#include "secrets.h"
#include "lib/netapi/netapi.h"
#include "lib/netapi/netapi_net.h"
+#include "librpc/gen_ndr/libnet_join.h"
+#include "libnet/libnet_join.h"
#include "rpc_client/init_lsa.h"
#include "../libcli/security/security.h"
#include "libsmb/libsmb.h"
#include "libsmb/clirap.h"
#include "nsswitch/libwbclient/wbclient.h"
#include "passdb.h"
+#include "../libcli/smb/smbXcli_base.h"
static int net_mode_share;
static NTSTATUS sync_files(struct copy_clistate *cp_clistate, const char *mask);
union lsa_PolicyInformation *info = NULL;
struct dcerpc_binding_handle *b;
- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&lsa_pipe);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Could not initialise lsa pipe\n"));
int run_rpc_command(struct net_context *c,
struct cli_state *cli_arg,
- const struct ndr_syntax_id *interface,
+ const struct ndr_interface_table *table,
int conn_flags,
rpc_command_fn fn,
int argc,
if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
if (lp_client_schannel()
- && (ndr_syntax_id_equal(interface,
+ && (ndr_syntax_id_equal(&table->syntax_id,
&ndr_table_netlogon.syntax_id))) {
/* Always try and create an schannel netlogon pipe. */
nt_status = cli_rpc_pipe_open_schannel(
- cli, interface, NCACN_NP,
+ cli, table, NCACN_NP,
DCERPC_AUTH_LEVEL_PRIVACY, domain_name,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
}
} else {
if (conn_flags & NET_FLAGS_SEAL) {
- nt_status = cli_rpc_pipe_open_ntlmssp(
- cli, interface,
+ nt_status = cli_rpc_pipe_open_generic_auth(
+ cli, table,
(conn_flags & NET_FLAGS_TCP) ?
NCACN_IP_TCP : NCACN_NP,
+ DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_PRIVACY,
+ smbXcli_conn_remote_name(cli->conn),
lp_workgroup(), c->opt_user_name,
c->opt_password, &pipe_hnd);
} else {
nt_status = cli_rpc_pipe_open_noauth(
- cli, interface,
+ cli, table,
&pipe_hnd);
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise pipe %s. Error was %s\n",
- get_pipe_name_from_syntax(
- talloc_tos(), interface),
+ table->name,
nt_errstr(nt_status) ));
goto fail;
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_netlogon,
NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
rpc_changetrustpw_internals,
argc, argv);
}
/**
- * Join a domain, the old way.
+ * Join a domain, the old way. This function exists to allow
+ * the message to be displayed when oldjoin was explicitly
+ * requested, but not when it was implied by "net rpc join".
*
* This uses 'machinename' as the inital password, and changes it.
*
* The password should be created with 'server manager' or equiv first.
*
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success).
**/
-static NTSTATUS rpc_oldjoin_internals(struct net_context *c,
- const struct dom_sid *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv)
{
+ struct libnet_JoinCtx *r = NULL;
+ TALLOC_CTX *mem_ctx;
+ WERROR werr;
+ const char *domain = lp_workgroup(); /* FIXME */
+ bool modify_config = lp_config_backend_is_registry();
+ enum netr_SchannelType sec_chan_type;
+ char *pw = NULL;
- fstring trust_passwd;
- unsigned char orig_trust_passwd_hash[16];
- NTSTATUS result;
- enum netr_SchannelType sec_channel_type;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net rpc oldjoin\n"
+ " Join a domain the old way\n");
+ return 0;
+ }
- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id,
- &pipe_hnd);
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(0,("rpc_oldjoin_internals: netlogon pipe open to machine %s failed. "
- "error was %s\n",
- cli->desthost,
- nt_errstr(result) ));
- return result;
+ mem_ctx = talloc_init("net_rpc_oldjoin");
+ if (!mem_ctx) {
+ return -1;
+ }
+
+ werr = libnet_init_JoinCtx(mem_ctx, &r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
}
/*
a BDC, the server must agree that we are a BDC.
