#include "includes.h"
#include "utils/net.h"
+#include "rpc_client/cli_pipe.h"
#include "../libcli/auth/libcli_auth.h"
-#include "../librpc/gen_ndr/cli_samr.h"
+#include "../librpc/gen_ndr/ndr_samr_c.h"
#include "rpc_client/cli_samr.h"
#include "rpc_client/init_samr.h"
-#include "../librpc/gen_ndr/cli_lsa.h"
+#include "../librpc/gen_ndr/ndr_lsa_c.h"
#include "rpc_client/cli_lsarpc.h"
#include "../librpc/gen_ndr/ndr_netlogon_c.h"
#include "../librpc/gen_ndr/ndr_srvsvc_c.h"
#include "secrets.h"
#include "lib/netapi/netapi.h"
#include "lib/netapi/netapi_net.h"
+#include "librpc/gen_ndr/libnet_join.h"
+#include "libnet/libnet_join.h"
#include "rpc_client/init_lsa.h"
#include "../libcli/security/security.h"
+#include "libsmb/libsmb.h"
+#include "libsmb/clirap.h"
+#include "nsswitch/libwbclient/wbclient.h"
+#include "passdb.h"
+#include "../libcli/smb/smbXcli_base.h"
static int net_mode_share;
static NTSTATUS sync_files(struct copy_clistate *cp_clistate, const char *mask);
{
struct rpc_pipe_client *lsa_pipe = NULL;
struct policy_handle pol;
- NTSTATUS result = NT_STATUS_OK;
+ NTSTATUS status, result;
union lsa_PolicyInformation *info = NULL;
+ struct dcerpc_binding_handle *b;
- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&lsa_pipe);
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Could not initialise lsa pipe\n"));
- return result;
+ return status;
}
- result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false,
+ b = lsa_pipe->binding_handle;
+
+ status = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false,
SEC_FLAG_MAXIMUM_ALLOWED,
&pol);
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "open_policy %s: %s\n",
_("failed"),
- nt_errstr(result));
- return result;
+ nt_errstr(status));
+ return status;
}
- result = rpccli_lsa_QueryInfoPolicy(lsa_pipe, mem_ctx,
+ status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
&pol,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "lsaquery %s: %s\n",
+ _("failed"),
+ nt_errstr(status));
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "lsaquery %s: %s\n",
_("failed"),
*domain_name = info->account_domain.name.string;
*domain_sid = info->account_domain.sid;
- rpccli_lsa_Close(lsa_pipe, mem_ctx, &pol);
+ dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
TALLOC_FREE(lsa_pipe);
return NT_STATUS_OK;
int run_rpc_command(struct net_context *c,
struct cli_state *cli_arg,
- const struct ndr_syntax_id *interface,
+ const struct ndr_interface_table *table,
int conn_flags,
rpc_command_fn fn,
int argc,
if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
if (lp_client_schannel()
- && (ndr_syntax_id_equal(interface,
+ && (ndr_syntax_id_equal(&table->syntax_id,
&ndr_table_netlogon.syntax_id))) {
/* Always try and create an schannel netlogon pipe. */
nt_status = cli_rpc_pipe_open_schannel(
- cli, interface, NCACN_NP,
+ cli, table, NCACN_NP,
DCERPC_AUTH_LEVEL_PRIVACY, domain_name,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
}
} else {
if (conn_flags & NET_FLAGS_SEAL) {
- nt_status = cli_rpc_pipe_open_ntlmssp(
- cli, interface,
+ nt_status = cli_rpc_pipe_open_generic_auth(
+ cli, table,
(conn_flags & NET_FLAGS_TCP) ?
NCACN_IP_TCP : NCACN_NP,
+ DCERPC_AUTH_TYPE_NTLMSSP,
DCERPC_AUTH_LEVEL_PRIVACY,
+ smbXcli_conn_remote_name(cli->conn),
lp_workgroup(), c->opt_user_name,
c->opt_password, &pipe_hnd);
} else {
nt_status = cli_rpc_pipe_open_noauth(
- cli, interface,
+ cli, table,
&pipe_hnd);
}
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise pipe %s. Error was %s\n",
- get_pipe_name_from_syntax(
- talloc_tos(), interface),
+ table->name,
nt_errstr(nt_status) ));
goto fail;
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_netlogon,
NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
rpc_changetrustpw_internals,
argc, argv);
}
/**
- * Join a domain, the old way.
+ * Join a domain, the old way. This function exists to allow
+ * the message to be displayed when oldjoin was explicitly
+ * requested, but not when it was implied by "net rpc join".
*
* This uses 'machinename' as the inital password, and changes it.
*
* The password should be created with 'server manager' or equiv first.
*
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success).
**/
-static NTSTATUS rpc_oldjoin_internals(struct net_context *c,
- const struct dom_sid *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv)
{
+ struct libnet_JoinCtx *r = NULL;
+ TALLOC_CTX *mem_ctx;
+ WERROR werr;
+ const char *domain = lp_workgroup(); /* FIXME */
+ bool modify_config = lp_config_backend_is_registry();
+ enum netr_SchannelType sec_chan_type;
+ char *pw = NULL;
- fstring trust_passwd;
- unsigned char orig_trust_passwd_hash[16];
- NTSTATUS result;
- enum netr_SchannelType sec_channel_type;
+ if (c->display_usage) {
+ d_printf("Usage:\n"
+ "net rpc oldjoin\n"
+ " Join a domain the old way\n");
+ return 0;
+ }
- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id,
- &pipe_hnd);
- if (!NT_STATUS_IS_OK(result)) {
- DEBUG(0,("rpc_oldjoin_internals: netlogon pipe open to machine %s failed. "
- "error was %s\n",
- cli->desthost,
- nt_errstr(result) ));
- return result;
+ mem_ctx = talloc_init("net_rpc_oldjoin");
+ if (!mem_ctx) {
+ return -1;
+ }
+
+ werr = libnet_init_JoinCtx(mem_ctx, &r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
}
/*
a BDC, the server must agree that we are a BDC.
*/
if (argc >= 0) {
- sec_channel_type = get_sec_channel_type(argv[0]);
+ sec_chan_type = get_sec_channel_type(argv[0]);
} else {
- sec_channel_type = get_sec_channel_type(NULL);
+ sec_chan_type = get_sec_channel_type(NULL);
}
- fstrcpy(trust_passwd, global_myname());
- strlower_m(trust_passwd);
+ if (!c->msg_ctx) {
+ d_fprintf(stderr, _("Could not initialise message context. "
+ "Try running as root\n"));
+ werr = WERR_ACCESS_DENIED;
+ goto fail;
+ }
- /*
- * Machine names can be 15 characters, but the max length on
- * a password is 14. --jerry
- */
+ pw = talloc_strndup(r, lp_netbios_name(), 14);
+ if (pw == NULL) {
+ werr = WERR_NOMEM;
+ goto fail;
+ }
- trust_passwd[14] = '\0';
+ r->in.msg_ctx = c->msg_ctx;
+ r->in.domain_name = domain;
+ r->in.secure_channel_type = sec_chan_type;
+ r->in.dc_name = c->opt_host;
+ r->in.admin_account = "";
+ r->in.admin_password = strlower_talloc(r, pw);
+ if (r->in.admin_password == NULL) {
+ werr = WERR_NOMEM;
+ goto fail;
+ }
+ r->in.debug = true;
+ r->in.modify_config = modify_config;
+ r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
+ WKSSVC_JOIN_FLAGS_JOIN_UNSECURE |
+ WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED;
- E_md4hash(trust_passwd, orig_trust_passwd_hash);
+ werr = libnet_Join(mem_ctx, r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
+ }
- result = trust_pw_change_and_store_it(pipe_hnd, mem_ctx, c->opt_target_workgroup,
- global_myname(),
- orig_trust_passwd_hash,
- sec_channel_type);
+ /* Check the short name of the domain */
- if (NT_STATUS_IS_OK(result))
- printf(_("Joined domain %s.\n"), c->opt_target_workgroup);
+ if (!modify_config && !strequal(lp_workgroup(), r->out.netbios_domain_name)) {
+ d_printf("The workgroup in %s does not match the short\n", get_dyn_CONFIGFILE());
+ d_printf("domain name obtained from the server.\n");
+ d_printf("Using the name [%s] from the server.\n", r->out.netbios_domain_name);
+ d_printf("You should set \"workgroup = %s\" in %s.\n",
+ r->out.netbios_domain_name, get_dyn_CONFIGFILE());
+ }
+ d_printf("Using short domain name -- %s\n", r->out.netbios_domain_name);
- if (!secrets_store_domain_sid(c->opt_target_workgroup, domain_sid)) {
- DEBUG(0, ("error storing domain sid for %s\n", c->opt_target_workgroup));
- result = NT_STATUS_UNSUCCESSFUL;
+ if (r->out.dns_domain_name) {
+ d_printf("Joined '%s' to realm '%s'\n", r->in.machine_name,
+ r->out.dns_domain_name);
+ } else {
+ d_printf("Joined '%s' to domain '%s'\n", r->in.machine_name,
+ r->out.netbios_domain_name);
}
- return result;
+ TALLOC_FREE(mem_ctx);
+
+ return 0;
+
+fail:
+ if (c->opt_flags & NET_FLAGS_EXPECT_FALLBACK) {
+ goto cleanup;
+ }
+
+ /* issue an overall failure message at the end. */
+ d_fprintf(stderr, _("Failed to join domain: %s\n"),
+ r && r->out.error_string ? r->out.error_string :
+ get_friendly_werror_msg(werr));
+
+cleanup:
+ TALLOC_FREE(mem_ctx);
+
+ return -1;
}
/**
- * Join a domain, the old way.
