ( " saving creds %s \n " ,
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
TALLOC_FREE ( frame ) ;
return WBC_ERROR_IS_OK ( wbc_status ) ;
}
2009-08-12 19:47:12 +04:00
# ifdef WITH_FAKE_KASERVER
2004-04-01 16:31:50 +04:00
/* Authenticate a user with a plaintext password and set a token */
2007-10-19 04:40:25 +04:00
static bool wbinfo_klog ( char * username )
2004-04-01 16:31:50 +04:00
{
struct winbindd_request request ;
struct winbindd_response response ;
2008-02-04 19:23:28 +03:00
NSS_STATUS result ;
char * p ;
2004-04-01 16:31:50 +04:00
/* Send off request */
ZERO_STRUCT ( request ) ;
ZERO_STRUCT ( response ) ;
2008-02-04 19:23:28 +03:00
p = strchr ( username , ' % ' ) ;
2004-04-01 16:31:50 +04:00
2008-02-04 19:23:28 +03:00
if ( p ) {
* p = 0 ;
fstrcpy ( request . data . auth . user , username ) ;
fstrcpy ( request . data . auth . pass , p + 1 ) ;
* p = ' % ' ;
} else {
fstrcpy ( request . data . auth . user , username ) ;
2004-04-01 16:31:50 +04:00
fstrcpy ( request . data . auth . pass , getpass ( " Password: " ) ) ;
}
request . flags | = WBFLAG_PAM_AFS_TOKEN ;
2009-08-12 17:51:20 +04:00
result = winbindd_request_response ( WINBINDD_PAM_AUTH , & request ,
& response ) ;
2004-04-01 16:31:50 +04:00
/* Display response */
2008-02-04 19:23:28 +03:00
d_printf ( " plaintext password authentication %s \n " ,
( result = = NSS_STATUS_SUCCESS ) ? " succeeded " : " failed " ) ;
2004-04-01 16:31:50 +04:00
if ( response . data . auth . nt_status )
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" error code was %s (0x%x) \n error messsage was: %s \n " ,
2008-02-04 19:23:28 +03:00
response . data . auth . nt_status_string ,
2004-04-01 16:31:50 +04:00
response . data . auth . nt_status ,
response . data . auth . error_string ) ;
if ( result ! = NSS_STATUS_SUCCESS )
2008-02-04 19:25:06 +03:00
return false ;
2004-04-01 16:31:50 +04:00
2006-04-12 18:10:39 +04:00
if ( response . extra_data . data = = NULL ) {
2005-12-21 15:52:04 +03:00
d_fprintf ( stderr , " Did not get token data \n " ) ;
2008-02-04 19:25:06 +03:00
return false ;
2004-04-01 16:31:50 +04:00
}
2006-04-12 18:10:39 +04:00
if ( ! afs_settoken_str ( ( char * ) response . extra_data . data ) ) {
2005-12-21 15:52:04 +03:00
d_fprintf ( stderr , " Could not set token \n " ) ;
2008-02-04 19:25:06 +03:00
return false ;
2004-04-01 16:31:50 +04:00
}
d_printf ( " Successfully created AFS token \n " ) ;
2008-02-04 19:25:06 +03:00
return true ;
2004-04-01 16:31:50 +04:00
}
2009-08-12 19:47:12 +04:00
# else
static bool wbinfo_klog ( char * username )
{
d_fprintf ( stderr , " No AFS support compiled in. \n " ) ;
return false ;
}
# endif
2004-04-01 16:31:50 +04:00
2000-07-05 15:24:26 +04:00
/* Print domain users */
2007-10-19 04:40:25 +04:00
static bool print_domain_users ( const char * domain )
2000-07-05 15:24:26 +04:00
{
2008-03-24 22:32:14 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
uint32_t i ;
uint32_t num_users = 0 ;
const char * * users = NULL ;
2000-07-05 15:24:26 +04:00
/* Send request to winbind daemon */
2008-03-24 22:32:14 +03:00
/* '.' is the special sign for our own domain */
if ( domain & & strcmp ( domain , " . " ) = = 0 ) {
domain = get_winbind_domain ( ) ;
2003-08-11 10:36:30 +04:00
}
2000-07-05 15:24:26 +04:00
2008-03-24 22:32:14 +03:00
wbc_status = wbcListUsers ( domain , & num_users , & users ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-24 22:32:14 +03:00
}
2000-07-05 15:24:26 +04:00
2008-03-24 22:32:14 +03:00
for ( i = 0 ; i < num_users ; i + + ) {
d_printf ( " %s \n " , users [ i ] ) ;
}
2007-12-08 04:32:32 +03:00
2008-03-24 22:32:14 +03:00
wbcFreeMemory ( users ) ;
2002-01-11 06:49:51 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
/* Print domain groups */
2007-10-19 04:40:25 +04:00
static bool print_domain_groups ( const char * domain )