*/
if (argc >= 0) {
- sec_channel_type = get_sec_channel_type(argv[0]);
+ sec_chan_type = get_sec_channel_type(argv[0]);
} else {
- sec_channel_type = get_sec_channel_type(NULL);
+ sec_chan_type = get_sec_channel_type(NULL);
}
- fstrcpy(trust_passwd, global_myname());
- strlower_m(trust_passwd);
+ if (!c->msg_ctx) {
+ d_fprintf(stderr, _("Could not initialise message context. "
+ "Try running as root\n"));
+ werr = WERR_ACCESS_DENIED;
+ goto fail;
+ }
- /*
- * Machine names can be 15 characters, but the max length on
- * a password is 14. --jerry
- */
+ pw = talloc_strndup(r, lp_netbios_name(), 14);
+ if (pw == NULL) {
+ werr = WERR_NOMEM;
+ goto fail;
+ }
- trust_passwd[14] = '\0';
+ r->in.msg_ctx = c->msg_ctx;
+ r->in.domain_name = domain;
+ r->in.secure_channel_type = sec_chan_type;
+ r->in.dc_name = c->opt_host;
+ r->in.admin_account = "";
+ r->in.admin_password = strlower_talloc(r, pw);
+ if (r->in.admin_password == NULL) {
+ werr = WERR_NOMEM;
+ goto fail;
+ }
+ r->in.debug = true;
+ r->in.modify_config = modify_config;
+ r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
+ WKSSVC_JOIN_FLAGS_JOIN_UNSECURE |
+ WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED;
- E_md4hash(trust_passwd, orig_trust_passwd_hash);
+ werr = libnet_Join(mem_ctx, r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
+ }
- result = trust_pw_change_and_store_it(pipe_hnd, mem_ctx, c->opt_target_workgroup,
- global_myname(),
- orig_trust_passwd_hash,
- sec_channel_type);
+ /* Check the short name of the domain */
- if (NT_STATUS_IS_OK(result))
- printf(_("Joined domain %s.\n"), c->opt_target_workgroup);
+ if (!modify_config && !strequal(lp_workgroup(), r->out.netbios_domain_name)) {
+ d_printf("The workgroup in %s does not match the short\n", get_dyn_CONFIGFILE());
+ d_printf("domain name obtained from the server.\n");
+ d_printf("Using the name [%s] from the server.\n", r->out.netbios_domain_name);
+ d_printf("You should set \"workgroup = %s\" in %s.\n",
+ r->out.netbios_domain_name, get_dyn_CONFIGFILE());
+ }
+ d_printf("Using short domain name -- %s\n", r->out.netbios_domain_name);
- if (!secrets_store_domain_sid(c->opt_target_workgroup, domain_sid)) {
- DEBUG(0, ("error storing domain sid for %s\n", c->opt_target_workgroup));
- result = NT_STATUS_UNSUCCESSFUL;
+ if (r->out.dns_domain_name) {
+ d_printf("Joined '%s' to realm '%s'\n", r->in.machine_name,
+ r->out.dns_domain_name);
+ } else {
+ d_printf("Joined '%s' to domain '%s'\n", r->in.machine_name,
+ r->out.netbios_domain_name);
}
- return result;
+ TALLOC_FREE(mem_ctx);
+
+ return 0;
+
+fail:
+ if (c->opt_flags & NET_FLAGS_EXPECT_FALLBACK) {
+ goto cleanup;
+ }
+
+ /* issue an overall failure message at the end. */
+ d_fprintf(stderr, _("Failed to join domain: %s\n"),
+ r && r->out.error_string ? r->out.error_string :
+ get_friendly_werror_msg(werr));
+
+cleanup:
+ TALLOC_FREE(mem_ctx);
+
+ return -1;
}
/**
- * Join a domain, the old way.
+ * check that a join is OK
*
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
+ * @return A shell status integer (0 for success)
*
- * @return A shell status integer (0 for success).
**/
-
-static int net_rpc_perform_oldjoin(struct net_context *c, int argc, const char **argv)
+int net_rpc_testjoin(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
- NET_FLAGS_NO_PIPE | NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
- rpc_oldjoin_internals,
- argc, argv);
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx;
+ const char *domain = c->opt_target_workgroup;
+ const char *dc = c->opt_host;
+
+ if (c->display_usage) {
+ d_printf("Usage\n"
+ "net rpc testjoin\n"
+ " Test if a join is OK\n");
+ return 0;
+ }
+
+ mem_ctx = talloc_init("net_rpc_testjoin");
+ if (!mem_ctx) {
+ return -1;
+ }
+
+ if (!dc) {
+ struct netr_DsRGetDCNameInfo *info;
+
+ if (!c->msg_ctx) {
+ d_fprintf(stderr, _("Could not initialise message context. "
+ "Try running as root\n"));
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
+
+ status = dsgetdcname(mem_ctx,
+ c->msg_ctx,
+ domain,
+ NULL,
+ NULL,
+ DS_RETURN_DNS_NAME,
+ &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
+
+ dc = strip_hostname(info->dc_unc);
+ }
+
+ /* Display success or failure */
+ status = libnet_join_ok(c->opt_workgroup, lp_netbios_name(), dc,
+ c->opt_kerberos);
+ if (!NT_STATUS_IS_OK(status)) {
+ fprintf(stderr,"Join to domain '%s' is not valid: %s\n",
+ domain, nt_errstr(status));
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
+
+ printf("Join to '%s' is OK\n",domain);
+ talloc_destroy(mem_ctx);
+
+ return 0;
}
/**
- * Join a domain, the old way. This function exists to allow
- * the message to be displayed when oldjoin was explicitly
- * requested, but not when it was implied by "net rpc join".
+ * Join a domain using the administrator username and password
*
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
+ * @param argc Standard main() style argc
+ * @param argc Standard main() style argv. Initial components are already
+ * stripped. Currently not used.
+ * @return A shell status integer (0 for success)
*
- * @return A shell status integer (0 for success).
**/
-static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv)
+static int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
{
- int rc = -1;
+ struct libnet_JoinCtx *r = NULL;
+ TALLOC_CTX *mem_ctx;
+ WERROR werr;
+ const char *domain = lp_workgroup(); /* FIXME */
+ bool modify_config = lp_config_backend_is_registry();
+ enum netr_SchannelType sec_chan_type;
if (c->display_usage) {
- d_printf( "%s\n"
- "net rpc oldjoin\n"
- " %s\n",
- _("Usage:"),
- _("Join a domain the old way"));
+ d_printf("Usage:\n"
+ "net rpc join\n"
+ " Join a domain the new way\n");
return 0;
}
- rc = net_rpc_perform_oldjoin(c, argc, argv);
+ mem_ctx = talloc_init("net_rpc_join_newstyle");
+ if (!mem_ctx) {
+ return -1;
+ }
- if (rc) {
- d_fprintf(stderr, _("Failed to join domain\n"));
+ werr = libnet_init_JoinCtx(mem_ctx, &r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
}
- return rc;
+ /*
+ check what type of join - if the user want's to join as
+ a BDC, the server must agree that we are a BDC.