+ * check that a join is OK
*
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
+ * @return A shell status integer (0 for success)
*
- * @return A shell status integer (0 for success).
**/
-
-static int net_rpc_perform_oldjoin(struct net_context *c, int argc, const char **argv)
+int net_rpc_testjoin(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
- NET_FLAGS_NO_PIPE | NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
- rpc_oldjoin_internals,
- argc, argv);
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx;
+ const char *domain = c->opt_target_workgroup;
+ const char *dc = c->opt_host;
+
+ if (c->display_usage) {
+ d_printf("Usage\n"
+ "net rpc testjoin\n"
+ " Test if a join is OK\n");
+ return 0;
+ }
+
+ mem_ctx = talloc_init("net_rpc_testjoin");
+ if (!mem_ctx) {
+ return -1;
+ }
+
+ if (!dc) {
+ struct netr_DsRGetDCNameInfo *info;
+
+ if (!c->msg_ctx) {
+ d_fprintf(stderr, _("Could not initialise message context. "
+ "Try running as root\n"));
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
+
+ status = dsgetdcname(mem_ctx,
+ c->msg_ctx,
+ domain,
+ NULL,
+ NULL,
+ DS_RETURN_DNS_NAME,
+ &info);
+ if (!NT_STATUS_IS_OK(status)) {
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
+
+ dc = strip_hostname(info->dc_unc);
+ }
+
+ /* Display success or failure */
+ status = libnet_join_ok(c->opt_workgroup, lp_netbios_name(), dc,
+ c->opt_kerberos);
+ if (!NT_STATUS_IS_OK(status)) {
+ fprintf(stderr,"Join to domain '%s' is not valid: %s\n",
+ domain, nt_errstr(status));
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
+
+ printf("Join to '%s' is OK\n",domain);
+ talloc_destroy(mem_ctx);
+
+ return 0;
}
/**
- * Join a domain, the old way. This function exists to allow
- * the message to be displayed when oldjoin was explicitly
- * requested, but not when it was implied by "net rpc join".
+ * Join a domain using the administrator username and password
*
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
+ * @param argc Standard main() style argc
+ * @param argc Standard main() style argv. Initial components are already
+ * stripped. Currently not used.
+ * @return A shell status integer (0 for success)
*
- * @return A shell status integer (0 for success).
**/
-static int net_rpc_oldjoin(struct net_context *c, int argc, const char **argv)
+static int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv)
{
- int rc = -1;
+ struct libnet_JoinCtx *r = NULL;
+ TALLOC_CTX *mem_ctx;
+ WERROR werr;
+ const char *domain = lp_workgroup(); /* FIXME */
+ bool modify_config = lp_config_backend_is_registry();
+ enum netr_SchannelType sec_chan_type;
if (c->display_usage) {
- d_printf( "%s\n"
- "net rpc oldjoin\n"
- " %s\n",
- _("Usage:"),
- _("Join a domain the old way"));
+ d_printf("Usage:\n"
+ "net rpc join\n"
+ " Join a domain the new way\n");
return 0;
}
- rc = net_rpc_perform_oldjoin(c, argc, argv);
+ mem_ctx = talloc_init("net_rpc_join_newstyle");
+ if (!mem_ctx) {
+ return -1;
+ }
- if (rc) {
- d_fprintf(stderr, _("Failed to join domain\n"));
+ werr = libnet_init_JoinCtx(mem_ctx, &r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
}
- return rc;
+ /*
+ check what type of join - if the user want's to join as
+ a BDC, the server must agree that we are a BDC.
+ */
+ if (argc >= 0) {
+ sec_chan_type = get_sec_channel_type(argv[0]);
+ } else {
+ sec_chan_type = get_sec_channel_type(NULL);
+ }
+
+ if (!c->msg_ctx) {
+ d_fprintf(stderr, _("Could not initialise message context. "
+ "Try running as root\n"));
+ werr = WERR_ACCESS_DENIED;
+ goto fail;
+ }
+
+ r->in.msg_ctx = c->msg_ctx;
+ r->in.domain_name = domain;
+ r->in.secure_channel_type = sec_chan_type;
+ r->in.dc_name = c->opt_host;
+ r->in.admin_account = c->opt_user_name;
+ r->in.admin_password = net_prompt_pass(c, c->opt_user_name);
+ r->in.debug = true;
+ r->in.use_kerberos = c->opt_kerberos;
+ r->in.modify_config = modify_config;
+ r->in.join_flags = WKSSVC_JOIN_FLAGS_JOIN_TYPE |
+ WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE |
+ WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED;
+
+ werr = libnet_Join(mem_ctx, r);
+ if (!W_ERROR_IS_OK(werr)) {
+ goto fail;
+ }
+
+ /* Check the short name of the domain */
+
+ if (!modify_config && !strequal(lp_workgroup(), r->out.netbios_domain_name)) {
+ d_printf("The workgroup in %s does not match the short\n", get_dyn_CONFIGFILE());
+ d_printf("domain name obtained from the server.\n");
+ d_printf("Using the name [%s] from the server.\n", r->out.netbios_domain_name);
+ d_printf("You should set \"workgroup = %s\" in %s.\n",
+ r->out.netbios_domain_name, get_dyn_CONFIGFILE());
+ }
+
+ d_printf("Using short domain name -- %s\n", r->out.netbios_domain_name);
+
+ if (r->out.dns_domain_name) {
+ d_printf("Joined '%s' to realm '%s'\n", r->in.machine_name,
+ r->out.dns_domain_name);
+ } else {
+ d_printf("Joined '%s' to domain '%s'\n", r->in.machine_name,
+ r->out.netbios_domain_name);
+ }
+
+ TALLOC_FREE(mem_ctx);
+
+ return 0;
+
+fail:
+ /* issue an overall failure message at the end. */
+ d_printf("Failed to join domain: %s\n",
+ r && r->out.error_string ? r->out.error_string :
+ get_friendly_werror_msg(werr));
+
+ TALLOC_FREE(mem_ctx);
+
+ return -1;
}
/**
int net_rpc_join(struct net_context *c, int argc, const char **argv)
{
+ int ret;
+
if (c->display_usage) {
d_printf("%s\n%s",
_("Usage:"),
return -1;
}
- if (strlen(global_myname()) > 15) {
+ if (strlen(lp_netbios_name()) > 15) {
d_printf(_("Our netbios name can be at most 15 chars long, "
"\"%s\" is %u chars long\n"),
- global_myname(), (unsigned int)strlen(global_myname()));
+ lp_netbios_name(), (unsigned int)strlen(lp_netbios_name()));
return -1;
}
- if ((net_rpc_perform_oldjoin(c, argc, argv) == 0))
+ c->opt_flags |= NET_FLAGS_EXPECT_FALLBACK;
+ ret = net_rpc_oldjoin(c, argc, argv);
+ c->opt_flags &= ~NET_FLAGS_EXPECT_FALLBACK;
+ if (ret == 0) {
return 0;
+ }
return net_rpc_join_newstyle(c, argc, argv);
}
const char **argv)
{
struct policy_handle connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
union samr_DomainInfo *info = NULL;
fstring sid_str;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
sid_to_fstring(sid_str, domain_sid);
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Could not connect to SAM: %s\n"),
+ nt_errstr(status));
+ goto done;
+ }
+
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Could not connect to SAM: %s\n"),
nt_errstr(result));
goto done;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
+ discard_const_p(struct dom_sid2, domain_sid),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Could not open domain: %s\n"),
+ nt_errstr(status));
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Could not open domain: %s\n"),
nt_errstr(result));
goto done;
}
- result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryDomainInfo(b, mem_ctx,
&domain_pol,
2,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ status = result;
if (NT_STATUS_IS_OK(result)) {
d_printf(_("Domain Name: %s\n"),
info->general.domain_name.string);
}
done:
- return result;
+ return status;
}
/**
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_samr,
NET_FLAGS_PDC, rpc_info_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_samr,
conn_flags,
rpc_getsid_internals,
argc, argv);
if (argv[1]) {
u1003.usri1003_password = argv[1];
} else {
+ char pwd[256] = {0};
ret = asprintf(&prompt, _("Enter new password for %s:"),
argv[0]);
if (ret == -1) {
return -1;
}
- u1003.usri1003_password = talloc_strdup(c, getpass(prompt));
+
+ ret = samba_getpass(prompt, pwd, sizeof(pwd), false, false);
SAFE_FREE(prompt);
+ if (ret < 0) {
+ return -1;
+ }
+
+ u1003.usri1003_password = talloc_strdup(c, pwd);
if (u1003.usri1003_password == NULL) {
return -1;
}
do {
uint32_t max_entries, max_size;
- get_query_dispinfo_params(
+ dcerpc_get_query_dispinfo_params(
loop_count, &max_entries, &max_size);
status = NetQueryDisplayInformation(c->opt_host,
int argc, const char **argv))
{
struct policy_handle connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
struct dom_sid sid;
uint32 rid;
enum lsa_SidType type;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
if (argc == 0) {
d_fprintf(stderr, "%s %s <username>\n", _("Usage:"),
ZERO_STRUCT(domain_pol);
ZERO_STRUCT(user_pol);
- result = net_rpc_lookup_name(c, mem_ctx, rpc_pipe_np_smb_conn(pipe_hnd),
+ status = net_rpc_lookup_name(c, mem_ctx, ctx->cli,
argv[0], NULL, NULL, &sid, &type);
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("Could not lookup %s: %s\n"), argv[0],
- nt_errstr(result));
+ nt_errstr(status));
goto done;
}
if (type != SID_NAME_USER) {
d_fprintf(stderr, _("%s is a %s, not a user\n"), argv[0],
sid_type_lookup(type));
- result = NT_STATUS_NO_SUCH_USER;
+ status = NT_STATUS_NO_SUCH_USER;
goto done;
}
if (!sid_peek_check_rid(ctx->domain_sid, &sid, &rid)) {
d_fprintf(stderr, _("%s is not in our domain\n"), argv[0]);
- result = NT_STATUS_NO_SUCH_USER;
+ status = NT_STATUS_NO_SUCH_USER;
goto done;
}
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
ctx->domain_sid,
- &domain_pol);
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rid,
- &user_pol);
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = fn(c, mem_ctx, ctx, pipe_hnd, &user_pol, argc-1, argv+1);