2000-07-05 15:24:26 +04:00
{
2008-03-24 22:32:14 +03:00
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE ;
uint32_t i ;
uint32_t num_groups = 0 ;
const char * * groups = NULL ;
2000-07-05 15:24:26 +04:00
2008-03-24 22:32:14 +03:00
/* Send request to winbind daemon */
2000-07-05 15:24:26 +04:00
2008-03-24 22:32:14 +03:00
/* '.' is the special sign for our own domain */
if ( domain & & strcmp ( domain , " . " ) = = 0 ) {
domain = get_winbind_domain ( ) ;
2003-08-11 10:36:30 +04:00
}
2008-03-24 22:32:14 +03:00
wbc_status = wbcListGroups ( domain , & num_groups , & groups ) ;
if ( ! WBC_ERROR_IS_OK ( wbc_status ) ) {
2008-02-04 19:25:06 +03:00
return false ;
2008-03-24 22:32:14 +03:00
}
2000-07-05 15:24:26 +04:00
2008-03-24 22:32:14 +03:00
for ( i = 0 ; i < num_groups ; i + + ) {
d_printf ( " %s \n " , groups [ i ] ) ;
}
2002-01-11 06:49:51 +03:00
2008-03-24 22:32:14 +03:00
wbcFreeMemory ( groups ) ;
2007-12-08 04:32:32 +03:00
2008-02-04 19:25:06 +03:00
return true ;
2000-07-05 15:24:26 +04:00
}
2001-12-11 08:18:36 +03:00
/* Set the authorised user for winbindd access in secrets.tdb */
2007-10-19 04:40:25 +04:00
static bool wbinfo_set_auth_user ( char * username )
2001-12-11 08:18:36 +03:00
{
2009-08-13 01:41:32 +04:00
d_fprintf ( stderr , " This functionality was moved to the 'net' utility. \n "
" See 'net help setauthuser' for details. \n " ) ;
return false ;
2001-12-11 08:18:36 +03:00
}
2002-11-02 04:51:53 +03:00
static void wbinfo_get_auth_user ( void )
{
2009-08-13 01:41:32 +04:00
d_fprintf ( stderr , " This functionality was moved to the 'net' utility. \n "
" See 'net help getauthuser' for details. \n " ) ;
2002-11-02 04:51:53 +03:00
}
2007-10-19 04:40:25 +04:00
static bool wbinfo_ping ( void )
2002-01-10 13:23:54 +03:00
{
2008-03-28 21:01:54 +03:00
wbcErr wbc_status ;
2002-09-25 19:19:00 +04:00
2008-03-28 21:01:54 +03:00
wbc_status = wbcPing ( ) ;
2002-01-10 13:23:54 +03:00
/* Display response */
2008-03-28 21:01:54 +03:00
d_printf ( " Ping to winbindd %s \n " ,
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
2002-01-10 13:23:54 +03:00
2008-03-28 21:01:54 +03:00
return WBC_ERROR_IS_OK ( wbc_status ) ;
2002-01-10 13:23:54 +03:00
}
2008-08-15 04:01:14 +04:00
static bool wbinfo_change_user_password ( const char * username )
{
wbcErr wbc_status ;
char * old_password = NULL ;
char * new_password = NULL ;
2009-08-12 19:25:14 +04:00
TALLOC_CTX * frame = talloc_tos ( ) ;
2008-08-15 04:01:14 +04:00
2009-08-12 19:25:14 +04:00
old_password = wbinfo_prompt_pass ( frame , " old " , username ) ;
new_password = wbinfo_prompt_pass ( frame , " new " , username ) ;
2008-08-15 04:01:14 +04:00
2009-08-12 17:51:20 +04:00
wbc_status = wbcChangeUserPassword ( username , old_password , new_password ) ;
2008-08-15 04:01:14 +04:00
/* Display response */
d_printf ( " Password change for user %s %s \n " , username ,
WBC_ERROR_IS_OK ( wbc_status ) ? " succeeded " : " failed " ) ;
return WBC_ERROR_IS_OK ( wbc_status ) ;
}
2000-07-05 15:24:26 +04:00
/* Main program */
2001-12-11 08:18:36 +03:00
enum {
2002-03-20 06:54:47 +03:00
OPT_SET_AUTH_USER = 1000 ,
2002-11-02 04:51:53 +03:00
OPT_GET_AUTH_USER ,
2003-08-11 02:01:11 +04:00
OPT_DOMAIN_NAME ,
2003-11-19 11:11:14 +03:00
OPT_SEQUENCE ,
2005-06-09 02:10:34 +04:00
OPT_GETDCNAME ,
2007-08-28 19:20:54 +04:00
OPT_DSGETDCNAME ,
2005-06-09 02:10:34 +04:00
OPT_USERDOMGROUPS ,
2009-02-11 00:59:10 +03:00
OPT_SIDALIASES ,
2005-11-30 01:46:16 +03:00
OPT_USERSIDS ,
2006-02-04 01:19:41 +03:00
OPT_ALLOCATE_UID ,
OPT_ALLOCATE_GID ,
2008-10-28 09:46:44 +03:00
OPT_SET_UID_MAPPING ,
OPT_SET_GID_MAPPING ,
2008-10-28 09:37:55 +03:00
OPT_REMOVE_UID_MAPPING ,
OPT_REMOVE_GID_MAPPING ,
2006-02-04 01:19:41 +03:00
OPT_SEPARATOR ,
2006-05-31 21:15:33 +04:00
OPT_LIST_ALL_DOMAINS ,
2006-07-11 22:01:26 +04:00
OPT_LIST_OWN_DOMAIN ,
