sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
Code
samba-mirror/source3/rpcclient/cmd_netlogon.c
Andrew Bartlett f071020f5e Merge from HEAD - save the type of channel used to contact the DC. 
This allows us to join as a BDC, without appearing on the network as one
until we have the database replicated, and the admin changes the configuration.

This also change the SID retreval order from secrets.tdb, so we no longer
require a 'net rpc getsid' - the sid fetch during the domain join is sufficient.
Also minor fixes to 'net'.

Andrew Bartlett
(This used to be commit 876e00fd112e4aaf7519eec27f382eb99ec7562a)
2003-04-21 14:09:03 +00:00

325 lines
10 KiB
C
Raw Blame History

/*
Unix SMB/CIFS implementation.
RPC pipe client
Copyright (C) Tim Potter 2000
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include "rpcclient.h"
static NTSTATUS cmd_netlogon_logon_ctrl2(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
uint32 query_level = 1;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
if (argc > 1) {
fprintf(stderr, "Usage: %s\n", argv[0]);
return NT_STATUS_OK;
}
result = cli_netlogon_logon_ctrl2(cli, mem_ctx, query_level);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
done:
return result;
}
static NTSTATUS cmd_netlogon_logon_ctrl(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
#if 0
uint32 query_level = 1;
#endif
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
if (argc > 1) {
fprintf(stderr, "Usage: %s\n", argv[0]);
return NT_STATUS_OK;
}
#if 0
result = cli_netlogon_logon_ctrl(cli, mem_ctx, query_level);
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
#endif
/* Display results */
return result;
}
/* Display sam synchronisation information */
static void display_sam_sync(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas,
SAM_DELTA_CTR *deltas)
{
fstring name;
uint32 i, j;
for (i = 0; i < num_deltas; i++) {
switch (hdr_deltas[i].type) {
case SAM_DELTA_DOMAIN_INFO:
unistr2_to_ascii(name,
&deltas[i].domain_info.uni_dom_name,
sizeof(name) - 1);
printf("Domain: %s\n", name);
break;
case SAM_DELTA_GROUP_INFO:
unistr2_to_ascii(name,
&deltas[i].group_info.uni_grp_name,
sizeof(name) - 1);
printf("Group: %s\n", name);
break;
case SAM_DELTA_ACCOUNT_INFO:
unistr2_to_ascii(name,
&deltas[i].account_info.uni_acct_name,
sizeof(name) - 1);
printf("Account: %s\n", name);
break;
case SAM_DELTA_ALIAS_INFO:
unistr2_to_ascii(name,
&deltas[i].alias_info.uni_als_name,
sizeof(name) - 1);
printf("Alias: %s\n", name);
break;
case SAM_DELTA_ALIAS_MEM: {
SAM_ALIAS_MEM_INFO *alias = &deltas[i].als_mem_info;
for (j = 0; j < alias->num_members; j++) {
fstring sid_str;
sid_to_string(sid_str, &alias->sids[j].sid);
printf("%s\n", sid_str);
}
break;
}
case SAM_DELTA_GROUP_MEM: {
SAM_GROUP_MEM_INFO *group = &deltas[i].grp_mem_info;
for (j = 0; j < group->num_members; j++)
printf("rid 0x%x, attrib 0x%08x\n",
group->rids[j], group->attribs[j]);
break;
}
case SAM_DELTA_MODIFIED_COUNT: {
SAM_DELTA_MOD_COUNT *mc = &deltas[i].mod_count;
printf("sam sequence update: 0x%04x\n", mc->seqnum);
break;
}
default:
printf("unknown delta type 0x%02x\n",
hdr_deltas[i].type);
break;
}
}
}
/* Perform sam synchronisation */
static NTSTATUS cmd_netlogon_sam_sync(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
unsigned char trust_passwd[16];
uint32 database_id = 0, num_deltas;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
DOM_CRED ret_creds;
uint32 neg_flags = 0x000001ff;
uint32 sec_channel_type = 0;
if (argc > 2) {
fprintf(stderr, "Usage: %s [database_id]\n", argv[0]);
return NT_STATUS_OK;
}
if (argc == 2)
database_id = atoi(argv[1]);
if (!secrets_init()) {