+ status = fn(c, mem_ctx, ctx, pipe_hnd, &user_pol, argc-1, argv+1);
done:
if (is_valid_policy_hnd(&user_pol)) {
- rpccli_samr_Close(pipe_hnd, mem_ctx, &user_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
}
if (is_valid_policy_hnd(&domain_pol)) {
- rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
}
if (is_valid_policy_hnd(&connect_pol)) {
- rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
}
- return result;
+ return status;
}
static NTSTATUS rpc_sh_user_show_internals(struct net_context *c,
struct policy_handle *user_hnd,
int argc, const char **argv)
{
- NTSTATUS result;
+ NTSTATUS status, result;
union samr_UserInfo *info = NULL;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
if (argc != 0) {
d_fprintf(stderr, "%s %s show <username>\n", _("Usage:"),
return NT_STATUS_INVALID_PARAMETER;
}
- result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryUserInfo(b, mem_ctx,
user_hnd,
21,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
return result;
}
struct policy_handle *user_hnd,
int argc, const char **argv)
{
- NTSTATUS result;
+ NTSTATUS status, result;
const char *username;
const char *oldval = "";
union samr_UserInfo *info = NULL;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
if (argc > 1) {
d_fprintf(stderr, "%s %s <username> [new value|NULL]\n",
return NT_STATUS_INVALID_PARAMETER;
}
- result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryUserInfo(b, mem_ctx,
user_hnd,
21,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
return result;
}
SETSTR("profilepath", profile_path, PROFILE_PATH);
SETSTR("description", description, DESCRIPTION);
- result = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_SetUserInfo(b, mem_ctx,
user_hnd,
21,
- info);
+ info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ status = result;
d_printf(_("Set %s's %s from [%s] to [%s]\n"), username,
ctx->thiscmd, oldval, argv[0]);
done:
- return result;
+ return status;
}
#define HANDLEFLG(name, rec) \
struct policy_handle *user_hnd,
int argc, const char **argv)
{
- NTSTATUS result;
+ NTSTATUS status, result;
const char *username;
const char *oldval = "unknown";
uint32 oldflags, newflags;
bool newval;
union samr_UserInfo *info = NULL;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
if ((argc > 1) ||
((argc == 1) && !strequal(argv[0], "yes") &&
newval = strequal(argv[0], "yes");
- result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryUserInfo(b, mem_ctx,
user_hnd,
21,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
return result;
}
info->info21.acct_flags = newflags;
info->info21.fields_present = SAMR_FIELD_ACCT_FLAGS;
- result = rpccli_samr_SetUserInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_SetUserInfo(b, mem_ctx,
user_hnd,
21,
- info);
-
+ info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ status = result;
if (NT_STATUS_IS_OK(result)) {
d_printf(_("Set %s's %s flag from [%s] to [%s]\n"), username,
ctx->thiscmd, oldval, argv[0]);
done:
- return result;
+ return status;
}
static NTSTATUS rpc_sh_user_flag_edit(struct net_context *c,
{
static struct rpc_sh_cmd cmds[] = {
- { "fullname", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "fullname", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's full name") },
- { "homedir", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "homedir", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's home directory") },
- { "homedrive", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "homedrive", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's home drive") },
- { "logonscript", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "logonscript", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's logon script") },
- { "profilepath", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "profilepath", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's profile path") },
- { "description", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_str_edit,
+ { "description", NULL, &ndr_table_samr, rpc_sh_user_str_edit,
N_("Show/Set a user's description") },
- { "disabled", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "disabled", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user is disabled") },
- { "autolock", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "autolock", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user locked out") },
- { "pwnotreq", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "pwnotreq", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user does not need a password") },
- { "pwnoexp", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_flag_edit,
+ { "pwnoexp", NULL, &ndr_table_samr, rpc_sh_user_flag_edit,
N_("Show/Set whether a user's password does not expire") },
{ NULL, NULL, 0, NULL, NULL }
{
static struct rpc_sh_cmd cmds[] = {
- { "list", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_list,
+ { "list", NULL, &ndr_table_samr, rpc_sh_user_list,
N_("List available users") },
- { "info", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_info,
+ { "info", NULL, &ndr_table_samr, rpc_sh_user_info,
N_("List the domain groups a user is member of") },
- { "show", NULL, &ndr_table_samr.syntax_id, rpc_sh_user_show,
+ { "show", NULL, &ndr_table_samr, rpc_sh_user_show,
N_("Show info about a user") },
{ "edit", net_rpc_user_edit_cmds, 0, NULL,
{
struct policy_handle connect_pol, domain_pol, group_pol, user_pol;
bool group_is_primary = false;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
uint32_t group_rid;
struct samr_RidAttrArray *rids = NULL;
/* char **names; */
int i;
/* struct samr_RidWithAttribute *user_gids; */
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
struct samr_Ids group_rids, name_types;
struct lsa_String lsa_acct_name;
return NT_STATUS_OK; /* ok? */
}
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Request samr_Connect2 failed\n"));
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Request samr_Connect2 failed\n"));
- goto done;
+ goto done;
}
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
+ discard_const_p(struct dom_sid2, domain_sid),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Request open_domain failed\n"));
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Request open_domain failed\n"));
- goto done;
+ goto done;
}
init_lsa_String(&lsa_acct_name, argv[0]);
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&group_rids,
- &name_types);
+ &name_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Lookup of '%s' failed\n"),argv[0]);
+ goto done;
+ }
+
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Lookup of '%s' failed\n"),argv[0]);
- goto done;
+ goto done;
}
switch (name_types.ids[0])
{
case SID_NAME_DOM_GRP:
- result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenGroup(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
group_rids.ids[0],
- &group_pol);
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Request open_group failed"));
+ goto done;
+ }
+
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Request open_group failed"));
- goto done;
+ goto done;
}
group_rid = group_rids.ids[0];
- result = rpccli_samr_QueryGroupMember(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryGroupMember(b, mem_ctx,
&group_pol,
- &rids);
+ &rids,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr,
+ _("Unable to query group members of %s"),
+ argv[0]);
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr,
_("Unable to query group members of %s"),
argv[0]);
- goto done;
+ goto done;
}
if (c->opt_verbose) {
/* Check if group is anyone's primary group */
for (i = 0; i < rids->count; i++)
{
- result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rids->rids[i],
- &user_pol);
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr,
+ _("Unable to open group member %d\n"),
+ rids->rids[i]);
+ goto done;
+ }
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr,
_("Unable to open group member %d\n"),
rids->rids[i]);
- goto done;
- }
+ goto done;
+ }
- result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryUserInfo(b, mem_ctx,
&user_pol,
21,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr,
+ _("Unable to lookup userinfo for group "
+ "member %d\n"),
+ rids->rids[i]);
+ goto done;
+ }
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr,
_("Unable to lookup userinfo for group "
"member %d\n"),
rids->rids[i]);
- goto done;
- }
+ goto done;
+ }
if (info->info21.primary_gid == group_rid) {
if (c->opt_verbose) {
group_is_primary = true;
}
- rpccli_samr_Close(pipe_hnd, mem_ctx, &user_pol);
+ dcerpc_samr_Close(b, mem_ctx, &user_pol, &result);
}
if (group_is_primary) {
d_fprintf(stderr, _("Unable to delete group because "
"some of it's members have it as primary "
"group\n"));
- result = NT_STATUS_MEMBERS_PRIMARY_GROUP;
+ status = NT_STATUS_MEMBERS_PRIMARY_GROUP;
goto done;
}
if (c->opt_verbose)
d_printf(_("Remove group member %d..."),
rids->rids[i]);
- result = rpccli_samr_DeleteGroupMember(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_DeleteGroupMember(b, mem_ctx,
&group_pol,
- rids->rids[i]);
-
+ rids->rids[i],
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ status = result;
if (NT_STATUS_IS_OK(result)) {
if (c->opt_verbose)
d_printf(_("ok\n"));
}
}