2007-08-12 21:36:42 +04:00
OPT_UID_INFO ,
2009-02-10 22:06:44 +03:00
OPT_USER_SIDINFO ,
2006-07-11 22:01:26 +04:00
OPT_GROUP_INFO ,
2008-12-26 13:02:02 +03:00
OPT_GID_INFO ,
2008-04-23 00:29:53 +04:00
OPT_VERBOSE ,
2008-08-15 04:01:14 +04:00
OPT_ONLINESTATUS ,
2008-10-22 13:21:31 +04:00
OPT_CHANGE_USER_PASSWORD ,
2009-12-21 23:50:43 +03:00
OPT_PING_DC ,
2010-01-09 22:20:36 +03:00
OPT_CCACHE_SAVE ,
2009-08-12 17:51:20 +04:00
OPT_SID_TO_FULLNAME ,
OPT_NTLMV2 ,
2010-04-02 22:34:58 +04:00
OPT_LOGOFF ,
OPT_LOGOFF_USER ,
OPT_LOGOFF_UID ,
2009-08-12 17:51:20 +04:00
OPT_LANMAN
2001-12-11 08:18:36 +03:00
} ;
2006-11-30 02:20:22 +03:00
int main ( int argc , char * * argv , char * * envp )
2000-07-05 15:24:26 +04:00
{
int opt ;
2008-02-04 19:23:28 +03:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2001-12-11 08:18:36 +03:00
poptContext pc ;
2001-12-11 21:08:48 +03:00
static char * string_arg ;
2008-10-28 09:46:44 +03:00
char * string_subarg = NULL ;
2003-08-11 02:01:11 +04:00
static char * opt_domain_name ;
2001-12-11 21:08:48 +03:00
static int int_arg ;
2008-10-28 09:46:44 +03:00
int int_subarg = - 1 ;
2002-04-04 10:40:17 +04:00
int result = 1 ;
2008-03-26 02:58:40 +03:00
bool verbose = false ;
2009-08-12 17:51:20 +04:00
bool use_ntlmv2 = false ;
bool use_lanman = false ;
2010-04-02 22:34:58 +04:00
char * logoff_user = getenv ( " USER " ) ;
int logoff_uid = geteuid ( ) ;
2001-12-11 08:18:36 +03:00
struct poptOption long_options [ ] = {
2002-09-25 19:19:00 +04:00
POPT_AUTOHELP
2001-12-11 08:18:36 +03:00
2008-02-04 19:23:28 +03:00
/* longName, shortName, argInfo, argPtr, value, descrip,
2002-03-20 06:54:47 +03:00
argDesc */
2003-08-11 02:01:11 +04:00
{ " domain-users " , ' u ' , POPT_ARG_NONE , 0 , ' u ' , " Lists all domain users " , " domain " } ,
{ " domain-groups " , ' g ' , POPT_ARG_NONE , 0 , ' g ' , " Lists all domain groups " , " domain " } ,
2003-03-18 09:07:50 +03:00
{ " WINS-by-name " , ' N ' , POPT_ARG_STRING , & string_arg , ' N ' , " Converts NetBIOS name to IP " , " NETBIOS-NAME " } ,
{ " WINS-by-ip " , ' I ' , POPT_ARG_STRING , & string_arg , ' I ' , " Converts IP address to NetBIOS name " , " IP " } ,
2002-10-29 20:36:50 +03:00
{ " name-to-sid " , ' n ' , POPT_ARG_STRING , & string_arg , ' n ' , " Converts name to sid " , " NAME " } ,
{ " sid-to-name " , ' s ' , POPT_ARG_STRING , & string_arg , ' s ' , " Converts sid to name " , " SID " } ,
2008-10-22 13:21:31 +04:00
{ " sid-to-fullname " , 0 , POPT_ARG_STRING , & string_arg ,
OPT_SID_TO_FULLNAME , " Converts sid to fullname " , " SID " } ,
2006-07-11 22:01:26 +04:00
{ " lookup-rids " , ' R ' , POPT_ARG_STRING , & string_arg , ' R ' , " Converts RIDs to names " , " RIDs " } ,
2002-10-29 20:36:50 +03:00
{ " uid-to-sid " , ' U ' , POPT_ARG_INT , & int_arg , ' U ' , " Converts uid to sid " , " UID " } ,
{ " gid-to-sid " , ' G ' , POPT_ARG_INT , & int_arg , ' G ' , " Converts gid to sid " , " GID " } ,
{ " sid-to-uid " , ' S ' , POPT_ARG_STRING , & string_arg , ' S ' , " Converts sid to uid " , " SID " } ,
{ " sid-to-gid " , ' Y ' , POPT_ARG_STRING , & string_arg , ' Y ' , " Converts sid to gid " , " SID " } ,
2006-02-04 01:19:41 +03:00
{ " allocate-uid " , 0 , POPT_ARG_NONE , 0 , OPT_ALLOCATE_UID ,
" Get a new UID out of idmap " } ,
{ " allocate-gid " , 0 , POPT_ARG_NONE , 0 , OPT_ALLOCATE_GID ,
" Get a new GID out of idmap " } ,
2008-10-28 09:46:44 +03:00
{ " set-uid-mapping " , 0 , POPT_ARG_STRING , & string_arg , OPT_SET_UID_MAPPING , " Create or modify uid to sid mapping in idmap " , " UID,SID " } ,
{ " set-gid-mapping " , 0 , POPT_ARG_STRING , & string_arg , OPT_SET_GID_MAPPING , " Create or modify gid to sid mapping in idmap " , " GID,SID " } ,
2008-10-28 09:37:55 +03:00
{ " remove-uid-mapping " , 0 , POPT_ARG_STRING , & string_arg , OPT_REMOVE_UID_MAPPING , " Remove uid to sid mapping in idmap " , " UID,SID " } ,
