mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
r23874: Some more minor edits for net ads gpo.
Guenther
This commit is contained in:
parent
94d11806fd
commit
cc41b3b60f
@ -103,6 +103,9 @@ static struct snapin_table gpo_cse_snapin_extensions[] = {
|
||||
{ NULL, NULL, NULL }
|
||||
};
|
||||
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
static const char *name_to_guid_string(const char *name, struct gpo_table *table)
|
||||
{
|
||||
int i;
|
||||
@ -116,6 +119,9 @@ static const char *name_to_guid_string(const char *name, struct gpo_table *table
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
static const char *guid_string_to_name(const char *guid_string, struct gpo_table *table)
|
||||
{
|
||||
int i;
|
||||
@ -129,6 +135,9 @@ static const char *guid_string_to_name(const char *guid_string, struct gpo_table
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
static const char *snapin_guid_string_to_name(const char *guid_string,
|
||||
struct snapin_table *table)
|
||||
{
|
||||
@ -153,21 +162,33 @@ static const char *default_gpo_guid_string_to_name(const char *guid)
|
||||
}
|
||||
#endif
|
||||
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
const char *cse_gpo_guid_string_to_name(const char *guid)
|
||||
{
|
||||
return guid_string_to_name(guid, gpo_cse_extensions);
|
||||
}
|
||||
|
||||
static const char *cse_gpo_name_to_guid_string(const char *name)
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
const char *cse_gpo_name_to_guid_string(const char *name)
|
||||
{
|
||||
return name_to_guid_string(name, gpo_cse_extensions);
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
const char *cse_snapin_gpo_guid_string_to_name(const char *guid)
|
||||
{
|
||||
return snapin_guid_string_to_name(guid, gpo_cse_snapin_extensions);
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
void dump_gp_ext(struct GP_EXT *gp_ext, int debuglevel)
|
||||
{
|
||||
int lvl = debuglevel;
|
||||
@ -190,7 +211,10 @@ void dump_gp_ext(struct GP_EXT *gp_ext, int debuglevel)
|
||||
}
|
||||
}
|
||||
|
||||
void dump_gpo(TALLOC_CTX *mem_ctx, struct GROUP_POLICY_OBJECT *gpo, int debuglevel)
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
void dump_gpo(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GROUP_POLICY_OBJECT *gpo, int debuglevel)
|
||||
{
|
||||
int lvl = debuglevel;
|
||||
|
||||
@ -278,19 +302,24 @@ void dump_gpo(TALLOC_CTX *mem_ctx, struct GROUP_POLICY_OBJECT *gpo, int debuglev
|
||||
}
|
||||
dump_gp_ext(gp_ext, lvl);
|
||||
}
|
||||
|
||||
DEBUGADD(lvl,("security descriptor:\n"));
|
||||
|
||||
ads_disp_sd(ads, mem_ctx, gpo->security_descriptor);
|
||||
}
|
||||
|
||||
/****************************************************************
|
||||
****************************************************************/
|
||||
|
||||
void dump_gpo_list(TALLOC_CTX *mem_ctx,
|
||||
void dump_gpo_list(ADS_STRUCT *ads,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct GROUP_POLICY_OBJECT *gpo_list,
|
||||
int debuglevel)
|
||||
{
|
||||
struct GROUP_POLICY_OBJECT *gpo = NULL;
|
||||
|
||||
for (gpo = gpo_list; gpo; gpo = gpo->next) {
|
||||
dump_gpo(mem_ctx, gpo, debuglevel);
|
||||
dump_gpo(ads, mem_ctx, gpo, debuglevel);
|
||||
}
|
||||
}
|
||||
|
||||
@ -349,7 +378,7 @@ void dump_gplink(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GP_LINK *gp_link)
|
||||
DEBUG(lvl,("get gpo for %s failed: %s\n", gp_link->link_names[i], ads_errstr(status)));
|
||||
return;
|
||||
}
|
||||
dump_gpo(mem_ctx, &gpo, lvl);
|
||||
dump_gpo(ads, mem_ctx, &gpo, lvl);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -27,14 +27,15 @@ static int net_ads_gpo_usage(int argc, const char **argv)