- result = rpccli_samr_DeleteDomainGroup(pipe_hnd, mem_ctx,
- &group_pol);
+ status = dcerpc_samr_DeleteDomainGroup(b, mem_ctx,
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ break;
+ }
+
+ status = result;
break;
/* removing a local group is easier... */
case SID_NAME_ALIAS:
- result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
group_rids.ids[0],
- &group_pol);
-
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Request open_alias failed\n"));
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Request open_alias failed\n"));
- goto done;
+ goto done;
}
- result = rpccli_samr_DeleteDomAlias(pipe_hnd, mem_ctx,
- &group_pol);
+ status = dcerpc_samr_DeleteDomAlias(b, mem_ctx,
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ break;
+ }
+
+ status = result;
+
break;
default:
d_fprintf(stderr, _("%s is of type %s. This command is only "
"for deleting local or global groups\n"),
argv[0],sid_type_lookup(name_types.ids[0]));
- result = NT_STATUS_UNSUCCESSFUL;
+ status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
- if (NT_STATUS_IS_OK(result)) {
+ if (NT_STATUS_IS_OK(status)) {
if (c->opt_verbose)
d_printf(_("Deleted %s '%s'\n"),
sid_type_lookup(name_types.ids[0]), argv[0]);
} else {
d_fprintf(stderr, _("Deleting of %s failed: %s\n"), argv[0],
- get_friendly_nt_error_msg(result));
+ get_friendly_nt_error_msg(status));
}
done:
- return result;
+ return status;
}
static int rpc_group_delete(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_delete_internals, argc,argv);
}
enum lsa_SidType *types = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
struct policy_handle lsa_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
+ struct dcerpc_binding_handle *b;
- result = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
- result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, false,
+ b = pipe_hnd->binding_handle;
+
+ status = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, false,
SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol);
- if (!NT_STATUS_IS_OK(result)) {
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
}
- result = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &lsa_pol, 1,
+ status = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &lsa_pol, 1,
&name, NULL, 1, &sids, &types);
- if (NT_STATUS_IS_OK(result)) {
+ if (NT_STATUS_IS_OK(status)) {
sid_copy(sid, &sids[0]);
*type = types[0];
}
- rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
+ dcerpc_lsa_Close(b, mem_ctx, &lsa_pol, &result);
done:
if (pipe_hnd) {
TALLOC_FREE(pipe_hnd);
}
- if (!NT_STATUS_IS_OK(result) && (StrnCaseCmp(name, "S-", 2) == 0)) {
+ if (!NT_STATUS_IS_OK(status) && (strncasecmp_m(name, "S-", 2) == 0)) {
/* Try as S-1-5-whatever */
if (string_to_sid(&tmp_sid, name)) {
sid_copy(sid, &tmp_sid);
*type = SID_NAME_UNKNOWN;
- result = NT_STATUS_OK;
+ status = NT_STATUS_OK;
}
}
- return result;
+ return status;
}
static NTSTATUS rpc_add_groupmem(struct rpc_pipe_client *pipe_hnd,
const char *member)
{
struct policy_handle connect_pol, domain_pol;
- NTSTATUS result;
+ NTSTATUS status, result;
uint32 group_rid;
struct policy_handle group_pol;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
}
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
return result;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
- &domain_pol);
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
return result;
}
init_lsa_String(&lsa_acct_name, member);
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
- &rid_types);
+ &rid_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Could not lookup up group member %s\n"),
+ member);
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Could not lookup up group member %s\n"),
member);
goto done;
}
- result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenGroup(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
group_rid,
- &group_pol);
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_AddGroupMember(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_AddGroupMember(b, mem_ctx,
&group_pol,
rids.ids[0],
- 0x0005); /* unknown flags */
+ 0x0005, /* unknown flags */
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = result;
done:
- rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
- return result;
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ return status;
}
static NTSTATUS rpc_add_aliasmem(struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *alias_sid,
- const char *member)
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *alias_sid,
+ const char *member)
{
struct policy_handle connect_pol, domain_pol;
- NTSTATUS result;
+ NTSTATUS status, result;
uint32 alias_rid;
struct policy_handle alias_pol;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
struct dom_sid member_sid;
enum lsa_SidType member_type;
return NT_STATUS_UNSUCCESSFUL;
}
- result = get_sid_from_name(rpc_pipe_np_smb_conn(pipe_hnd), mem_ctx,
+ result = get_sid_from_name(cli, mem_ctx,
member, &member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
}
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
- &domain_pol);
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
alias_rid,
- &alias_pol);
-
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
return result;
}
- result = rpccli_samr_AddAliasMember(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_AddAliasMember(b, mem_ctx,
&alias_pol,
- &member_sid);
-
- if (!NT_STATUS_IS_OK(result)) {
- return result;
+ &member_sid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
+ status = result;
+
done:
- rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
- return result;
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ return status;
}
static NTSTATUS rpc_group_addmem_internals(struct net_context *c,
}
if (group_type == SID_NAME_ALIAS) {
- NTSTATUS result = rpc_add_aliasmem(pipe_hnd, mem_ctx,
+ NTSTATUS result = rpc_add_aliasmem(pipe_hnd, cli, mem_ctx,
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
static int rpc_group_addmem(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_addmem_internals,
argc, argv);
}
const char *member)
{
struct policy_handle connect_pol, domain_pol;
- NTSTATUS result;
+ NTSTATUS status, result;
uint32 group_rid;
struct policy_handle group_pol;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
return NT_STATUS_UNSUCCESSFUL;
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
- if (!NT_STATUS_IS_OK(result))
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
+
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
- &domain_pol);
- if (!NT_STATUS_IS_OK(result))
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
init_lsa_String(&lsa_acct_name, member);
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
- &rid_types);
+ &rid_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Could not lookup up group member %s\n"),
+ member);
+ goto done;
+ }
+
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_fprintf(stderr, _("Could not lookup up group member %s\n"),
member);
goto done;
}
- result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenGroup(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
group_rid,
- &group_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpccli_samr_DeleteGroupMember(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_DeleteGroupMember(b, mem_ctx,
&group_pol,
- rids.ids[0]);
+ rids.ids[0],
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ status = result;
done:
- rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
- return result;
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ return status;
}
static NTSTATUS rpc_del_aliasmem(struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- const struct dom_sid *alias_sid,
- const char *member)
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ const struct dom_sid *alias_sid,
+ const char *member)
{
struct policy_handle connect_pol, domain_pol;
- NTSTATUS result;
+ NTSTATUS status, result;
uint32 alias_rid;
struct policy_handle alias_pol;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
struct dom_sid member_sid;
enum lsa_SidType member_type;
if (!sid_split_rid(&sid, &alias_rid))
return NT_STATUS_UNSUCCESSFUL;
- result = get_sid_from_name(rpc_pipe_np_smb_conn(pipe_hnd), mem_ctx,
+ result = get_sid_from_name(cli, mem_ctx,
member, &member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
}
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid,
- &domain_pol);
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
alias_rid,
- &alias_pol);
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
- result = rpccli_samr_DeleteAliasMember(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_DeleteAliasMember(b, mem_ctx,
&alias_pol,
- &member_sid);
+ &member_sid,
+ &result);
- if (!NT_STATUS_IS_OK(result))
- return result;
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ status = result;
done:
- rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
- return result;
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
+ return status;
}
static NTSTATUS rpc_group_delmem_internals(struct net_context *c,
}
if (group_type == SID_NAME_ALIAS) {
- NTSTATUS result = rpc_del_aliasmem(pipe_hnd, mem_ctx,
+ NTSTATUS result = rpc_del_aliasmem(pipe_hnd, cli, mem_ctx,