{ " remove-gid-mapping " , 0 , POPT_ARG_STRING , & string_arg , OPT_REMOVE_GID_MAPPING , " Remove gid to sid mapping in idmap " , " GID,SID " } ,
2002-09-25 19:19:00 +04:00
{ " check-secret " , ' t ' , POPT_ARG_NONE , 0 , ' t ' , " Check shared secret " } ,
2009-10-06 20:18:00 +04:00
{ " change-secret " , ' c ' , POPT_ARG_NONE , 0 , ' c ' , " Change shared secret " } ,
2009-12-21 23:50:43 +03:00
{ " ping-dc " , 0 , POPT_ARG_NONE , 0 , OPT_PING_DC ,
" Check the NETLOGON connection " } ,
2002-09-25 19:19:00 +04:00
{ " trusted-domains " , ' m ' , POPT_ARG_NONE , 0 , ' m ' , " List trusted domains " } ,
2006-02-04 01:19:41 +03:00
{ " all-domains " , 0 , POPT_ARG_NONE , 0 , OPT_LIST_ALL_DOMAINS , " List all domains (trusted and own domain) " } ,
2006-05-31 21:15:33 +04:00
{ " own-domain " , 0 , POPT_ARG_NONE , 0 , OPT_LIST_OWN_DOMAIN , " List own domain " } ,
2003-03-18 09:07:50 +03:00
{ " sequence " , 0 , POPT_ARG_NONE , 0 , OPT_SEQUENCE , " Show sequence numbers of all domains " } ,
2008-04-23 00:29:53 +04:00
{ " online-status " , 0 , POPT_ARG_NONE , 0 , OPT_ONLINESTATUS , " Show whether domains are marked as online or offline " } ,
2004-01-23 15:57:29 +03:00
{ " domain-info " , ' D ' , POPT_ARG_STRING , & string_arg , ' D ' , " Show most of the info we have about the domain " } ,
2006-04-23 15:11:27 +04:00
{ " user-info " , ' i ' , POPT_ARG_STRING , & string_arg , ' i ' , " Get user info " , " USER " } ,
2007-08-12 21:36:42 +04:00
{ " uid-info " , 0 , POPT_ARG_INT , & int_arg , OPT_UID_INFO , " Get user info from uid " , " UID " } ,
2006-07-11 22:01:26 +04:00
{ " group-info " , 0 , POPT_ARG_STRING , & string_arg , OPT_GROUP_INFO , " Get group info " , " GROUP " } ,
2009-02-10 22:06:44 +03:00
{ " user-sidinfo " , 0 , POPT_ARG_STRING , & string_arg , OPT_USER_SIDINFO , " Get user info from sid " , " SID " } ,
2008-12-26 13:02:02 +03:00
{ " gid-info " , 0 , POPT_ARG_INT , & int_arg , OPT_GID_INFO , " Get group info from gid " , " GID " } ,
2002-10-29 20:36:50 +03:00
{ " user-groups " , ' r ' , POPT_ARG_STRING , & string_arg , ' r ' , " Get user groups " , " USER " } ,
2005-06-09 02:10:34 +04:00
{ " user-domgroups " , 0 , POPT_ARG_STRING , & string_arg ,
OPT_USERDOMGROUPS , " Get user domain groups " , " SID " } ,
2009-02-11 00:59:10 +03:00
{ " sid-aliases " , 0 , POPT_ARG_STRING , & string_arg , OPT_SIDALIASES , " Get sid aliases " , " SID " } ,
2003-11-19 11:11:14 +03:00
{ " user-sids " , 0 , POPT_ARG_STRING , & string_arg , OPT_USERSIDS , " Get user group sids for user SID " , " SID " } ,
2008-10-28 09:36:36 +03:00
{ " authenticate " , ' a ' , POPT_ARG_STRING , & string_arg , ' a ' , " authenticate user " , " user%password " } ,
2010-04-02 22:34:58 +04:00
{ " logoff " , 0 , POPT_ARG_NONE , NULL , OPT_LOGOFF ,
" log off user " , " uid " } ,
{ " logoff-user " , 0 , POPT_ARG_STRING , & logoff_user ,
OPT_LOGOFF_USER , " username to log off " } ,
{ " logoff-uid " , 0 , POPT_ARG_INT , & logoff_uid ,
OPT_LOGOFF_UID , " uid to log off " } ,
2003-06-18 18:20:23 +04:00
{ " set-auth-user " , 0 , POPT_ARG_STRING , & string_arg , OPT_SET_AUTH_USER , " Store user and password used by winbindd (root only) " , " user%password " } ,
2010-01-09 22:20:36 +03:00
{ " ccache-save " , 0 , POPT_ARG_STRING , & string_arg ,
OPT_CCACHE_SAVE , " Store user and password for ccache "
" operation " , " user%password " } ,
2005-06-09 02:10:34 +04:00
{ " getdcname " , 0 , POPT_ARG_STRING , & string_arg , OPT_GETDCNAME ,
" Get a DC name for a foreign domain " , " domainname " } ,
2007-08-28 19:20:54 +04:00
{ " dsgetdcname " , 0 , POPT_ARG_STRING , & string_arg , OPT_DSGETDCNAME , " Find a DC for a domain " , " domainname " } ,
2002-11-02 04:51:53 +03:00