+ */
+ if (argc >= 0) {
+ sec_chan_type = get_sec_channel_type(argv[0]);
+ } else {
+ sec_chan_type = get_sec_channel_type(NULL);
+ }
+
+ if (!c->msg_ctx) {
+ d_fprintf(stderr, _("Could not initialise message context. "
+ "Try running as root\n"));
+ werr = WERR_ACCESS_DENIED;
+ goto fail;
+ }
+
+ r->in.msg_ctx = c->msg_ctx;
+ r->in.domain_name = domain;
+ r->in.secure_channel_type = sec_chan_type;
+ r->in.dc_name = c->opt_host;
+ r->in.admin_account = c->opt_user_name;
+ r->in.admin_password = net_prompt_pass(c, c->opt_user_name);
+ r->in.debug = true;
+ r->in.use_kerberos = c->opt_kerberos;
+ r->in.modify_config = modify_config;
+ r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
+ WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |
+ WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED;
+
+ werr = libnet_Join(mem_ctx, r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
+ }
+
+ /* Check the short name of the domain */
+
+ if (!modify_config && !strequal(lp_workgroup(), r->out.netbios_domain_name)) {
+ d_printf("The workgroup in %s does not match the short\n", get_dyn_CONFIGFILE());
+ d_printf("domain name obtained from the server.\n");
+ d_printf("Using the name [%s] from the server.\n", r->out.netbios_domain_name);
+ d_printf("You should set \"workgroup = %s\" in %s.\n",
+ r->out.netbios_domain_name, get_dyn_CONFIGFILE());
+ }
+
+ d_printf("Using short domain name -- %s\n", r->out.netbios_domain_name);
+
+ if (r->out.dns_domain_name) {
+ d_printf("Joined '%s' to realm '%s'\n", r->in.machine_name,
+ r->out.dns_domain_name);
+ } else {
+ d_printf("Joined '%s' to domain '%s'\n", r->in.machine_name,
+ r->out.netbios_domain_name);
+ }
+
+ TALLOC_FREE(mem_ctx);
+
+ return 0;
+
+fail:
+ /* issue an overall failure message at the end. */
+ d_printf("Failed to join domain: %s\n",
+ r && r->out.error_string ? r->out.error_string :
+ get_friendly_werror_msg(werr));
+
+ TALLOC_FREE(mem_ctx);
+
+ return -1;
}
/**
int net_rpc_join(struct net_context *c, int argc, const char **argv)
{
+ int ret;
+
if (c->display_usage) {
d_printf("%s\n%s",
_("Usage:"),
return -1;
}
- if (strlen(global_myname()) > 15) {
+ if (strlen(lp_netbios_name()) > 15) {
d_printf(_("Our netbios name can be at most 15 chars long, "
"\"%s\" is %u chars long\n"),
- global_myname(), (unsigned int)strlen(global_myname()));
+ lp_netbios_name(), (unsigned int)strlen(lp_netbios_name()));
return -1;
}
- if ((net_rpc_perform_oldjoin(c, argc, argv) == 0))
+ c->opt_flags |= NET_FLAGS_EXPECT_FALLBACK;
+ ret = net_rpc_oldjoin(c, argc, argv);
+ c->opt_flags &= ~NET_FLAGS_EXPECT_FALLBACK;
+ if (ret == 0) {
return 0;
+ }
return net_rpc_join_newstyle(c, argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_samr,
NET_FLAGS_PDC, rpc_info_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_samr,
conn_flags,
rpc_getsid_internals,
argc, argv);
if (argv[1]) {
u1003.usri1003_password = argv[1];
} else {
+ char pwd[256] = {0};
ret = asprintf(&prompt, _("Enter new password for %s:"),
argv[0]);
if (ret == -1) {
return -1;
}
- u1003.usri1003_password = talloc_strdup(c, getpass(prompt));
+
+ ret = samba_getpass(prompt, pwd, sizeof(pwd), false, false);
SAFE_FREE(prompt);
+ if (ret < 0) {
+ return -1;
+ }
+
+ u1003.usri1003_password = talloc_strdup(c, pwd);
if (u1003.usri1003_password == NULL) {
return -1;
}
ZERO_STRUCT(domain_pol);
ZERO_STRUCT(user_pol);
- status = net_rpc_lookup_name(c, mem_ctx, rpc_pipe_np_smb_conn(pipe_hnd),
+ status = net_rpc_lookup_name(c, mem_ctx, ctx->cli,
argv[0], NULL, NULL, &sid, &type);
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Could not lookup %s: %s\n"), argv[0],
{
static struct rpc_sh_cmd cmds[] = {
- { "fullname", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "fullname", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's full name") },
- { "homedir", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "homedir", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's home directory") },
- { "homedrive", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "homedrive", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's home drive") },
- { "logonscript", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "logonscript", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's logon script") },
- { "profilepath", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "profilepath", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's profile path") },
- { "description", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "description", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's description") },
- { "disabled", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "disabled", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user is disabled") },