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
static int rpc_group_delmem(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_delmem_internals,
argc, argv);
}
const char **argv)
{
struct policy_handle connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
uint32 start_idx=0, max_entries=250, num_entries, i, loop_count = 0;
struct samr_SamArray *groups = NULL;
bool global = false;
bool local = false;
bool builtin = false;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
if (c->display_usage) {
d_printf("%s\n%s",
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
+ discard_const_p(struct dom_sid2, domain_sid),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
if (!global) break;
- get_query_dispinfo_params(
+ dcerpc_get_query_dispinfo_params(
loop_count, &max_entries, &max_size);
- result = rpccli_samr_QueryDisplayInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryDisplayInfo(b, mem_ctx,
&domain_pol,
3,
start_idx,
max_size,
&total_size,
&returned_size,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
num_entries = info.info3.count;
start_idx += info.info3.count;
do {
if (!local) break;
- result = rpccli_samr_EnumDomainAliases(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_EnumDomainAliases(b, mem_ctx,
&domain_pol,
&start_idx,
&groups,
0xffff,
- &num_entries);
+ &num_entries,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
break;
struct policy_handle alias_pol;
union samr_AliasInfo *info = NULL;
+ NTSTATUS _result;
- if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
- &domain_pol,
- 0x8,
- groups->entries[i].idx,
- &alias_pol))) &&
- (NT_STATUS_IS_OK(rpccli_samr_QueryAliasInfo(pipe_hnd, mem_ctx,
- &alias_pol,
- 3,
- &info))) &&
- (NT_STATUS_IS_OK(rpccli_samr_Close(pipe_hnd, mem_ctx,
- &alias_pol)))) {
- description = info->description.string;
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
+ &domain_pol,
+ 0x8,
+ groups->entries[i].idx,
+ &alias_pol,
+ &_result);
+ if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(_result)) {
+ status = dcerpc_samr_QueryAliasInfo(b, mem_ctx,
+ &alias_pol,
+ 3,
+ &info,
+ &_result);
+ if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(_result)) {
+ status = dcerpc_samr_Close(b, mem_ctx,
+ &alias_pol,
+ &_result);
+ if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(_result)) {
+ description = info->description.string;
+ }
+ }
}
}
}
}
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
- rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
/* Get builtin policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, &global_sid_Builtin),
- &domain_pol);
+ discard_const_p(struct dom_sid2, &global_sid_Builtin),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
+
/* query builtin aliases */
start_idx = 0;
do {
if (!builtin) break;
- result = rpccli_samr_EnumDomainAliases(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_EnumDomainAliases(b, mem_ctx,
&domain_pol,
&start_idx,
&groups,
max_entries,
- &num_entries);
+ &num_entries,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ break;
+ }
if (!NT_STATUS_IS_OK(result) &&
- !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES))
+ !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) {
+ status = result;
break;
+ }
for (i = 0; i < num_entries; i++) {
struct policy_handle alias_pol;
union samr_AliasInfo *info = NULL;
+ NTSTATUS _result;
- if ((NT_STATUS_IS_OK(rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
- &domain_pol,
- 0x8,
- groups->entries[i].idx,
- &alias_pol))) &&
- (NT_STATUS_IS_OK(rpccli_samr_QueryAliasInfo(pipe_hnd, mem_ctx,
- &alias_pol,
- 3,
- &info))) &&
- (NT_STATUS_IS_OK(rpccli_samr_Close(pipe_hnd, mem_ctx,
- &alias_pol)))) {
- description = info->description.string;
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
+ &domain_pol,
+ 0x8,
+ groups->entries[i].idx,
+ &alias_pol,
+ &_result);
+ if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(_result)) {
+ status = dcerpc_samr_QueryAliasInfo(b, mem_ctx,
+ &alias_pol,
+ 3,
+ &info,
+ &_result);
+ if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(_result)) {
+ status = dcerpc_samr_Close(b, mem_ctx,
+ &alias_pol,
+ &_result);
+ if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(_result)) {
+ description = info->description.string;
+ }
+ }
}
}
}
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
+ status = result;
+
done:
- return result;
+ return status;
}
static int rpc_group_list(struct net_context *c, int argc, const char **argv)
{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_list_internals,
argc, argv);
}
struct policy_handle *domain_pol,
uint32 rid)
{
- NTSTATUS result;
+ NTSTATUS result, status;
struct policy_handle group_pol;
uint32 num_members, *group_rids;
int i;
struct samr_RidAttrArray *rids = NULL;
struct lsa_Strings names;
struct samr_Ids types;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
fstring sid_str;
sid_to_fstring(sid_str, domain_sid);
- result = rpccli_samr_OpenGroup(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenGroup(b, mem_ctx,
domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rid,
- &group_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &group_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
- result = rpccli_samr_QueryGroupMember(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryGroupMember(b, mem_ctx,
&group_pol,
- &rids);
-
- if (!NT_STATUS_IS_OK(result))
+ &rids,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
num_members = rids->count;
group_rids = rids->rids;
if (num_members < this_time)
this_time = num_members;
- result = rpccli_samr_LookupRids(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_LookupRids(b, mem_ctx,
domain_pol,
this_time,
group_rids,
&names,
- &types);
-
- if (!NT_STATUS_IS_OK(result))
+ &types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
/* We only have users as members, but make the output
the same as the output of alias members */
}
static NTSTATUS rpc_list_alias_members(struct net_context *c,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- struct policy_handle *domain_pol,
- uint32 rid)
+ struct rpc_pipe_client *pipe_hnd,
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *domain_pol,
+ uint32 rid)
{
- NTSTATUS result;
+ NTSTATUS result, status;
struct rpc_pipe_client *lsa_pipe;
struct policy_handle alias_pol, lsa_pol;
uint32 num_members;
enum lsa_SidType *types;
int i;
struct lsa_SidArray sid_array;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
- result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
domain_pol,
MAXIMUM_ALLOWED_ACCESS,
rid,
- &alias_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &alias_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
- result = rpccli_samr_GetMembersInAlias(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_GetMembersInAlias(b, mem_ctx,
&alias_pol,
- &sid_array);
-
+ &sid_array,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, _("Couldn't list alias members\n"));
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, _("Couldn't list alias members\n"));
return result;
return NT_STATUS_OK;
}
- result = cli_rpc_pipe_open_noauth(rpc_pipe_np_smb_conn(pipe_hnd),
- &ndr_table_lsarpc.syntax_id,
+ result = cli_rpc_pipe_open_noauth(cli,
+ &ndr_table_lsarpc,
&lsa_pipe);
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, _("Couldn't open LSA pipe. Error was %s\n"),
return result;
}
- alias_sids = TALLOC_ZERO_ARRAY(mem_ctx, struct dom_sid, num_members);
+ alias_sids = talloc_zero_array(mem_ctx, struct dom_sid, num_members);
if (!alias_sids) {
d_fprintf(stderr, _("Out of memory\n"));
TALLOC_FREE(lsa_pipe);
int argc,
const char **argv)
{
- NTSTATUS result;
+ NTSTATUS result, status;
struct policy_handle connect_pol, domain_pol;
struct samr_Ids rids, rid_types;
struct lsa_String lsa_acct_name;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ discard_const_p(struct dom_sid2, domain_sid),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
init_lsa_String(&lsa_acct_name, argv[0]); /* sure? */
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
- &rid_types);
+ &rid_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
struct dom_sid sid_Builtin;
- rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
sid_copy(&sid_Builtin, &global_sid_Builtin);
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
&sid_Builtin,
- &domain_pol);
-
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, _("Couldn't find group %s\n"),
argv[0]);
return result;
}
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&rids,
- &rid_types);
-
+ &rid_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, _("Couldn't find group %s\n"),
argv[0]);
}
if (rid_types.ids[0] == SID_NAME_ALIAS) {
- return rpc_list_alias_members(c, pipe_hnd, mem_ctx, &domain_pol,
+ return rpc_list_alias_members(c, pipe_hnd, cli, mem_ctx, &domain_pol,
rids.ids[0]);
}
return rpc_group_usage(c, argc, argv);
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_members_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_group_list_internals,
argc, argv);
}
{
struct srvsvc_NetShareCtr1 *ctr1;
- ctr1 = TALLOC_ZERO_P(mem_ctx, struct srvsvc_NetShareCtr1);
+ ctr1 = talloc_zero(mem_ctx, struct srvsvc_NetShareCtr1);
W_ERROR_HAVE_NO_MEMORY(ctr1);
ctr1->count = 1;
{