fprintf(stderr, "Unable to initialise secrets database\n");
return result;
}
/* Initialise session credentials */
if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd,
NULL, &sec_channel_type)) {
fprintf(stderr, "could not fetch trust account password\n");
goto done;
}
result = cli_nt_setup_creds(cli, sec_channel_type, trust_passwd, &neg_flags, 2);
if (!NT_STATUS_IS_OK(result)) {
fprintf(stderr, "Error initialising session creds\n");
goto done;
}
/* on first call the returnAuthenticator is empty */
memset(&ret_creds, 0, sizeof(ret_creds));
/* Synchronise sam database */
result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, database_id,
0, &num_deltas, &hdr_deltas, &deltas);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
display_sam_sync(num_deltas, hdr_deltas, deltas);
done:
return result;
}
/* Perform sam delta synchronisation */
static NTSTATUS cmd_netlogon_sam_deltas(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
unsigned char trust_passwd[16];
uint32 database_id, num_deltas, tmp;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
UINT64_S seqnum;
uint32 neg_flags = 0x000001ff;
uint32 sec_channel_type = 0;
if (argc != 3) {
fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]);
return NT_STATUS_OK;
}
database_id = atoi(argv[1]);
tmp = atoi(argv[2]);
seqnum.low = tmp & 0xffff;
seqnum.high = 0;
if (!secrets_init()) {
fprintf(stderr, "Unable to initialise secrets database\n");
goto done;
}
/* Initialise session credentials */
if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd,
NULL, &sec_channel_type)) {
fprintf(stderr, "could not fetch trust account password\n");
goto done;
}
result = cli_nt_setup_creds(cli, sec_channel_type, trust_passwd, &neg_flags, 2);
if (!NT_STATUS_IS_OK(result)) {
fprintf(stderr, "Error initialising session creds\n");
goto done;
}
/* Synchronise sam database */
result = cli_netlogon_sam_deltas(cli, mem_ctx, database_id,
seqnum, &num_deltas,
&hdr_deltas, &deltas);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
display_sam_sync(num_deltas, hdr_deltas, deltas);
done:
return result;
}
/* Log on a domain user */
static NTSTATUS cmd_netlogon_sam_logon(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
int logon_type = NET_LOGON_TYPE;
const char *username, *password;
uint32 neg_flags = 0x000001ff;
int auth_level = 2;
/* Check arguments */
if (argc < 3 || argc > 6) {
fprintf(stderr, "Usage: samlogon <username> <password> "
"[logon_type] [neg flags] [auth level (2 or 3)]\n"
"neg flags being 0x000001ff or 0x6007ffff\n");
return NT_STATUS_OK;
}
username = argv[1];
password = argv[2];
if (argc == 4)
sscanf(argv[3], "%i", &logon_type);
if (argc == 5)
sscanf(argv[4], "%i", &neg_flags);
if (argc == 6)
sscanf(argv[5], "%i", &auth_level);
/* Perform the sam logon */
result = cli_netlogon_sam_logon(cli, mem_ctx, username, password, logon_type);
if (!NT_STATUS_IS_OK(result))
goto done;
done:
return result;
}
/* List of commands exported by this module */
struct cmd_set netlogon_commands[] = {
{ "NETLOGON" },
{ "logonctrl2", RPC_RTYPE_NTSTATUS, cmd_netlogon_logon_ctrl2, NULL, PI_NETLOGON, "Logon Control 2", "" },
{ "logonctrl", RPC_RTYPE_NTSTATUS, cmd_netlogon_logon_ctrl, NULL, PI_NETLOGON, "Logon Control", "" },
{ "samsync", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_sync, NULL, PI_NETLOGON, "Sam Synchronisation", "" },
{ "samdeltas", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_deltas, NULL, PI_NETLOGON, "Query Sam Deltas", "" },
{ "samlogon", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_logon, NULL, PI_NETLOGON, "Sam Logon", "" },
{ NULL }
};
View Git Blame Copy Permalink