- { "autolock", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "autolock", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user locked out") },
- { "pwnotreq", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "pwnotreq", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user does not need a password") },
- { "pwnoexp", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "pwnoexp", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user's password does not expire") },
{ NULL, NULL, 0, NULL, NULL }
{
static struct rpc_sh_cmd cmds[] = {
- { "list", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_list,
+ { "list", NULL, &ndr_table_samr, rpc_sh_user_list,
N_("List available users") },
- { "info", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_info,
+ { "info", NULL, &ndr_table_samr, rpc_sh_user_info,
N_("List the domain groups a user is member of") },
- { "show", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_show,
+ { "show", NULL, &ndr_table_samr, rpc_sh_user_show,
N_("Show info about a user") },
{ "edit", net_rpc_user_edit_cmds, 0, NULL,
static int rpc_group_delete(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_delete_internals, argc,argv);
}
NTSTATUS status, result;
struct dcerpc_binding_handle *b;
- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
if (!NT_STATUS_IS_OK(status)) {
goto done;
TALLOC_FREE(pipe_hnd);
}
- if (!NT_STATUS_IS_OK(status) && (StrnCaseCmp(name, "S-", 2) == 0)) {
+ if (!NT_STATUS_IS_OK(status) && (strncasecmp_m(name, "S-", 2) == 0)) {
/* Try as S-1-5-whatever */
}
static NTSTATUS rpc_add_aliasmem(struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *alias_sid,
- const char *member)
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *alias_sid,
+ const char *member)
{
struct policy_handle connect_pol, domain_pol;
NTSTATUS status, result;
return NT_STATUS_UNSUCCESSFUL;
}
- result = get_sid_from_name(rpc_pipe_np_smb_conn(pipe_hnd), mem_ctx,
+ result = get_sid_from_name(cli, mem_ctx,
member, &member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
}
if (group_type == SID_NAME_ALIAS) {
- NTSTATUS result = rpc_add_aliasmem(pipe_hnd, mem_ctx,
+ NTSTATUS result = rpc_add_aliasmem(pipe_hnd, cli, mem_ctx,
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
static int rpc_group_addmem(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_addmem_internals,
argc, argv);
}
}
static NTSTATUS rpc_del_aliasmem(struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *alias_sid,
- const char *member)
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *alias_sid,
+ const char *member)
{
struct policy_handle connect_pol, domain_pol;
NTSTATUS status, result;
if (!sid_split_rid(&sid, &alias_rid))
return NT_STATUS_UNSUCCESSFUL;
- result = get_sid_from_name(rpc_pipe_np_smb_conn(pipe_hnd), mem_ctx,
+ result = get_sid_from_name(cli, mem_ctx,
member, &member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
}
if (group_type == SID_NAME_ALIAS) {
- NTSTATUS result = rpc_del_aliasmem(pipe_hnd, mem_ctx,
+ NTSTATUS result = rpc_del_aliasmem(pipe_hnd, cli, mem_ctx,
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
static int rpc_group_delmem(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_delmem_internals,
argc, argv);
}
static int rpc_group_list(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_list_internals,
argc, argv);
}
}
static NTSTATUS rpc_list_alias_members(struct net_context *c,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *domain_pol,
- uint32 rid)
+ struct rpc_pipe_client *pipe_hnd,
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *domain_pol,
+ uint32 rid)
{
NTSTATUS result, status;
struct rpc_pipe_client *lsa_pipe;
return NT_STATUS_OK;
}
- result = cli_rpc_pipe_open_noauth(rpc_pipe_np_smb_conn(pipe_hnd),
- &ndr_table_lsarpc.syntax_id,
+ result = cli_rpc_pipe_open_noauth(cli,
+ &ndr_table_lsarpc,
&lsa_pipe);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, _("Couldn't open LSA pipe. Error was %s\n"),
return result;
}
- alias_sids = TALLOC_ZERO_ARRAY(mem_ctx, struct dom_sid, num_members);
+ alias_sids = talloc_zero_array(mem_ctx, struct dom_sid, num_members);
if (!alias_sids) {
d_fprintf(stderr, _("Out of memory\n"));
TALLOC_FREE(lsa_pipe);
}
if (rid_types.ids[0] == SID_NAME_ALIAS) {
- return rpc_list_alias_members(c, pipe_hnd, mem_ctx, &domain_pol,
+ return rpc_list_alias_members(c, pipe_hnd, cli, mem_ctx, &domain_pol,
rids.ids[0]);
}
return rpc_group_usage(c, argc, argv);
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_members_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_list_internals,
argc, argv);
}
{
struct srvsvc_NetShareCtr1 *ctr1;
- ctr1 = TALLOC_ZERO_P(mem_ctx, struct srvsvc_NetShareCtr1);
+ ctr1 = talloc_zero(mem_ctx, struct srvsvc_NetShareCtr1);
W_ERROR_HAVE_NO_MEMORY(ctr1);
ctr1->count = 1;
{