struct srvsvc_NetShareCtr2 *ctr2;
- ctr2 = TALLOC_ZERO_P(mem_ctx, struct srvsvc_NetShareCtr2);
+ ctr2 = talloc_zero(mem_ctx, struct srvsvc_NetShareCtr2);
W_ERROR_HAVE_NO_MEMORY(ctr2);
ctr2->count = 1;
{
struct srvsvc_NetShareCtr502 *ctr502;
- ctr502 = TALLOC_ZERO_P(mem_ctx, struct srvsvc_NetShareCtr502);
+ ctr502 = talloc_zero(mem_ctx, struct srvsvc_NetShareCtr502);
W_ERROR_HAVE_NO_MEMORY(ctr502);
ctr502->count = 1;
{
NTSTATUS status;
- status = cli_tcon_andx(cli, netname, "A:", "", 0);
+ status = cli_tree_connect(cli, netname, "A:", "", 0);
if (!NT_STATUS_IS_OK(status)) {
d_printf(_("skipping [%s]: not a file share.\n"), netname);
return false;
/* connect destination PI_SRVSVC */
nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe,
- &ndr_table_srvsvc.syntax_id);
+ &ndr_table_srvsvc);
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_shares_internals,
argc, argv);
}
DEBUG(3,("got mask: %s, name: %s\n", mask, f->name));
/* DIRECTORY */
- if (f->mode & aDIR) {
+ if (f->mode & FILE_ATTRIBUTE_DIRECTORY) {
DEBUG(3,("got dir: %s\n", f->name));
}
/* search below that directory */
- fstrcpy(new_mask, dir);
- fstrcat(new_mask, "\\*");
+ if (strlcpy(new_mask, dir, sizeof(new_mask)) >= sizeof(new_mask)) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ if (strlcat(new_mask, "\\*", sizeof(new_mask)) >= sizeof(new_mask)) {
+ return NT_STATUS_NO_MEMORY;
+ }
old_dir = local_state->cwd;
local_state->cwd = dir;
DEBUG(3,("calling cli_list with mask: %s\n", mask));
- if ( !cli_resolve_path(talloc_tos(), "", NULL, cp_clistate->cli_share_src,
- mask, &targetcli, &targetpath ) ) {
+ status = cli_resolve_path(talloc_tos(), "", NULL,
+ cp_clistate->cli_share_src,
+ mask, &targetcli, &targetpath);
+ if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, _("cli_resolve_path %s failed with error: "
"%s\n"),
- mask, cli_errstr(cp_clistate->cli_share_src));
- return cli_nt_error(cp_clistate->cli_share_src);
+ mask, nt_errstr(status));
+ return status;
}
status = cli_list(targetcli, targetpath, cp_clistate->attribute,
cp_clistate.cli_share_src = NULL;
cp_clistate.cli_share_dst = NULL;
cp_clistate.cwd = NULL;
- cp_clistate.attribute = aSYSTEM | aHIDDEN | aDIR;
+ cp_clistate.attribute = FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_DIRECTORY;
cp_clistate.c = c;
/* open share source */
nt_status = connect_to_service(c, &cp_clistate.cli_share_src,
- &cli->dest_ss, cli->desthost,
+ smbXcli_conn_remote_sockaddr(cli->conn),
+ smbXcli_conn_remote_name(cli->conn),
info502.name, "A:");
if (!NT_STATUS_IS_OK(nt_status))
goto done;
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_files_internals,
argc, argv);
}
/* connect destination PI_SRVSVC */
nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe,
- &ndr_table_srvsvc.syntax_id);
+ &ndr_table_srvsvc);
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_security_internals,
argc, argv);
}
/* order is important. we don't want to be locked out by the share-acl
* before copying files - gd */
- ret = run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_shares_internals, argc, argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_files_internals, argc, argv);
if (ret)
return ret;
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_migrate_security_internals, argc,
argv);
}
{
uint32 start_idx, max_entries, num_entries, i;
struct samr_SamArray *groups = NULL;
- NTSTATUS result;
+ NTSTATUS result, status;
struct policy_handle domain_pol;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
- if (!NT_STATUS_IS_OK(result))
+ discard_const_p(struct dom_sid2, domain_sid),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
return result;
+ }
start_idx = 0;
max_entries = 250;
do {
- result = rpccli_samr_EnumDomainAliases(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_EnumDomainAliases(b, mem_ctx,
&domain_pol,
&start_idx,
&groups,
max_entries,
- &num_entries);
+ &num_entries,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
for (i = 0; i < num_entries; i++) {
struct policy_handle alias_pol;
struct full_alias alias;
struct lsa_SidArray sid_array;
int j;
+ NTSTATUS _result;
- result = rpccli_samr_OpenAlias(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenAlias(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
groups->entries[i].idx,
- &alias_pol);
- if (!NT_STATUS_IS_OK(result))
+ &alias_pol,
+ &_result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(_result)) {
+ status = _result;
goto done;
+ }
- result = rpccli_samr_GetMembersInAlias(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_GetMembersInAlias(b, mem_ctx,
&alias_pol,
- &sid_array);
- if (!NT_STATUS_IS_OK(result))
+ &sid_array,
+ &_result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(_result)) {
+ status = _result;
goto done;
+ }
alias.num_members = sid_array.num_sids;
- result = rpccli_samr_Close(pipe_hnd, mem_ctx, &alias_pol);
- if (!NT_STATUS_IS_OK(result))
+ status = dcerpc_samr_Close(b, mem_ctx, &alias_pol, &_result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(_result)) {
+ status = _result;
goto done;
+ }
alias.members = NULL;
}
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
- result = NT_STATUS_OK;
+ status = NT_STATUS_OK;
done:
- rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
- return result;
+ return status;
}
/*
int i;
NTSTATUS result;
struct policy_handle lsa_pol;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true,
SEC_FLAG_MAXIMUM_ALLOWED,
for (j=0; j<alias->num_members; j++)
DEBUG(1, ("%s\\%s (%d); ",
- domains[j] ? domains[j] : "*unknown*",
+ domains[j] ? domains[j] : "*unknown*",
names[j] ? names[j] : "*unknown*",types[j]));
DEBUG(1, ("\n"));
}
- rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
+ dcerpc_lsa_Close(b, mem_ctx, &lsa_pol, &result);
return NT_STATUS_OK;
}
int argc,
const char **argv)
{
- NTSTATUS result;
+ NTSTATUS result, status;
struct policy_handle connect_pol;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
-
- if (!NT_STATUS_IS_OK(result))
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+ if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
+ }
- result = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol,
+ status = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol,
&global_sid_Builtin);
-
- if (!NT_STATUS_IS_OK(result))
+ if (!NT_STATUS_IS_OK(status)) {
goto done;
+ }
- result = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol,
+ status = rpc_fetch_domain_aliases(pipe_hnd, mem_ctx, &connect_pol,
domain_sid);
- rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
done:
- return result;
+ return status;
}
static void init_user_token(struct security_token *token, struct dom_sid *user_sid)
enum wbcSidType type;
fstring full_name;
struct wbcDomainSid wsid;
- char *sid_str = NULL;
+ char sid_str[WBC_SID_STRING_BUFLEN];
struct dom_sid user_sid;
uint32_t num_groups;
gid_t *groups = NULL;
return false;
}
- wbc_status = wbcSidToString(&wsid, &sid_str);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- return false;
- }
+ wbcSidToStringBuf(&wsid, sid_str, sizeof(sid_str));
if (type != WBC_SID_NAME_USER) {
- wbcFreeMemory(sid_str);
DEBUG(1, ("%s is not a user\n", full_name));
return false;
}
return false;
}
- wbcFreeMemory(sid_str);
- sid_str = NULL;
-
init_user_token(token, &user_sid);
/* And now the groups winbind knows about */
for (i = 0; i < num_groups; i++) {
gid_t gid = groups[i];
struct dom_sid sid;
+ bool ok;
wbc_status = wbcGidToSid(gid, &wsid);
if (!WBC_ERROR_IS_OK(wbc_status)) {
return false;
}
- wbc_status = wbcSidToString(&wsid, &sid_str);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- wbcFreeMemory(groups);
- return false;
- }
+ wbcSidToStringBuf(&wsid, sid_str, sizeof(sid_str));
DEBUG(3, (" %s\n", sid_str));
- string_to_sid(&sid, sid_str);
- wbcFreeMemory(sid_str);
- sid_str = NULL;
-
+ ok = string_to_sid(&sid, sid_str);
+ if (!ok) {
+ DEBUG(1, ("Failed to convert string to SID\n"));
+ wbcFreeMemory(groups);
+ return false;
+ }
add_sid_to_token(token, &sid);
}
wbcFreeMemory(groups);
} else {
*p++ = '\0';
fstrcpy(domain, users[i]);
- strupper_m(domain);
+ if (!strupper_m(domain)) {
+ DEBUG(1, ("strupper_m %s failed\n", domain));
+ wbcFreeMemory(users);
+ return false;
+ }
fstrcpy(user, p);
}
get_user_sids(domain, user, &(result[i].token));
- i+=1;
}
TALLOC_FREE(frame);
wbcFreeMemory(users);
token = &((*tokens)[*num_tokens-1]);
- fstrcpy(token->name, line);
+ if (strlcpy(token->name, line, sizeof(token->name)) >= sizeof(token->name)) {
+ return false;
+ }
token->token.num_sids = 0;
token->token.sids = NULL;
continue;
}
-
+
return false;
}
*/
static void show_userlist(struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- const char *netname,
- int num_tokens,
- struct user_token *tokens)
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ const char *netname,
+ int num_tokens,
+ struct user_token *tokens)
{
uint16_t fnum;
struct security_descriptor *share_sd = NULL;
struct security_descriptor *root_sd = NULL;
- struct cli_state *cli = rpc_pipe_np_smb_conn(pipe_hnd);
int i;
union srvsvc_NetShareInfo info;
WERROR result;
netname));
}
- cnum = cli->cnum;
+ cnum = cli_state_get_tid(cli);
- if (!NT_STATUS_IS_OK(cli_tcon_andx(cli, netname, "A:", "", 0))) {
+ if (!NT_STATUS_IS_OK(cli_tree_connect(cli, netname, "A:", "", 0))) {
