sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-09 08:58:35 +03:00
Code

net: Remove NT4-based vampire keytab

Browse Source 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Volker Lendecke 2017-09-19 15:09:05 -07:00 committed by Jeremy Allison
parent df7e7c65ed
commit 66c608a6ba
1 changed files with 5 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

158
source3/utils/net_rpc_samsync.c
View File

@ -32,81 +32,6 @@
#include "../libcli/security/security.h"
#include "passdb/machine_sid.h"
static void parse_samsync_partial_replication_objects(TALLOC_CTX *mem_ctx,
int argc,
const char **argv,
bool *do_single_object_replication,
struct samsync_object **objects,
uint32_t *num_objects)
{
int i;
if (argc > 0) {
*do_single_object_replication = true;
}
for (i=0; i<argc; i++) {
struct samsync_object o;
ZERO_STRUCT(o);
if (!strncasecmp_m(argv[i], "user_rid=", strlen("user_rid="))) {
o.object_identifier.rid = get_int_param(argv[i]);
o.object_type = NETR_DELTA_USER;
o.database_id = SAM_DATABASE_DOMAIN;
}
if (!strncasecmp_m(argv[i], "group_rid=", strlen("group_rid="))) {
o.object_identifier.rid = get_int_param(argv[i]);
o.object_type = NETR_DELTA_GROUP;
o.database_id = SAM_DATABASE_DOMAIN;
}
if (!strncasecmp_m(argv[i], "group_member_rid=", strlen("group_member_rid="))) {
o.object_identifier.rid = get_int_param(argv[i]);
o.object_type = NETR_DELTA_GROUP_MEMBER;
o.database_id = SAM_DATABASE_DOMAIN;
}
if (!strncasecmp_m(argv[i], "alias_rid=", strlen("alias_rid="))) {
o.object_identifier.rid = get_int_param(argv[i]);
o.object_type = NETR_DELTA_ALIAS;
o.database_id = SAM_DATABASE_BUILTIN;
}
if (!strncasecmp_m(argv[i], "alias_member_rid=", strlen("alias_member_rid="))) {
o.object_identifier.rid = get_int_param(argv[i]);
o.object_type = NETR_DELTA_ALIAS_MEMBER;
o.database_id = SAM_DATABASE_BUILTIN;
}
if (!strncasecmp_m(argv[i], "account_sid=", strlen("account_sid="))) {
const char *sid_str = get_string_param(argv[i]);
string_to_sid(&o.object_identifier.sid, sid_str);
o.object_type = NETR_DELTA_ACCOUNT;
o.database_id = SAM_DATABASE_PRIVS;
}
if (!strncasecmp_m(argv[i], "policy_sid=", strlen("policy_sid="))) {
const char *sid_str = get_string_param(argv[i]);
string_to_sid(&o.object_identifier.sid, sid_str);
o.object_type = NETR_DELTA_POLICY;
o.database_id = SAM_DATABASE_PRIVS;
}
if (!strncasecmp_m(argv[i], "trustdom_sid=", strlen("trustdom_sid="))) {
const char *sid_str = get_string_param(argv[i]);
string_to_sid(&o.object_identifier.sid, sid_str);
o.object_type = NETR_DELTA_TRUSTED_DOMAIN;
o.database_id = SAM_DATABASE_PRIVS;
}
if (!strncasecmp_m(argv[i], "secret_name=", strlen("secret_name="))) {
o.object_identifier.name = get_string_param(argv[i]);
o.object_type = NETR_DELTA_SECRET;
o.database_id = SAM_DATABASE_PRIVS;
}
if (o.object_type > 0) {
ADD_TO_ARRAY(mem_ctx, struct samsync_object, o,
objects, num_objects);
}
}
}
/**
* Basic usage function for 'net rpc vampire'
*
@ -230,66 +155,6 @@ int rpc_vampire_passdb(struct net_context *c, int argc, const char **argv)
return ret;
}
static NTSTATUS rpc_vampire_keytab_internals(struct net_context *c,
const struct dom_sid *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
TALLOC_CTX *mem_ctx,
int argc,
const char **argv)
{
NTSTATUS status;
struct samsync_context *ctx = NULL;
status = libnet_samsync_init_context(mem_ctx,
domain_sid,
&ctx);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (argc < 1) {
/* the caller should ensure that a filename is provided */
return NT_STATUS_INVALID_PARAMETER;
} else {
ctx->output_filename = argv[0];
}
if (argc >= 2) {
parse_samsync_partial_replication_objects(ctx, argc-1, argv+1,
&ctx->single_object_replication,
&ctx->objects,
&ctx->num_objects);
}
ctx->mode = NET_SAMSYNC_MODE_FETCH_KEYTAB;
ctx->cli = pipe_hnd;
ctx->ops = &libnet_samsync_keytab_ops;
ctx->domain_name = domain_name;
ctx->username = c->opt_user_name;
ctx->password = c->opt_password;
ctx->force_full_replication = c->opt_force_full_repl ? true : false;
ctx->clean_old_entries = c->opt_clean_old_entries ? true : false;
/* fetch domain */
status = libnet_samsync(SAM_DATABASE_DOMAIN, ctx);
if (!NT_STATUS_IS_OK(status) && ctx->error_message) {
d_fprintf(stderr, "%s\n", ctx->error_message);
goto out;
}
if (ctx->result_message) {
d_fprintf(stdout, "%s\n", ctx->result_message);
}
out:
TALLOC_FREE(ctx);
return status;
}
static NTSTATUS rpc_vampire_keytab_ds_internals(struct net_context *c,
const struct dom_sid *domain_sid,
const char *domain_name,
@ -381,27 +246,12 @@ int rpc_vampire_keytab(struct net_context *c, int argc, const char **argv)
}
if (!dc_info.is_ad) {
printf(_("DC is not running Active Directory\n"));
ret = run_rpc_command(c, cli, &ndr_table_netlogon,
0,
rpc_vampire_keytab_internals, argc, argv);
} else {
printf(_("DC is not running Active Directory, exiting\n"));
return -1;
}
ret = run_rpc_command(c, cli, &ndr_table_drsuapi,
NET_FLAGS_SEAL | NET_FLAGS_TCP,
rpc_vampire_keytab_ds_internals, argc, argv);
if (ret != 0 && dc_info.is_mixed_mode) {
printf(_("Fallback to NT4 vampire on Mixed-Mode AD "
"Domain\n"));
ret = run_rpc_command(c, cli, &ndr_table_netlogon,
0,
rpc_vampire_keytab_internals, argc, argv);
} else {
#ifndef HAVE_ADS
printf(_("Vampire requested against AD DC but ADS"
" support not built in: HAVE_ADS is not defined\n"));
#endif
}
}
return ret;
}