{ " get-auth-user " , 0 , POPT_ARG_NONE , NULL , OPT_GET_AUTH_USER , " Retrieve user and password used by winbindd (root only) " , NULL } ,
2003-03-18 09:07:50 +03:00
{ " ping " , ' p ' , POPT_ARG_NONE , 0 , ' p ' , " Ping winbindd to see if it is alive " } ,
2003-12-23 23:25:21 +03:00
{ " domain " , 0 , POPT_ARG_STRING , & opt_domain_name , OPT_DOMAIN_NAME , " Define to the domain to restrict operation " , " domain " } ,
2004-04-01 16:31:50 +04:00
# ifdef WITH_FAKE_KASERVER
2008-10-28 09:36:36 +03:00
{ " klog " , ' k ' , POPT_ARG_STRING , & string_arg , ' k ' , " set an AFS token from winbind " , " user%password " } ,
2006-02-04 01:19:41 +03:00
# endif
# ifdef HAVE_KRB5
{ " krb5auth " , ' K ' , POPT_ARG_STRING , & string_arg , ' K ' , " authenticate user using Kerberos " , " user%password " } ,
/* destroys wbinfo --help output */
/* "user%password,DOM\\user%password,user@EXAMPLE.COM,EXAMPLE.COM\\user%password" }, */
2004-04-01 16:31:50 +04:00
# endif
2005-11-30 01:46:16 +03:00
{ " separator " , 0 , POPT_ARG_NONE , 0 , OPT_SEPARATOR , " Get the active winbind separator " , NULL } ,
2008-03-26 02:58:40 +03:00
{ " verbose " , 0 , POPT_ARG_NONE , 0 , OPT_VERBOSE , " Print additional information per command " , NULL } ,
2008-08-15 04:01:14 +04:00
{ " change-user-password " , 0 , POPT_ARG_STRING , & string_arg , OPT_CHANGE_USER_PASSWORD , " Change the password for a user " , NULL } ,
2009-08-12 17:51:20 +04:00
{ " ntlmv2 " , 0 , POPT_ARG_NONE , 0 , OPT_NTLMV2 , " Use NTLMv2 cryptography for user authentication " , NULL } ,
{ " lanman " , 0 , POPT_ARG_NONE , 0 , OPT_LANMAN , " Use lanman cryptography for user authentication " , NULL } ,
2003-04-14 06:38:21 +04:00
POPT_COMMON_VERSION
POPT_TABLEEND
2001-12-11 08:18:36 +03:00
} ;
2000-07-05 15:24:26 +04:00
/* Samba client initialisation */
2005-12-29 01:48:54 +03:00
load_case_tables ( ) ;
2000-07-05 15:24:26 +04:00
2002-09-25 19:19:00 +04:00
/* Parse options */
2009-08-12 17:51:20 +04:00
pc = poptGetContext ( " wbinfo " , argc , ( const char * * ) argv ,
long_options , 0 ) ;
2002-09-25 19:19:00 +04:00
2000-07-05 15:24:26 +04:00
/* Parse command line options */
if ( argc = = 1 ) {
2002-09-25 19:19:00 +04:00
poptPrintHelp ( pc , stderr , 0 ) ;
2000-07-05 15:24:26 +04:00
return 1 ;
}
2001-12-11 08:18:36 +03:00
while ( ( opt = poptGetNextOpt ( pc ) ) ! = - 1 ) {
2003-08-11 02:01:11 +04:00
/* get the generic configuration parameters like --domain */
2008-03-26 02:58:40 +03:00
switch ( opt ) {
case OPT_VERBOSE :
2009-08-12 19:27:05 +04:00
verbose = true ;
2008-03-26 02:58:40 +03:00
break ;
2009-08-12 17:51:20 +04:00
case OPT_NTLMV2 :
use_ntlmv2 = true ;
break ;
case OPT_LANMAN :
use_lanman = true ;
break ;
2008-03-26 02:58:40 +03:00
}
2001-12-11 08:18:36 +03:00
}
2002-04-04 10:40:17 +04:00
poptFreeContext ( pc ) ;
2008-10-28 09:36:36 +03:00
pc = poptGetContext ( NULL , argc , ( const char * * ) argv , long_options ,
2001-12-11 08:18:36 +03:00
POPT_CONTEXT_KEEP_FIRST ) ;
while ( ( opt = poptGetNextOpt ( pc ) ) ! = - 1 ) {
2000-07-05 15:24:26 +04:00
switch ( opt ) {
case ' u ' :
2003-08-11 02:01:11 +04:00
if ( ! print_domain_users ( opt_domain_name ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Error looking up domain users \n " ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
case ' g ' :
2003-08-11 02:01:11 +04:00
if ( ! print_domain_groups ( opt_domain_name ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Error looking up domain groups \n " ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
case ' s ' :
2001-12-11 08:18:36 +03:00
if ( ! wbinfo_lookupsid ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not lookup sid %s \n " ,
string_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
2008-10-22 13:21:31 +04:00
case OPT_SID_TO_FULLNAME :
if ( ! wbinfo_lookupsid_fullname ( string_arg ) ) {
d_fprintf ( stderr , " Could not lookup sid %s \n " ,