return;
}
if (!NT_STATUS_IS_OK(cli_ntcreate(cli, "\\", 0, READ_CONTROL_ACCESS, 0,
FILE_SHARE_READ|FILE_SHARE_WRITE, FILE_OPEN, 0x0, 0x0, &fnum))) {
- root_sd = cli_query_secdesc(cli, fnum, mem_ctx);
+ cli_query_secdesc(cli, fnum, mem_ctx, &root_sd);
}
for (i=0; i<num_tokens; i++) {
if (fnum != (uint16_t)-1)
cli_close(cli, fnum);
cli_tdis(cli);
- cli->cnum = cnum;
-
- return;
-}
+ cli_state_set_tid(cli, cnum);
-struct share_list {
- int num_shares;
- char **shares;
-};
-
-static void collect_share(const char *name, uint32 m,
- const char *comment, void *state)
-{
- struct share_list *share_list = (struct share_list *)state;
-
- if (m != STYPE_DISKTREE)
- return;
-
- share_list->num_shares += 1;
- share_list->shares = SMB_REALLOC_ARRAY(share_list->shares, char *, share_list->num_shares);
- if (!share_list->shares) {
- share_list->num_shares = 0;
- return;
- }
- share_list->shares[share_list->num_shares-1] = SMB_STRDUP(name);
+ return;
}
/**
int argc,
const char **argv)
{
- int ret;
bool r;
- uint32 i;
FILE *f;
+ NTSTATUS nt_status = NT_STATUS_OK;
+ uint32_t total_entries = 0;
+ uint32_t resume_handle = 0;
+ uint32_t preferred_len = 0xffffffff;
+ uint32_t i;
+ struct dcerpc_binding_handle *b = NULL;
+ struct srvsvc_NetShareInfoCtr info_ctr;
+ struct srvsvc_NetShareCtr1 ctr1;
+ WERROR result;
struct user_token *tokens = NULL;
int num_tokens = 0;
- struct share_list share_list;
-
if (argc == 0) {
f = stdin;
} else {
for (i=0; i<num_tokens; i++)
collect_alias_memberships(&tokens[i].token);
- share_list.num_shares = 0;
- share_list.shares = NULL;
+ ZERO_STRUCT(info_ctr);
+ ZERO_STRUCT(ctr1);
- ret = cli_RNetShareEnum(cli, collect_share, &share_list);
+ info_ctr.level = 1;
+ info_ctr.ctr.ctr1 = &ctr1;
+
+ b = pipe_hnd->binding_handle;
+
+ /* Issue the NetShareEnum RPC call and retrieve the response */
+ nt_status = dcerpc_srvsvc_NetShareEnumAll(b,
+ talloc_tos(),
+ pipe_hnd->desthost,
+ &info_ctr,
+ preferred_len,
+ &total_entries,
+ &resume_handle,
+ &result);
+
+ /* Was it successful? */
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ /* Nope. Go clean up. */
+ goto done;
+ }
+
+ if (!W_ERROR_IS_OK(result)) {
+ /* Nope. Go clean up. */
+ nt_status = werror_to_ntstatus(result);
+ goto done;
+ }
- if (ret == -1) {
- DEBUG(0, ("Error returning browse list: %s\n",
- cli_errstr(cli)));
+ if (total_entries == 0) {
goto done;
}
- for (i = 0; i < share_list.num_shares; i++) {
- char *netname = share_list.shares[i];
+ /* For each returned entry... */
+ for (i = 0; i < info_ctr.ctr.ctr1->count; i++) {
+ const char *netname = info_ctr.ctr.ctr1->array[i].name;
- if (netname[strlen(netname)-1] == '$')
+ if (info_ctr.ctr.ctr1->array[i].type != STYPE_DISKTREE) {
continue;
+ }
d_printf("%s\n", netname);
- show_userlist(pipe_hnd, mem_ctx, netname,
+ show_userlist(pipe_hnd, cli, mem_ctx, netname,
num_tokens, tokens);
}
done:
free_user_token(&tokens[i].token);
}
SAFE_FREE(tokens);
- SAFE_FREE(share_list.shares);
- return NT_STATUS_OK;
+ return nt_status;
}
static int rpc_share_allowedusers(struct net_context *c, int argc,
return 0;
}
- result = run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ result = run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_aliaslist_internals,
argc, argv);
if (result != 0)
return result;
- result = run_rpc_command(c, NULL, &ndr_table_lsarpc.syntax_id, 0,
+ result = run_rpc_command(c, NULL, &ndr_table_lsarpc, 0,
rpc_aliaslist_dump,
argc, argv);
if (result != 0)
return result;
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_srvsvc, 0,
rpc_share_allowedusers_internals,
argc, argv);
}
if (!get_user_tokens(c, &num_tokens, &tokens)) {
DEBUG(0, ("Could not get the user/sid list\n"));
- return 0;
+ return -1;
}
for (i=0; i<num_tokens; i++) {
}
SAFE_FREE(tokens);
- return 1;
+ return 0;
}
int net_usersidlist_usage(struct net_context *c, int argc, const char **argv)
{
static struct rpc_sh_cmd cmds[] = {
- { "list", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_list,
+ { "list", NULL, &ndr_table_srvsvc, rpc_sh_share_list,
N_("List available shares") },
- { "add", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_add,
+ { "add", NULL, &ndr_table_srvsvc, rpc_sh_share_add,
N_("Add a share") },
- { "delete", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_delete,
+ { "delete", NULL, &ndr_table_srvsvc, rpc_sh_share_delete,
N_("Delete a share") },
- { "info", NULL, &ndr_table_srvsvc.syntax_id, rpc_sh_share_info,
+ { "info", NULL, &ndr_table_srvsvc, rpc_sh_share_info,
N_("Get information about a share") },
{ NULL, NULL, 0, NULL, NULL }
{
NET_API_STATUS status;
uint32 preferred_len = 0xffffffff, i;
- const char *username=NULL;
+ char *username=NULL;
uint32_t total_entries = 0;
uint32_t entries_read = 0;
uint32_t resume_handle = 0;
display_file_info_3(&i3[i]);
}
done:
+ SAFE_FREE(username);
return status;
}
return 0;
}
- rc = run_rpc_command(c, NULL, &ndr_table_initshutdown.syntax_id, 0,
+ rc = run_rpc_command(c, NULL, &ndr_table_initshutdown, 0,
rpc_shutdown_abort_internals, argc, argv);
if (rc == 0)
DEBUG(1, ("initshutdown pipe didn't work, trying winreg pipe\n"));
- return run_rpc_command(c, NULL, &ndr_table_winreg.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_winreg, 0,
rpc_reg_shutdown_abort_internals,
argc, argv);
}
return 0;
}
- rc = run_rpc_command(c, NULL, &ndr_table_initshutdown.syntax_id, 0,
+ rc = run_rpc_command(c, NULL, &ndr_table_initshutdown, 0,
rpc_init_shutdown_internals, argc, argv);
if (rc) {
DEBUG(1, ("initshutdown pipe failed, trying winreg pipe\n"));
- rc = run_rpc_command(c, NULL, &ndr_table_winreg.syntax_id, 0,
+ rc = run_rpc_command(c, NULL, &ndr_table_winreg, 0,
rpc_reg_shutdown_internals, argc, argv);
}
const char **argv)
{
struct policy_handle connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
char *acct_name;
struct lsa_String lsa_acct_name;
uint32 acb_info;
uint32_t access_granted = 0;
union samr_UserInfo info;
unsigned int orig_timeout;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
+ DATA_BLOB session_key = data_blob_null;
if (argc != 2) {
d_printf("%s\n%s",
return NT_STATUS_NO_MEMORY;
}
- strupper_m(acct_name);
+ if (!strupper_m(acct_name)) {
+ SAFE_FREE(acct_name);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
init_lsa_String(&lsa_acct_name, acct_name);
+ status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("Error getting session_key of SAM pipe. Error was %s\n",
+ nt_errstr(status)));
+ goto done;
+ }
+
/* Get samr policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
+ discard_const_p(struct dom_sid2, domain_sid),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
- result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_CreateUser2(b, mem_ctx,
&domain_pol,
&lsa_acct_name,
acb_info,
acct_flags,
&user_pol,
&access_granted,
- &user_rid);
-
+ &user_rid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
/* And restore our original timeout. */
rpccli_set_timeout(pipe_hnd, orig_timeout);
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_printf(_("net rpc trustdom add: create user %s failed %s\n"),
acct_name, nt_errstr(result));
goto done;
ZERO_STRUCT(info.info23);
init_samr_CryptPassword(argv[1],
- &cli->user_session_key,
+ &session_key,
&crypt_pwd);
info.info23.info.fields_present = SAMR_FIELD_ACCT_FLAGS |
info.info23.info.acct_flags = ACB_DOMTRUST;
info.info23.password = crypt_pwd;
- result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_SetUserInfo2(b, mem_ctx,
&user_pol,
23,
- &info);
+ &info,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
DEBUG(0,("Could not set trust account password: %s\n",
nt_errstr(result)));
goto done;
done:
SAFE_FREE(acct_name);
- return result;
+ data_blob_clear_free(&session_key);
+ return status;
}
/**
static int rpc_trustdom_add(struct net_context *c, int argc, const char **argv)
{
if (argc > 0 && !c->display_usage) {
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_trustdom_add_internals, argc, argv);
} else {
d_printf("%s\n%s",
const char **argv)
{
struct policy_handle connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NTSTATUS status, result;
char *acct_name;
struct dom_sid trust_acct_sid;
struct samr_Ids user_rids, name_types;
struct lsa_String lsa_acct_name;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
if (argc != 1) {
d_printf("%s\n%s",
if (acct_name == NULL)
return NT_STATUS_NO_MEMORY;
- strupper_m(acct_name);
+ if (!strupper_m(acct_name)) {
+ TALLOC_FREE(acct_name);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
/* Get samr policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
+ discard_const_p(struct dom_sid2, domain_sid),
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
init_lsa_String(&lsa_acct_name, acct_name);
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_LookupNames(b, mem_ctx,
&domain_pol,
1,
&lsa_acct_name,
&user_rids,
- &name_types);
-
+ &name_types,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(_("net rpc trustdom del: LookupNames on user %s "
+ "failed %s\n"),
+ acct_name, nt_errstr(status));
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_printf(_("net rpc trustdom del: LookupNames on user %s "
"failed %s\n"),
acct_name, nt_errstr(result) );
goto done;
}