struct srvsvc_NetShareCtr2 *ctr2;
- ctr2 = TALLOC_ZERO_P(mem_ctx, struct srvsvc_NetShareCtr2);
+ ctr2 = talloc_zero(mem_ctx, struct srvsvc_NetShareCtr2);
W_ERROR_HAVE_NO_MEMORY(ctr2);
ctr2->count = 1;
{
struct srvsvc_NetShareCtr502 *ctr502;
- ctr502 = TALLOC_ZERO_P(mem_ctx, struct srvsvc_NetShareCtr502);
+ ctr502 = talloc_zero(mem_ctx, struct srvsvc_NetShareCtr502);
W_ERROR_HAVE_NO_MEMORY(ctr502);
ctr502->count = 1;
{
NTSTATUS status;
- status = cli_tcon_andx(cli, netname, "A:", "", 0);
+ status = cli_tree_connect(cli, netname, "A:", "", 0);
if (!NT_STATUS_IS_OK(status)) {
d_printf(_("skipping [%s]: not a file share.\n"), netname);
return false;
/* connect destination PI_SRVSVC */
nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe,
- &ndr_table_srvsvc.syntax_id);
+ &ndr_table_srvsvc);
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_shares_internals,
argc, argv);
}
}
/* search below that directory */
- strlcpy(new_mask, dir, sizeof(new_mask));
- strlcat(new_mask, "\\*", sizeof(new_mask));
+ if (strlcpy(new_mask, dir, sizeof(new_mask)) >= sizeof(new_mask)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (strlcat(new_mask, "\\*", sizeof(new_mask)) >= sizeof(new_mask)) {
+ return NT_STATUS_NO_MEMORY;
+ }
old_dir = local_state->cwd;
local_state->cwd = dir;
DEBUG(3,("calling cli_list with mask: %s\n", mask));
- if ( !cli_resolve_path(talloc_tos(), "", NULL, cp_clistate->cli_share_src,
- mask, &targetcli, &targetpath ) ) {
+ status = cli_resolve_path(talloc_tos(), "", NULL,
+ cp_clistate->cli_share_src,
+ mask, &targetcli, &targetpath);
+ if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("cli_resolve_path %s failed with error: "
"%s\n"),
- mask, cli_errstr(cp_clistate->cli_share_src));
- return cli_nt_error(cp_clistate->cli_share_src);
+ mask, nt_errstr(status));
+ return status;
}
status = cli_list(targetcli, targetpath, cp_clistate->attribute,
/* open share source */
nt_status = connect_to_service(c, &cp_clistate.cli_share_src,
- &cli->dest_ss, cli->desthost,
+ smbXcli_conn_remote_sockaddr(cli->conn),
+ smbXcli_conn_remote_name(cli->conn),
info502.name, "A:");
if (!NT_STATUS_IS_OK(nt_status))
goto done;
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_files_internals,
argc, argv);
}
/* connect destination PI_SRVSVC */
nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe,
- &ndr_table_srvsvc.syntax_id);
+ &ndr_table_srvsvc);
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_security_internals,
argc, argv);
}
/* order is important. we don't want to be locked out by the share-acl
* before copying files - gd */
- ret = run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_shares_internals, argc, argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_files_internals, argc, argv);
if (ret)
return ret;
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_security_internals, argc,
argv);
}
for (j=0; j<alias->num_members; j++)
DEBUG(1, ("%s\\%s (%d); ",
- domains[j] ? domains[j] : "*unknown*",
+ domains[j] ? domains[j] : "*unknown*",
names[j] ? names[j] : "*unknown*",types[j]));
DEBUG(1, ("\n"));
}
for (i = 0; i < num_groups; i++) {
gid_t gid = groups[i];
struct dom_sid sid;
+ bool ok;
wbc_status = wbcGidToSid(gid, &wsid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
DEBUG(3, (" %s\n", sid_str));
- string_to_sid(&sid, sid_str);
+ ok = string_to_sid(&sid, sid_str);
+ if (!ok) {
+ DEBUG(1, ("Failed to convert string to SID\n"));
+ wbcFreeMemory(groups);
+ return false;
+ }
add_sid_to_token(token, &sid);
}
wbcFreeMemory(groups);
} else {
*p++ = '\0';
fstrcpy(domain, users[i]);
- strupper_m(domain);
+ if (!strupper_m(domain)) {
+ DEBUG(1, ("strupper_m %s failed\n", domain));
+ wbcFreeMemory(users);
+ return false;
+ }
fstrcpy(user, p);
}
token = &((*tokens)[*num_tokens-1]);
- strlcpy(token->name, line, sizeof(token->name));
+ if (strlcpy(token->name, line, sizeof(token->name)) >= sizeof(token->name)) {
+ return false;
+ }
token->token.num_sids = 0;
token->token.sids = NULL;
continue;
}
-
+
return false;
}
*/
static void show_userlist(struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- const char *netname,
- int num_tokens,
- struct user_token *tokens)
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *netname,
+ int num_tokens,
+ struct user_token *tokens)
{
uint16_t fnum;
struct security_descriptor *share_sd = NULL;
struct security_descriptor *root_sd = NULL;
- struct cli_state *cli = rpc_pipe_np_smb_conn(pipe_hnd);
int i;
union srvsvc_NetShareInfo info;
WERROR result;
netname));
}
- cnum = cli->cnum;
+ cnum = cli_state_get_tid(cli);
- if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, netname, "A:", "", 0))) {
+ if (!NT_STATUS_IS_OK(cli_tree_connect(cli, netname, "A:", "", 0))) {
return;
}
if (!NT_STATUS_IS_OK(cli_ntcreate(cli, "\\", 0, READ_CONTROL_ACCESS, 0,
FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0x0, 0x0, &fnum))) {
- root_sd = cli_query_secdesc(cli, fnum, mem_ctx);
+ cli_query_secdesc(cli, fnum, mem_ctx, &root_sd);
}
for (i=0; i<num_tokens; i++) {
if (fnum != (uint16_t)-1)
cli_close(cli, fnum);
cli_tdis(cli);
- cli->cnum = cnum;
-
- return;
-}
-
-struct share_list {
- int num_shares;
- char **shares;
-};
+ cli_state_set_tid(cli, cnum);
-static void collect_share(const char *name, uint32 m,
- const char *comment, void *state)
-{
- struct share_list *share_list = (struct share_list *)state;
-
- if (m != STYPE_DISKTREE)
- return;
-
- share_list->num_shares += 1;
- share_list->shares = SMB_REALLOC_ARRAY(share_list->shares, char *, share_list->num_shares);
- if (!share_list->shares) {
- share_list->num_shares = 0;
- return;
- }
- share_list->shares[share_list->num_shares-1] = SMB_STRDUP(name);
+ return;
}
/**
int argc,
const char **argv)
{
- int ret;
bool r;
- uint32 i;
FILE *f;
+ NTSTATUS nt_status = NT_STATUS_OK;
+ uint32_t total_entries = 0;
+ uint32_t resume_handle = 0;
+ uint32_t preferred_len = 0xffffffff;
+ uint32_t i;
+ struct dcerpc_binding_handle *b = NULL;
+ struct srvsvc_NetShareInfoCtr info_ctr;
+ struct srvsvc_NetShareCtr1 ctr1;
+ WERROR result;
struct user_token *tokens = NULL;
int num_tokens = 0;
- struct share_list share_list;
-
if (argc == 0) {
f = stdin;
} else {
for (i=0; i<num_tokens; i++)
collect_alias_memberships(&tokens[i].token);
- share_list.num_shares = 0;
- share_list.shares = NULL;
+ ZERO_STRUCT(info_ctr);
+ ZERO_STRUCT(ctr1);
+
+ info_ctr.level = 1;
+ info_ctr.ctr.ctr1 = &ctr1;
+
+ b = pipe_hnd->binding_handle;
+
+ /* Issue the NetShareEnum RPC call and retrieve the response */
+ nt_status = dcerpc_srvsvc_NetShareEnumAll(b,
+ talloc_tos(),
+ pipe_hnd->desthost,
+ &info_ctr,
+ preferred_len,
+ &total_entries,
+ &resume_handle,
+ &result);
+
+ /* Was it successful? */
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ /* Nope. Go clean up. */
+ goto done;
+ }
- ret = cli_RNetShareEnum(cli, collect_share, &share_list);
+ if (!W_ERROR_IS_OK(result)) {
+ /* Nope. Go clean up. */
+ nt_status = werror_to_ntstatus(result);
+ goto done;
+ }
- if (ret == -1) {
- DEBUG(0, ("Error returning browse list: %s\n",
- cli_errstr(cli)));
+ if (total_entries == 0) {
goto done;
}
- for (i = 0; i < share_list.num_shares; i++) {
- char *netname = share_list.shares[i];
+ /* For each returned entry... */
+ for (i = 0; i < info_ctr.ctr.ctr1->count; i++) {
+ const char *netname = info_ctr.ctr.ctr1->array[i].name;
- if (netname[strlen(netname)-1] == '$')
+ if (info_ctr.ctr.ctr1->array[i].type != STYPE_DISKTREE) {
continue;
+ }
d_printf("%s\n", netname);
- show_userlist(pipe_hnd, mem_ctx, netname,
+ show_userlist(pipe_hnd, cli, mem_ctx, netname,
num_tokens, tokens);
}
done:
free_user_token(&tokens[i].token);
}
SAFE_FREE(tokens);
- SAFE_FREE(share_list.shares);
- return NT_STATUS_OK;
+ return nt_status;
}
static int rpc_share_allowedusers(struct net_context *c, int argc,
return 0;
}
- result = run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ result = run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_aliaslist_internals,
argc, argv);
if (result != 0)
return result;
- result = run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
+ result = run_rpc_command(c, NULL, &ndr_table_lsarpc, 0,
rpc_aliaslist_dump,
argc, argv);
if (result != 0)
return result;
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_allowedusers_internals,
argc, argv);
}
if (!get_user_tokens(c, &num_tokens, &tokens)) {
DEBUG(0, ("Could not get the user/sid list\n"));
- return 0;
+ return -1;
}
for (i=0; i<num_tokens; i++) {
}
SAFE_FREE(tokens);
- return 1;
+ return 0;
}
int net_usersidlist_usage(struct net_context *c, int argc, const char **argv)
{
static struct rpc_sh_cmd cmds[] = {
- { "list", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_list,
+ { "list", NULL, &ndr_table_srvsvc, rpc_sh_share_list,
N_("List available shares") },
- { "add", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_add,
+ { "add", NULL, &ndr_table_srvsvc, rpc_sh_share_add,
N_("Add a share") },
- { "delete", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_delete,
+ { "delete", NULL, &ndr_table_srvsvc, rpc_sh_share_delete,
N_("Delete a share") },
- { "info", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_info,
+ { "info", NULL, &ndr_table_srvsvc, rpc_sh_share_info,
N_("Get information about a share") },
{ NULL, NULL, 0, NULL, NULL }
{
NET_API_STATUS status;
uint32 preferred_len = 0xffffffff, i;
- const char *username=NULL;
+ char *username=NULL;
uint32_t total_entries = 0;
uint32_t entries_read = 0;
uint32_t resume_handle = 0;
display_file_info_3(&i3[i]);
}
done:
+ SAFE_FREE(username);
return status;
}
return 0;
}