string_arg ) ;
goto done ;
}
break ;
2006-07-11 22:01:26 +04:00
case ' R ' :
if ( ! wbinfo_lookuprids ( opt_domain_name , string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr , " Could not lookup RIDs %s \n " ,
string_arg ) ;
2006-07-11 22:01:26 +04:00
goto done ;
}
break ;
2000-07-05 15:24:26 +04:00
case ' n ' :
2001-12-11 08:18:36 +03:00
if ( ! wbinfo_lookupname ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr , " Could not lookup name %s \n " ,
string_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
2002-03-29 18:37:39 +03:00
case ' N ' :
if ( ! wbinfo_wins_byname ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not lookup WINS by name %s \n " ,
string_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2002-03-29 18:37:39 +03:00
}
break ;
case ' I ' :
if ( ! wbinfo_wins_byip ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not lookup WINS by IP %s \n " ,
string_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2002-03-29 18:37:39 +03:00
}
break ;
2000-07-05 15:24:26 +04:00
case ' U ' :
2001-12-11 08:18:36 +03:00
if ( ! wbinfo_uid_to_sid ( int_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not convert uid %d to sid \n " ,
int_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
case ' G ' :
2001-12-11 08:18:36 +03:00
if ( ! wbinfo_gid_to_sid ( int_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not convert gid %d to sid \n " ,
int_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
case ' S ' :
2001-12-11 08:18:36 +03:00
if ( ! wbinfo_sid_to_uid ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not convert sid %s to uid \n " ,
string_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
case ' Y ' :
2001-12-11 08:18:36 +03:00
if ( ! wbinfo_sid_to_gid ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not convert sid %s to gid \n " ,
string_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
2006-02-04 01:19:41 +03:00
case OPT_ALLOCATE_UID :
if ( ! wbinfo_allocate_uid ( ) ) {
d_fprintf ( stderr , " Could not allocate a uid \n " ) ;
goto done ;
}
break ;
case OPT_ALLOCATE_GID :
if ( ! wbinfo_allocate_gid ( ) ) {
d_fprintf ( stderr , " Could not allocate a gid \n " ) ;
2004-04-07 16:43:44 +04:00
goto done ;
}
break ;
2008-10-28 09:46:44 +03:00
case OPT_SET_UID_MAPPING :
if ( ! parse_mapping_arg ( string_arg , & int_subarg ,
& string_subarg ) | |
! wbinfo_set_uid_mapping ( int_subarg , string_subarg ) )
{
d_fprintf ( stderr , " Could not create or modify "
" uid to sid mapping \n " ) ;
goto done ;
}
break ;
case OPT_SET_GID_MAPPING :
if ( ! parse_mapping_arg ( string_arg , & int_subarg ,
& string_subarg ) | |
! wbinfo_set_gid_mapping ( int_subarg , string_subarg ) )
{
d_fprintf ( stderr , " Could not create or modify "
" gid to sid mapping \n " ) ;
goto done ;
}
break ;
2008-10-28 09:37:55 +03:00
case OPT_REMOVE_UID_MAPPING :
if ( ! parse_mapping_arg ( string_arg , & int_subarg ,
& string_subarg ) | |
! wbinfo_remove_uid_mapping ( int_subarg ,
string_subarg ) )
{
d_fprintf ( stderr , " Could not remove uid to sid "
" mapping \n " ) ;
goto done ;
}
break ;
case OPT_REMOVE_GID_MAPPING :
if ( ! parse_mapping_arg ( string_arg , & int_subarg ,
& string_subarg ) | |
! wbinfo_remove_gid_mapping ( int_subarg ,
string_subarg ) )
{
d_fprintf ( stderr , " Could not remove gid to sid "
" mapping \n " ) ;
goto done ;
}
break ;
2000-07-05 15:24:26 +04:00
case ' t ' :
2009-10-07 12:43:53 +04:00
if ( ! wbinfo_check_secret ( opt_domain_name ) ) {
2005-12-21 15:52:04 +03:00
d_fprintf ( stderr , " Could not check secret \n " ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
2009-10-06 20:18:00 +04:00
case ' c ' :
if ( ! wbinfo_change_secret ( opt_domain_name ) ) {
d_fprintf ( stderr , " Could not change secret \n " ) ;
goto done ;
}
break ;
2009-12-21 23:50:43 +03:00
case OPT_PING_DC :