|
||||
d_printf(
|
||||
"net ads gpo <COMMAND>\n"\
|
||||
"<COMMAND> can be either:\n"\
|
||||
" ADDLINK Link a container to a GPO\n"\
|
||||
/* " APPLY Apply all GPOs\n"\ */
|
||||
/* " DELETELINK Delete a gPLink from a container\n"\ */
|
||||
" REFRESH Lists all GPOs assigned to an account and downloads them\n"\
|
||||
" APPLY Apply GPOs for machine/user\n"\
|
||||
" GETGPO Lists specified GPO\n"\
|
||||
" GETLINK Lists gPLink of a containter\n"\
|
||||
" HELP Prints this help message\n"\
|
||||
" LIST Lists all GPOs\n"\
|
||||
" LINKADD Link a container to a GPO\n"\
|
||||
/* " LINKDELETE Delete a gPLink from a container\n"\ */
|
||||
" LINKGET Lists gPLink of a containter\n"\
|
||||
" LIST Lists all GPOs for machine/user\n"\
|
||||
" LISTALL Lists all GPOs on a DC\n"\
|
||||
" REFRESH Lists all GPOs assigned to an account and downloads them\n"\
|
||||
"\n"
|
||||
);
|
||||
return -1;
|
||||
@ -119,7 +120,7 @@ static int net_ads_gpo_refresh(int argc, const char **argv)
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int net_ads_gpo_list(int argc, const char **argv)
|
||||
static int net_ads_gpo_list_all(int argc, const char **argv)
|
||||
{
|
||||
ADS_STRUCT *ads;
|
||||
ADS_STATUS status;
|
||||
@ -137,10 +138,11 @@ static int net_ads_gpo_list(int argc, const char **argv)
|
||||
"name",
|
||||
"gPCMachineExtensionNames",
|
||||
"gPCUserExtensionNames",
|
||||
"ntSecurityDescriptor",
|
||||
NULL
|
||||
};
|
||||
|
||||
mem_ctx = talloc_init("net_ads_gpo_list");
|
||||
mem_ctx = talloc_init("net_ads_gpo_list_all");
|
||||
if (mem_ctx == NULL) {
|
||||
return -1;
|
||||
}
|
||||
@ -150,9 +152,13 @@ static int net_ads_gpo_list(int argc, const char **argv)
|
||||
goto out;
|
||||
}
|
||||
|
||||
status = ads_do_search_all(ads, ads->config.bind_path,
|
||||
LDAP_SCOPE_SUBTREE,
|
||||
"(objectclass=groupPolicyContainer)", attrs, &res);
|
||||
status = ads_do_search_all_sd_flags(ads, ads->config.bind_path,
|
||||
LDAP_SCOPE_SUBTREE,
|
||||
"(objectclass=groupPolicyContainer)",
|
||||
attrs,
|
||||
DACL_SECURITY_INFORMATION,
|
||||
&res);
|
||||
|
||||
if (!ADS_ERR_OK(status)) {
|
||||
d_printf("search failed: %s\n", ads_errstr(status));
|
||||
goto out;
|
||||
@ -172,12 +178,12 @@ static int net_ads_gpo_list(int argc, const char **argv)
|
||||
status = ads_parse_gpo(ads, mem_ctx, msg, dn, &gpo);
|
||||
|
||||
if (!ADS_ERR_OK(status)) {
|
||||
d_printf("parse failed: %s\n", ads_errstr(status));
|
||||
d_printf("ads_parse_gpo failed: %s\n", ads_errstr(status));
|
||||
ads_memfree(ads, dn);
|
||||
goto out;
|
||||
}
|
||||
|
||||
dump_gpo(mem_ctx, &gpo, 1);
|
||||
dump_gpo(ads, mem_ctx, &gpo, 0);
|
||||
ads_memfree(ads, dn);
|
||||
}
|
||||
|
||||
@ -190,8 +196,62 @@ out:
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if 0 /* not yet */
|
||||
static int net_ads_gpo_list(int argc, const char **argv)
|
||||
{
|
||||
ADS_STRUCT *ads;
|
||||
ADS_STATUS status;
|
||||
LDAPMessage *res = NULL;
|
||||
TALLOC_CTX *mem_ctx;
|
||||
const char *dn = NULL;
|
||||
uint32 uac = 0;
|
||||
uint32 flags = 0;
|
||||
struct GROUP_POLICY_OBJECT *gpo_list;
|
||||
|
||||
if (argc < 1) {
|
||||
printf("usage: net ads gpo list <username|machinename>\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
mem_ctx = talloc_init("net_ads_gpo_list");
|
||||
if (mem_ctx == NULL) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
status = ads_startup(False, &ads);
|
||||
if (!ADS_ERR_OK(status)) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
status = ads_find_samaccount(ads, mem_ctx, argv[0], &uac, &dn);
|
||||
if (!ADS_ERR_OK(status)) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (uac & UF_WORKSTATION_TRUST_ACCOUNT) {