- rc = run_rpc_command(c, NULL, &ndr_table_initshutdown.syntax_id, 0,
+ rc = run_rpc_command(c, NULL, &ndr_table_initshutdown, 0,
rpc_shutdown_abort_internals, argc, argv);
if (rc == 0)
DEBUG(1, ("initshutdown pipe didn't work, trying winreg pipe\n"));
- return run_rpc_command(c, NULL, &ndr_table_winreg.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_winreg, 0,
rpc_reg_shutdown_abort_internals,
argc, argv);
}
return 0;
}
- rc = run_rpc_command(c, NULL, &ndr_table_initshutdown.syntax_id, 0,
+ rc = run_rpc_command(c, NULL, &ndr_table_initshutdown, 0,
rpc_init_shutdown_internals, argc, argv);
if (rc) {
DEBUG(1, ("initshutdown pipe failed, trying winreg pipe\n"));
- rc = run_rpc_command(c, NULL, &ndr_table_winreg.syntax_id, 0,
+ rc = run_rpc_command(c, NULL, &ndr_table_winreg, 0,
rpc_reg_shutdown_internals, argc, argv);
}
union samr_UserInfo info;
unsigned int orig_timeout;
struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
+ DATA_BLOB session_key = data_blob_null;
if (argc != 2) {
d_printf("%s\n%s",
return NT_STATUS_NO_MEMORY;
}
- strupper_m(acct_name);
+ if (!strupper_m(acct_name)) {
+ SAFE_FREE(acct_name);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
init_lsa_String(&lsa_acct_name, acct_name);
+ status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n",
+ nt_errstr(status)));
+ goto done;
+ }
+
/* Get samr policy handle */
status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
ZERO_STRUCT(info.info23);
init_samr_CryptPassword(argv[1],
- &cli->user_session_key,
+ &session_key,
&crypt_pwd);
info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS |
done:
SAFE_FREE(acct_name);
+ data_blob_clear_free(&session_key);
return status;
}
static int rpc_trustdom_add(struct net_context *c, int argc, const char **argv)
{
if (argc > 0 && !c->display_usage) {
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_trustdom_add_internals, argc, argv);
} else {
d_printf("%s\n%s",
if (acct_name == NULL)
return NT_STATUS_NO_MEMORY;
- strupper_m(acct_name);
+ if (!strupper_m(acct_name)) {
+ TALLOC_FREE(acct_name);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
/* Get samr policy handle */
status = dcerpc_samr_Connect2(b, mem_ctx,
static int rpc_trustdom_del(struct net_context *c, int argc, const char **argv)
{
if (argc > 0 && !c->display_usage) {
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_trustdom_del_internals, argc, argv);
} else {
d_printf("%s\n%s",
/* Try netr_GetDcName */
- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id,
+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon,
&netr);
if (!NT_STATUS_IS_OK(status)) {
return status;
b = netr->binding_handle;
status = dcerpc_netr_GetDcName(b, mem_ctx,
- cli->desthost,
+ netr->desthost,
domain_name,
&buffer,
&result);
}
domain_name = smb_xstrdup(argv[0]);
- strupper_m(domain_name);
+ if (!strupper_m(domain_name)) {
+ SAFE_FREE(domain_name);
+ return -1;
+ }
/* account name used at first is our domain's name with '$' */
if (asprintf(&acct_name, "%s$", lp_workgroup()) == -1) {
return -1;
}
- strupper_m(acct_name);
+ if (!strupper_m(acct_name)) {
+ SAFE_FREE(domain_name);
+ SAFE_FREE(acct_name);
+ return -1;
+ }
/*
* opt_workgroup will be used by connection functions further,
* Call LsaOpenPolicy and LsaQueryInfo
*/
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) ));
/* generate upper cased domain name */
domain_name = smb_xstrdup(argv[0]);
- strupper_m(domain_name);
+ if (!strupper_m(domain_name)) {
+ SAFE_FREE(domain_name);
+ return -1;
+ }
/* delete password of the trust */
if (!pdb_del_trusteddom_pw(domain_name)) {
NTSTATUS nt_status, result;
union lsa_TrustedDomainInfo *info = NULL;
char *cleartextpwd = NULL;
- uint8_t session_key[16];
- DATA_BLOB session_key_blob;
+ DATA_BLOB session_key;
DATA_BLOB data = data_blob_null;
struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
data = data_blob(info->password.password->data,
info->password.password->length);
- if (!rpccli_get_pwd_hash(pipe_hnd, session_key)) {
- DEBUG(0, ("Could not retrieve password hash\n"));
+ nt_status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(nt_status)));
goto done;
}
- session_key_blob = data_blob_const(session_key, sizeof(session_key));
- cleartextpwd = sess_decrypt_string(mem_ctx, &data, &session_key_blob);
+ cleartextpwd = sess_decrypt_string(mem_ctx, &data, &session_key);
+ data_blob_free(&session_key);
if (cleartextpwd == NULL) {
DEBUG(0,("retrieved NULL password\n"));
struct rpc_pipe_client *pipe_hnd = NULL;
NTSTATUS nt_status, result;
const char *domain_name = NULL;
- struct dom_sid *queried_dom_sid;
struct policy_handle connect_hnd;
union lsa_PolicyInformation *info = NULL;
* or to remote one given in command line
*/
- if (StrCaseCmp(c->opt_workgroup, lp_workgroup())) {
+ if (strcasecmp_m(c->opt_workgroup, lp_workgroup())) {