if ( ! wbinfo_ping_dc ( ) ) {
d_fprintf ( stderr , " Could not ping our DC \n " ) ;
goto done ;
}
break ;
2000-07-05 15:24:26 +04:00
case ' m ' :
2008-03-26 02:58:40 +03:00
if ( ! wbinfo_list_domains ( false , verbose ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not list trusted domains \n " ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
break ;
2002-01-31 14:49:29 +03:00
case OPT_SEQUENCE :
2003-08-11 02:01:11 +04:00
if ( ! wbinfo_show_sequence ( opt_domain_name ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not show sequence numbers \n " ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2002-01-31 14:49:29 +03:00
}
break ;
2008-04-23 00:29:53 +04:00
case OPT_ONLINESTATUS :
if ( ! wbinfo_show_onlinestatus ( opt_domain_name ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not show online-status \n " ) ;
2008-04-23 00:29:53 +04:00
goto done ;
}
break ;
2004-01-04 14:51:31 +03:00
case ' D ' :
if ( ! wbinfo_domain_info ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not get domain info \n " ) ;
2004-01-04 14:51:31 +03:00
goto done ;
}
break ;
2006-04-23 15:11:27 +04:00
case ' i ' :
if ( ! wbinfo_get_userinfo ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not get info for user %s \n " ,
string_arg ) ;
2006-04-23 15:11:27 +04:00
goto done ;
}
break ;
2009-02-10 22:06:44 +03:00
case OPT_USER_SIDINFO :
if ( ! wbinfo_get_user_sidinfo ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not get info for user "
" sid %s \n " , string_arg ) ;
2009-02-10 22:06:44 +03:00
goto done ;
}
break ;
2007-08-12 21:36:42 +04:00
case OPT_UID_INFO :
if ( ! wbinfo_get_uidinfo ( int_arg ) ) {
d_fprintf ( stderr , " Could not get info for uid "
" %d \n " , int_arg ) ;
goto done ;
}
break ;
2006-07-11 22:01:26 +04:00
case OPT_GROUP_INFO :
if ( ! wbinfo_get_groupinfo ( string_arg ) ) {
d_fprintf ( stderr , " Could not get info for "
" group %s \n " , string_arg ) ;
goto done ;
}
2007-03-24 02:10:46 +03:00
break ;
2008-12-26 13:02:02 +03:00
case OPT_GID_INFO :
if ( ! wbinfo_get_gidinfo ( int_arg ) ) {
d_fprintf ( stderr , " Could not get info for gid "
" %d \n " , int_arg ) ;
goto done ;
}
break ;
2000-10-11 09:25:32 +04:00
case ' r ' :
2001-12-11 08:18:36 +03:00
if ( ! wbinfo_get_usergroups ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not get groups for user %s \n " ,
string_arg ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-10-11 09:25:32 +04:00
}
break ;
2003-11-19 11:11:14 +03:00
case OPT_USERSIDS :
if ( ! wbinfo_get_usersids ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr , " Could not get group SIDs "
" for user SID %s \n " ,
string_arg ) ;
2003-11-19 11:11:14 +03:00
goto done ;
}
break ;
2005-06-09 02:10:34 +04:00
case OPT_USERDOMGROUPS :
if ( ! wbinfo_get_userdomgroups ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr , " Could not get user's domain "
" groups for user SID %s \n " ,
string_arg ) ;
2005-06-09 02:10:34 +04:00
goto done ;
}
break ;
2009-02-11 00:59:10 +03:00
case OPT_SIDALIASES :
2009-08-12 17:51:20 +04:00
if ( ! wbinfo_get_sidaliases ( opt_domain_name ,
string_arg ) ) {
2009-02-11 00:59:10 +03:00
d_fprintf ( stderr , " Could not get sid aliases "
" for user SID %s \n " , string_arg ) ;
goto done ;
}
break ;
2002-10-29 20:36:50 +03:00
case ' a ' : {
2008-02-04 19:25:06 +03:00
bool got_error = false ;
2003-07-08 07:16:28 +04:00
if ( ! wbinfo_auth ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not authenticate user "
" %s with plaintext "
" password \n " , string_arg ) ;
2008-02-04 19:25:06 +03:00
got_error = true ;
2003-07-08 07:16:28 +04:00
}
2009-08-12 17:51:20 +04:00
if ( ! wbinfo_auth_crap ( string_arg , use_ntlmv2 ,
use_lanman ) ) {
d_fprintf ( stderr ,
" Could not authenticate user "
" %s with challenge/response \n " ,
string_arg ) ;
2008-02-04 19:25:06 +03:00
got_error = true ;
