IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Use spoolss initialization function to set client version information for
iremotewinspool printer operations
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Use cmdline_messaging_context with its error checking instead of open
coding the same steps.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
This is only used by command line utilities and has additional
dependencies. Move to a separate file to contain the dependencies to the
command line tools.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13465
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
The dswriteaccountspn command is missing in drsuapi, add it so we can
use it in rpcclient.
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Return the validation info instead of the already mapped info3. Higher
layers need info6 if available, this is the first step in passing the
unmapped info up to callers.
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This used to not properly store the chained credentials back into the
netlogon_creds_cli tdb. This by the way is the bug that all the
routines for the NT4 style sam replication had that just disappeared.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep 25 13:42:19 CEST 2017 on sn-devel-144
These three commands don't use the netlogon credential chain
correctly. They are missing the netlogon_creds_store after the dcerpc
call, so they destroy the correct use of the netlogon creds.
The only valid server for these calls that I know of would be NT4, and
that should be gone long ago.
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This creates a context with access to a credentials, not credentials
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
There's no point recompiling all of source3 if netlogon_creds_cli.h is changed
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Guaranteed to stay around until the command exits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12932
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Only access through utility functions. Remove all the local pointer aliases
that were just being set to cmdline_auth_info in the client tools.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
One should not assume a REG_DWORD is always 4 byte long.
In an enumdata(ex) context, the first reply will return with content
in a buffer that can fill the largest entry in the array of attributes.
All subsequent queries then reuse this buffer even if the key/value
pair in question then is just a 4 byte DWORD. The remaining buffer
will be just empty and of no interest.
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sun May 7 03:28:21 CEST 2017 on sn-devel-144
I guess the primary reason for forcing lp_workgroup()
was the usage of -U% together with schannel,
see source3/script/tests/test_rpcclient_samlogon.sh
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12731
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 5 14:09:23 CEST 2017 on sn-devel-144
All users of POPT_COMMON_CREDENTIALS basically need the same logic,
while some ignore a broken smb.conf and some complain about it.
This will allow the future usage of config options in the
credential post processing.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is the only way to resolve cirular dependencies with these
libraries. I've tried several ways but this is the only way to do it
correctly. In future we should try to seperate them by passing down
information or making a more lightweight loadparm mechanism.
+---------+ +-------------+
| | | |
| param <---------+ +--------+ smbregistry |
| | | | | |
+----+----+ | | +------^------+
| +---+----v--+ |
| | | |
+----------> smbconf +------------+
| |
+-----------+
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This offers a global 'struct user_auth_info *cmdline_auth_info',
similar to the 'cmdline_credentials' we have in
source4/lib/cmdline/popt_common.c.
And we create that in the POPT_CALLBACK_REASON_PRE stage
and finalize it in the POPT_CALLBACK_REASON_POST stage.
That means much less boring work for the callers
and more freedom to change the user_auth_info internals
in future.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
This allows to test how an epmap-server deals with object_uuid during the
epm_Map call. On windows the object_uuid is always ignored expect for the case
when the first abstract_syntax in the tower is the mgmt service. Even in that
case, the role of the object_uuid is still unclear.
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
ULONG_PTR needs to be decoded as a uint3264 and not as a 'uint32 *'.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11197
Guenther
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This means we'll use the "client ipc min protocol", "client ipc max protocol"
and "client ipc signing" options. But "--signing=no" or "--signing=required"
still overwrite "client ipc signing".
The following can be used to alter the max protocol
rpcclient --option="client ipc max protocol=SMB2_10" 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
rpcclient --option="client ipc max protocol=NT1" 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
rpcclient 172.31.9.163 -Uadministrator%A1b2C3d4 -c "getusername"
Account Name: Administrator, Authority Name: W4EDOM-L4
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11927
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat May 21 05:01:15 CEST 2016 on sn-devel-144
This reverts commit a55ac51f5f.
This will be implemented in a more common way using the
"client ipc max protocol" option.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11927
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu May 12 17:36:09 CEST 2016 on sn-devel-144
ncacn_ip_tcp:server should get the same protection as ncacn_np:server
if authentication and smb signing is used.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11616
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Prevent rpccli_netlogon_password_logon being called with 'NULL' credentials.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11569
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This allows setting the DFS flags through a NetShareSetInfo with info
level 1005.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
This allows querying the DFS flags and the csc policy. Also update the
usage info that ths share name is not optional and print the supported
info levels.
Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
https://bugzilla.samba.org/show_bug.cgi?id=11199
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Thu Apr 9 16:57:15 CEST 2015 on sn-devel-104
A lot of calls on the netlogon pipe doesn't require netlogon credentials,
e.g. netr_LogonControl*() should work just with administrator credentials.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Note that you need to call rpcclient with ncacn_ip_tcp:$target[sign,seal],
otherwise clusapi will not allow success.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This passing struct cli_credentials allows the usage of the previous password.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11085
When rpcclient is called like:
$ rpcclient -c "getdata . Osversion"
at end of output is added one nonsense line
OsVersion: Osversion:
This patch removes this line and adds more human friendly ouput:
OsMajor: num
OsMinor: num
OsBuild: num
for OsVersion query.
For OsVersionEx two more lines are added:
OsMajor: num
OsMinor: num
OsBuild: num
ServicePackMajor: num
ServicePackMinor: num
Signed-off-by: Robin Hack <hack.robin@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Change-Id: I7333140906bb3a487205b5760396dcc00a9f49b0
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This is very helpful in the trusted domain situation, as we may not
have a two-way trust but we can use our domain trust account to set up
a connection to NETLOGON
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 8 12:48:15 CEST 2014 on sn-devel-104
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Oct 8 03:36:52 CEST 2014 on sn-devel-104
This allows us to pass this value in directly from the cli_credentials structure in winbindd, once we merge this with cli_rpc_pipe_open_spnego().
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This allows us to pass this value in directly from the cli_credentials
structure in winbindd.
Andrew Bartlett
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Samuel Cabrero <scabrero@zentyal.com>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
FSRVP can possibly return any HRESULT error in addition to it's own
specific errors. This change searches the HRESULT errors for a description
if the error doesn't match any of the known FSRVP ones.
Also removed some errors defined in fsrvp.idl (now that they are defined
in hresult.h)
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Use similar behaviour to the diskshadow.exe FSRVP client, which aborts
the shadow-copy set if it receives a failed commit response.
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Apr 1 00:54:06 CEST 2014 on sn-devel-104
The Windows Server 2012 FSRVP server exhibits strange behaviour when
exposing hidden shadow copy shares. If the hidden share UNC in the
AddToShadowCopySet request includes a trailing backslash (e.g.
"\\server\share$\"), then the new shadow-copy share will also be hidden
(e.g. "\\server\share$@{ShadowCopy.ShadowCopyId}$").
However, if the UNC does not include a trailing backslash, which until
now was rpcclient's default behaviour, then the exposed shadow-copy
share is not hidden.
Thanks to the MS Open Specifications team for helping me track down this
one.
bug: https://bugzilla.samba.org/show_bug.cgi?id=10521
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Mar 8 03:52:44 CET 2014 on sn-devel-104
It expects a messaging_context now
and returns a netlogon_creds_cli_context.
This way we can finally avoid having a rpc_pipe_client->netlogon_creds.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
rpccli_netlogon_setup_creds() is already called in the main do_cmd()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This is based on a patch from Garming Sam <garming@catalyst.net.nz>.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185
Signed-off-by: Jeremy Allison <jra@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Mon Dec 9 09:00:41 CET 2013 on sn-devel-104
For domain sids, don't print NAME\*unknown* but print NAME instead.
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
We are using the wrong variable for the returned count.
Reported by <pisymbol@gmail.com>.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Aug 21 17:30:33 CEST 2013 on sn-devel-104
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Nov 8 21:24:21 CET 2012 on sn-devel-104
logonctrl2 function in rpcclient did not allow to specify arguments
to most of netr_LogonControl2 function code points.
In addition, make descriptive help to show what is expected at each
function code point.
Autobuild-User(master): Alexander Bokovoy <ab@samba.org>
Autobuild-Date(master): Thu Jun 21 12:11:19 CEST 2012 on sn-devel-104
fss_create_expose connects to an FSRVP server and negotiates the
creation and exposure of a share shadow-copy.
shadow-copies of multiple shares can be requested with a single
fss_create_expose request.
ddiss@plati:~> bin/rpcclient -k -U 'LURCH\administrator%password' \
ncacn_np:lutze[sign]
rpcclient $> fss_create_expose backup ro hyper
381884f2-b578-45ea-b8d2-cf82491f4011: shadow-copy set created
...
share hyper@{B6137E21-9CBB-4547-A21D-E7AD40D0874B} exposed as a snapshot
of \\lutze\hyper
fss_delete removes the shadow-copy share:
rpcclient $> fss_delete hyper 381884f2-b578-45ea-b8d2-cf82491f4011 \
b6137e21-9cbb-4547-a21d-e7ad40d0874
Shadow-copies can be created read-write or read-only.
Experimenting with Windows Server "8" beta, a recovery complete call is
required after creating a read-write (ATTR_AUTO_RECOVERY) shadow copy.
Otherwise subsequent creation requests fail with
FSRVP_E_SHADOW_COPY_SET_IN_PROGRESS.