|
||||
flags |= GPO_LIST_FLAG_MACHINE;
|
||||
}
|
||||
|
||||
printf("%s: '%s' has dn: '%s'\n",
|
||||
(uac & UF_WORKSTATION_TRUST_ACCOUNT) ? "machine" : "user",
|
||||
argv[0], dn);
|
||||
|
||||
status = ads_get_gpo_list(ads, mem_ctx, dn, flags, &gpo_list);
|
||||
if (!ADS_ERR_OK(status)) {
|
||||
goto out;
|
||||
}
|
||||
|
||||
dump_gpo_list(ads, mem_ctx, gpo_list, 0);
|
||||
|
||||
out:
|
||||
ads_msgfree(ads, res);
|
||||
|
||||
talloc_destroy(mem_ctx);
|
||||
ads_destroy(&ads);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
#if 0 /* not yet */
|
||||
static int net_ads_gpo_apply(int argc, const char **argv)
|
||||
{
|
||||
TALLOC_CTX *mem_ctx;
|
||||
@ -249,7 +309,7 @@ out:
|
||||
|
||||
#endif
|
||||
|
||||
static int net_ads_gpo_get_link(int argc, const char **argv)
|
||||
static int net_ads_gpo_link_get(int argc, const char **argv)
|
||||
{
|
||||
ADS_STRUCT *ads;
|
||||
ADS_STATUS status;
|
||||
@ -257,7 +317,7 @@ static int net_ads_gpo_get_link(int argc, const char **argv)
|
||||
struct GP_LINK gp_link;
|
||||
|
||||
if (argc < 1) {
|
||||
printf("usage: net ads gpo getlink <linkname>\n");
|
||||
printf("usage: net ads gpo linkget <linkname>\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
@ -286,7 +346,7 @@ out:
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int net_ads_gpo_add_link(int argc, const char **argv)
|
||||
static int net_ads_gpo_link_add(int argc, const char **argv)
|
||||
{
|
||||
ADS_STRUCT *ads;
|
||||
ADS_STATUS status;
|
||||
@ -294,7 +354,7 @@ static int net_ads_gpo_add_link(int argc, const char **argv)
|
||||
TALLOC_CTX *mem_ctx;
|
||||
|
||||
if (argc < 2) {
|
||||
printf("usage: net ads gpo addlink <linkdn> <gpodn> [options]\n");
|
||||
printf("usage: net ads gpo linkadd <linkdn> <gpodn> [options]\n");
|
||||
printf("note: DNs must be provided properly escaped.\n See RFC 4514 for details\n");
|
||||
return -1;
|
||||
}
|
||||
@ -315,7 +375,7 @@ static int net_ads_gpo_add_link(int argc, const char **argv)
|
||||
|
||||
status = ads_add_gpo_link(ads, mem_ctx, argv[0], argv[1], gpo_opt);
|
||||
if (!ADS_ERR_OK(status)) {
|
||||
d_printf("add link failed: %s\n", ads_errstr(status));
|
||||
d_printf("link add failed: %s\n", ads_errstr(status));
|
||||
goto out;
|
||||
}
|
||||
|
||||
@ -328,7 +388,7 @@ out:
|
||||
|
||||
#if 0 /* broken */
|
||||
|
||||
static int net_ads_gpo_delete_link(int argc, const char **argv)
|
||||
static int net_ads_gpo_link_delete(int argc, const char **argv)
|
||||
{
|
||||
ADS_STRUCT *ads;
|
||||
ADS_STATUS status;
|
||||
@ -396,7 +456,7 @@ static int net_ads_gpo_get_gpo(int argc, const char **argv)
|
||||
goto out;
|
||||
}
|
||||
|
||||
dump_gpo(mem_ctx, &gpo, 1);
|
||||
dump_gpo(ads, mem_ctx, &gpo, 1);
|
||||
|
||||
out:
|
||||
talloc_destroy(mem_ctx);
|
||||
@ -408,14 +468,15 @@ out:
|
||||
int net_ads_gpo(int argc, const char **argv)
|
||||
{
|
||||
struct functable func[] = {
|
||||
{"LIST", net_ads_gpo_list},
|
||||
{"REFRESH", net_ads_gpo_refresh},
|
||||
{"ADDLINK", net_ads_gpo_add_link},
|
||||
/* {"DELETELINK", net_ads_gpo_delete_link}, */
|
||||
{"GETLINK", net_ads_gpo_get_link},
|
||||
/* {"APPLY", net_ads_gpo_apply}, */
|
||||
{"GETGPO", net_ads_gpo_get_gpo},
|
||||
{"HELP", net_ads_gpo_usage},
|
||||
/* {"APPLY", net_ads_gpo_apply}, */
|
||||
{"LINKADD", net_ads_gpo_link_add},
|
||||
/* {"LINKDELETE", net_ads_gpo_link_delete}, */
|
||||
{"LINKGET", net_ads_gpo_link_get},
|
||||
{"LIST", net_ads_gpo_list},
|
||||
{"LISTALL", net_ads_gpo_list_all},
|
||||
{"REFRESH", net_ads_gpo_refresh},
|
||||
{NULL, NULL}
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user