2003-07-08 07:16:28 +04:00
}
if ( got_error )
goto done ;
break ;
}
2010-04-02 22:34:58 +04:00
case OPT_LOGOFF :
{
wbcErr wbc_status ;
wbc_status = wbcLogoffUser ( logoff_user , logoff_uid ,
" " ) ;
d_printf ( " Logoff %s (%d): %s \n " , logoff_user ,
logoff_uid , wbcErrorString ( wbc_status ) ) ;
break ;
}
2006-02-04 01:19:41 +03:00
case ' K ' : {
2009-08-12 17:59:14 +04:00
uint32_t flags = WBFLAG_PAM_KRB5 |
WBFLAG_PAM_CACHED_LOGIN |
2006-02-04 01:19:41 +03:00
WBFLAG_PAM_FALLBACK_AFTER_KRB5 |
2009-08-12 17:59:14 +04:00
WBFLAG_PAM_INFO3_TEXT |
WBFLAG_PAM_CONTACT_TRUSTDOM ;
2006-02-04 01:19:41 +03:00
2009-08-12 17:51:20 +04:00
if ( ! wbinfo_auth_krb5 ( string_arg , " FILE " ,
flags ) ) {
d_fprintf ( stderr ,
" Could not authenticate user "
" [%s] with Kerberos "
" (ccache: %s) \n " , string_arg ,
" FILE " ) ;
2006-02-04 01:19:41 +03:00
goto done ;
2007-06-21 18:32:09 +04:00
}
2006-02-04 01:19:41 +03:00
break ;
}
2004-04-01 16:31:50 +04:00
case ' k ' :
if ( ! wbinfo_klog ( string_arg ) ) {
2005-12-21 15:52:04 +03:00
d_fprintf ( stderr , " Could not klog user \n " ) ;
2004-04-01 16:31:50 +04:00
goto done ;
}
break ;
2003-07-25 05:18:10 +04:00
case ' p ' :
2003-07-08 07:16:28 +04:00
if ( ! wbinfo_ping ( ) ) {
2006-02-04 01:19:41 +03:00
d_fprintf ( stderr , " could not ping winbindd! \n " ) ;
2003-07-08 07:16:28 +04:00
goto done ;
}
break ;
2001-12-11 08:18:36 +03:00
case OPT_SET_AUTH_USER :
2005-12-21 15:52:04 +03:00
if ( ! wbinfo_set_auth_user ( string_arg ) ) {
goto done ;
}
2002-11-02 04:51:53 +03:00
break ;
case OPT_GET_AUTH_USER :
wbinfo_get_auth_user ( ) ;
2009-08-13 01:41:32 +04:00
goto done ;
2001-12-11 08:18:36 +03:00
break ;
2010-01-09 22:20:36 +03:00
case OPT_CCACHE_SAVE :
if ( ! wbinfo_ccache_save ( string_arg ) ) {
goto done ;
}
break ;
2005-06-09 02:10:34 +04:00
case OPT_GETDCNAME :
2005-12-21 15:52:04 +03:00
if ( ! wbinfo_getdcname ( string_arg ) ) {
goto done ;
}
2005-06-09 02:10:34 +04:00
break ;
2007-08-28 19:20:54 +04:00
case OPT_DSGETDCNAME :
if ( ! wbinfo_dsgetdcname ( string_arg , 0 ) ) {
goto done ;
}
break ;
2005-12-21 15:52:04 +03:00
case OPT_SEPARATOR : {
2009-08-12 17:51:20 +04:00
const char sep = winbind_separator ( ) ;
2006-01-30 16:32:41 +03:00
if ( ! sep ) {
2005-12-21 15:52:04 +03:00
goto done ;
}
d_printf ( " %c \n " , sep ) ;
2005-11-30 01:46:16 +03:00
break ;
2005-12-21 15:52:04 +03:00
}
2006-02-04 01:19:41 +03:00
case OPT_LIST_ALL_DOMAINS :
2008-03-26 02:58:40 +03:00
if ( ! wbinfo_list_domains ( true , verbose ) ) {
2006-02-04 01:19:41 +03:00
goto done ;
}
2006-05-31 21:15:33 +04:00
break ;
case OPT_LIST_OWN_DOMAIN :
if ( ! wbinfo_list_own_domain ( ) ) {
goto done ;
}
break ;
2008-08-15 04:01:14 +04:00
case OPT_CHANGE_USER_PASSWORD :
if ( ! wbinfo_change_user_password ( string_arg ) ) {
2009-08-12 17:51:20 +04:00
d_fprintf ( stderr ,
" Could not change user password "
2008-08-15 04:01:14 +04:00
" for user %s \n " , string_arg ) ;
goto done ;
}
break ;
2003-08-11 02:01:11 +04:00
/* generic configuration options */
case OPT_DOMAIN_NAME :
2008-03-26 02:58:40 +03:00
case OPT_VERBOSE :
2009-08-12 17:51:20 +04:00
case OPT_NTLMV2 :
case OPT_LANMAN :
2010-04-02 22:34:58 +04:00
case OPT_LOGOFF_USER :
case OPT_LOGOFF_UID :
2009-08-12 17:51:20 +04:00
break ;
2000-07-05 15:24:26 +04:00
default :
2002-03-01 04:13:42 +03:00
d_fprintf ( stderr , " Invalid option \n " ) ;
2002-09-25 19:19:00 +04:00
poptPrintHelp ( pc , stderr , 0 ) ;
2002-04-04 10:40:17 +04:00
goto done ;
2000-07-05 15:24:26 +04:00
}
}
2001-12-11 08:18:36 +03:00
2002-04-04 10:40:17 +04:00
result = 0 ;
/* Exit code */
2000-07-05 15:24:26 +04:00
2002-04-04 10:40:17 +04:00
done :
2009-08-12 19:25:14 +04:00
talloc_free ( frame ) ;
2007-11-21 19:27:22 +03:00
2002-04-04 10:40:17 +04:00
poptFreeContext ( pc ) ;
return result ;
2000-07-05 15:24:26 +04:00
}