domain_name = c->opt_workgroup;
c->opt_target_workgroup = c->opt_workgroup;
} else {
- fstrcpy(pdc_name, global_myname());
+ fstrcpy(pdc_name, lp_netbios_name());
domain_name = talloc_strdup(mem_ctx, lp_workgroup());
c->opt_target_workgroup = domain_name;
};
return -1;
};
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
return -1;
}
- queried_dom_sid = info->account_domain.sid;
-
/*
* Keep calling LsaEnumTrustdom over opened pipe until
* the end of enumeration is reached
print_trusted_domain(dom_list.domains[i].sid,
dom_list.domains[i].name.string);
- nt_status = vampire_trusted_domain(pipe_hnd, mem_ctx, &connect_hnd,
+ nt_status = vampire_trusted_domain(pipe_hnd, mem_ctx, &connect_hnd,
*dom_list.domains[i].sid,
dom_list.domains[i].name.string);
if (!NT_STATUS_IS_OK(nt_status)) {
* or to remote one given in command line
*/
- if (StrCaseCmp(c->opt_workgroup, lp_workgroup())) {
+ if (strcasecmp_m(c->opt_workgroup, lp_workgroup())) {
domain_name = c->opt_workgroup;
c->opt_target_workgroup = c->opt_workgroup;
} else {
- fstrcpy(pdc_name, global_myname());
+ fstrcpy(pdc_name, lp_netbios_name());
domain_name = talloc_strdup(mem_ctx, lp_workgroup());
c->opt_target_workgroup = domain_name;
};
return -1;
};
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
talloc_destroy(mem_ctx);
return -1;
};
-
+
/* query info level 5 to obtain sid of a domain being queried */
nt_status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
&connect_hnd,
talloc_destroy(mem_ctx);
return -1;
};
-
+
TALLOC_FREE(pipe_hnd);
/*
* Listing trusting domains (stored in passdb backend, if local)
*/
-
+
d_printf(_("\nTrusting domains list:\n\n"));
/*
* Open \PIPE\samr and get needed policy handles
*/
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status)));
str[ascii_dom_name_len - 1] = '\0';
/* set opt_* variables to remote domain */
- strupper_m(str);
+ if (!strupper_m(str)) {
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
c->opt_workgroup = talloc_strdup(mem_ctx, str);
c->opt_target_workgroup = c->opt_workgroup;
/* query for domain's sid */
if (run_rpc_command(
c, remote_cli,
- &ndr_table_lsarpc.syntax_id, 0,
+ &ndr_table_lsarpc, 0,
rpc_query_domain_sid, argc,
argv))
d_printf(_("strange - couldn't get domain's sid\n"));
if (!net_find_server(c, NULL, flags, &server_ss, &server_name))
return false;
- if ((cli = cli_initialise()) == NULL) {
+ status = cli_connect_nb(server_name, &server_ss, 0, 0x20,
+ lp_netbios_name(), SMB_SIGNING_DEFAULT,
+ 0, &cli);
+ if (!NT_STATUS_IS_OK(status)) {
return false;
}
-
- status = cli_connect(cli, server_name, &server_ss);
- if (!NT_STATUS_IS_OK(status))
- goto done;
- if (!attempt_netbios_session_request(&cli, global_myname(),
- server_name, &server_ss))
- goto done;
- status = cli_negprot(cli);
+ status = smbXcli_negprot(cli->conn, cli->timeout, PROTOCOL_CORE,
+ PROTOCOL_NT1);
if (!NT_STATUS_IS_OK(status))
goto done;
- if (cli->protocol < PROTOCOL_NT1)
+ if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_NT1)
goto done;
ret = true;
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_netlogon,
NET_FLAGS_ANONYMOUS,
rpc_samdump_internals, argc, argv);
}
return -1;
}
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_printers_internals, argc,
argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_drivers_internals, argc,
argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_forms_internals, argc, argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_settings_internals, argc,
argv);
if (ret)
return ret;
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_security_internals, argc,
argv);
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_drivers_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_forms_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_printers_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_security_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_settings_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_list_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_driver_list_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_publish_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_update_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_unpublish_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_list_internals,
argc, argv);
}
net_display_usage_from_functable(func);
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_list_internals,
argc, argv);
}
net_display_usage_from_functable(func);
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_list_internals,
argc, argv);
}
N_("net rpc trust\n"
" Manage trusts")
},
+ {
+ "conf",
+ net_rpc_conf,
+ NET_TRANSPORT_RPC,
+ N_("Configure a remote samba server"),
+ N_("net rpc conf\n"
+ " Configure a remote samba server")
+ },
{NULL, NULL, 0, NULL, NULL}
};