- result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenUser(b, mem_ctx,
&domain_pol,
MAXIMUM_ALLOWED_ACCESS,
user_rids.ids[0],
- &user_pol);
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(_("net rpc trustdom del: OpenUser on user %s failed "
+ "%s\n"),
+ acct_name, nt_errstr(status) );
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_printf(_("net rpc trustdom del: OpenUser on user %s failed "
"%s\n"),
acct_name, nt_errstr(result) );
/* remove the sid */
- result = rpccli_samr_RemoveMemberFromForeignDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_RemoveMemberFromForeignDomain(b, mem_ctx,
&user_pol,
- &trust_acct_sid);
+ &trust_acct_sid,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(_("net rpc trustdom del: RemoveMemberFromForeignDomain"
+ " on user %s failed %s\n"),
+ acct_name, nt_errstr(status));
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
d_printf(_("net rpc trustdom del: RemoveMemberFromForeignDomain"
" on user %s failed %s\n"),
acct_name, nt_errstr(result) );
goto done;
}
+
/* Delete user */
- result = rpccli_samr_DeleteUser(pipe_hnd, mem_ctx,
- &user_pol);
+ status = dcerpc_samr_DeleteUser(b, mem_ctx,
+ &user_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_printf(_("net rpc trustdom del: DeleteUser on user %s failed "
+ "%s\n"),
+ acct_name, nt_errstr(status));
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ result = status;
d_printf(_("net rpc trustdom del: DeleteUser on user %s failed "
"%s\n"),
acct_name, nt_errstr(result) );
}
done:
- return result;
+ return status;
}
/**
static int rpc_trustdom_del(struct net_context *c, int argc, const char **argv)
{
if (argc > 0 && !c->display_usage) {
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_samr, 0,
rpc_trustdom_del_internals, argc, argv);
} else {
d_printf("%s\n%s",
/* Try netr_GetDcName */
- status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon.syntax_id,
+ status = cli_rpc_pipe_open_noauth(cli, &ndr_table_netlogon,
&netr);
if (!NT_STATUS_IS_OK(status)) {
return status;
b = netr->binding_handle;
status = dcerpc_netr_GetDcName(b, mem_ctx,
- cli->desthost,
+ netr->desthost,
domain_name,
&buffer,
&result);
struct rpc_pipe_client *pipe_hnd = NULL;
struct policy_handle connect_hnd;
TALLOC_CTX *mem_ctx;
- NTSTATUS nt_status;
+ NTSTATUS nt_status, result;
struct dom_sid *domain_sid;
char* domain_name;
char* acct_name;
fstring pdc_name;
union lsa_PolicyInformation *info = NULL;
+ struct dcerpc_binding_handle *b;
/*
* Connect to \\server\ipc$ as 'our domain' account with password
}
domain_name = smb_xstrdup(argv[0]);
- strupper_m(domain_name);
+ if (!strupper_m(domain_name)) {
+ SAFE_FREE(domain_name);
+ return -1;
+ }
/* account name used at first is our domain's name with '$' */
if (asprintf(&acct_name, "%s$", lp_workgroup()) == -1) {
return -1;
}
- strupper_m(acct_name);
+ if (!strupper_m(acct_name)) {
+ SAFE_FREE(domain_name);
+ SAFE_FREE(acct_name);
+ return -1;
+ }
/*
* opt_workgroup will be used by connection functions further,
* Call LsaOpenPolicy and LsaQueryInfo
*/
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) ));
return -1;
}
+ b = pipe_hnd->binding_handle;
+
nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
/* Querying info level 5 */
- nt_status = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
&connect_hnd,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
- &info);
+ &info,
+ &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
talloc_destroy(mem_ctx);
return -1;
}
+ if (NT_STATUS_IS_ERR(result)) {
+ DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
domain_sid = info->account_domain.sid;
* Close the pipes and clean up
*/
- nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = dcerpc_lsa_Close(b, mem_ctx, &connect_hnd, &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n",
nt_errstr(nt_status)));
/* generate upper cased domain name */
domain_name = smb_xstrdup(argv[0]);
- strupper_m(domain_name);
+ if (!strupper_m(domain_name)) {
+ SAFE_FREE(domain_name);
+ return -1;
+ }
/* delete password of the trust */
if (!pdb_del_trusteddom_pw(domain_name)) {
struct dom_sid dom_sid,
const char *trusted_dom_name)
{
- NTSTATUS nt_status;
+ NTSTATUS nt_status, result;
union lsa_TrustedDomainInfo *info = NULL;
char *cleartextpwd = NULL;
- uint8_t session_key[16];
- DATA_BLOB session_key_blob;
+ DATA_BLOB session_key;
DATA_BLOB data = data_blob_null;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
- nt_status = rpccli_lsa_QueryTrustedDomainInfoBySid(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_lsa_QueryTrustedDomainInfoBySid(b, mem_ctx,
pol,
&dom_sid,
LSA_TRUSTED_DOMAIN_INFO_PASSWORD,
- &info);
+ &info,
+ &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0,("Could not query trusted domain info. Error was %s\n",
nt_errstr(nt_status)));
goto done;
}
+ if (NT_STATUS_IS_ERR(result)) {
+ nt_status = result;
+ DEBUG(0,("Could not query trusted domain info. Error was %s\n",
+ nt_errstr(result)));
+ goto done;
+ }
data = data_blob(info->password.password->data,
info->password.password->length);
- if (!rpccli_get_pwd_hash(pipe_hnd, session_key)) {
- DEBUG(0, ("Could not retrieve password hash\n"));
+ nt_status = cli_get_session_key(mem_ctx, pipe_hnd, &session_key);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Could not retrieve session key: %s\n", nt_errstr(nt_status)));
goto done;
}
- session_key_blob = data_blob_const(session_key, sizeof(session_key));
- cleartextpwd = sess_decrypt_string(mem_ctx, &data, &session_key_blob);
+ cleartextpwd = sess_decrypt_string(mem_ctx, &data, &session_key);
+ data_blob_free(&session_key);
if (cleartextpwd == NULL) {
DEBUG(0,("retrieved NULL password\n"));
TALLOC_CTX* mem_ctx;
struct cli_state *cli = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
- NTSTATUS nt_status;
+ NTSTATUS nt_status, result;
const char *domain_name = NULL;
- struct dom_sid *queried_dom_sid;
struct policy_handle connect_hnd;
union lsa_PolicyInformation *info = NULL;
int i;
struct lsa_DomainList dom_list;
fstring pdc_name;
+ struct dcerpc_binding_handle *b;
if (c->display_usage) {
d_printf( "%s\n"
* or to remote one given in command line
*/
- if (StrCaseCmp(c->opt_workgroup, lp_workgroup())) {
+ if (strcasecmp_m(c->opt_workgroup, lp_workgroup())) {
domain_name = c->opt_workgroup;
c->opt_target_workgroup = c->opt_workgroup;
} else {
- fstrcpy(pdc_name, global_myname());
+ fstrcpy(pdc_name, lp_netbios_name());
domain_name = talloc_strdup(mem_ctx, lp_workgroup());
c->opt_target_workgroup = domain_name;
};
return -1;
};
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
return -1;
};
+ b = pipe_hnd->binding_handle;
+
nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
};
/* query info level 5 to obtain sid of a domain being queried */
- nt_status = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
&connect_hnd,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
- &info);
+ &info,
+ &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
talloc_destroy(mem_ctx);
return -1;
}
-
- queried_dom_sid = info->account_domain.sid;
+ if (NT_STATUS_IS_ERR(result)) {
+ DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
/*
* Keep calling LsaEnumTrustdom over opened pipe until
d_printf(_("Vampire trusted domains:\n\n"));
do {
- nt_status = rpccli_lsa_EnumTrustDom(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_lsa_EnumTrustDom(b, mem_ctx,
&connect_hnd,
&enum_ctx,
&dom_list,
- (uint32_t)-1);
+ (uint32_t)-1,
+ &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
talloc_destroy(mem_ctx);
return -1;
};
+ if (NT_STATUS_IS_ERR(result)) {
+ nt_status = result;
+ DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ };
+
for (i = 0; i < dom_list.count; i++) {
print_trusted_domain(dom_list.domains[i].sid,
dom_list.domains[i].name.string);
- nt_status = vampire_trusted_domain(pipe_hnd, mem_ctx, &connect_hnd,
+ nt_status = vampire_trusted_domain(pipe_hnd, mem_ctx, &connect_hnd,
*dom_list.domains[i].sid,
dom_list.domains[i].name.string);
if (!NT_STATUS_IS_OK(nt_status)) {
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close this connection before doing next one */
- nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = dcerpc_lsa_Close(b, mem_ctx, &connect_hnd, &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
TALLOC_CTX* mem_ctx;
struct cli_state *cli = NULL, *remote_cli = NULL;
struct rpc_pipe_client *pipe_hnd = NULL;
- NTSTATUS nt_status;
+ NTSTATUS nt_status, result;
const char *domain_name = NULL;
struct dom_sid *queried_dom_sid;
int ascii_dom_name_len;
struct policy_handle connect_hnd;
union lsa_PolicyInformation *info = NULL;
+ struct dcerpc_binding_handle *b = NULL;
/* trusted domains listing variables */
unsigned int num_domains, enum_ctx = 0;
* or to remote one given in command line
*/
- if (StrCaseCmp(c->opt_workgroup, lp_workgroup())) {
+ if (strcasecmp_m(c->opt_workgroup, lp_workgroup())) {
domain_name = c->opt_workgroup;
c->opt_target_workgroup = c->opt_workgroup;
} else {
- fstrcpy(pdc_name, global_myname());
+ fstrcpy(pdc_name, lp_netbios_name());
domain_name = talloc_strdup(mem_ctx, lp_workgroup());
c->opt_target_workgroup = domain_name;
};
return -1;
};
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
return -1;
};
+ b = pipe_hnd->binding_handle;
+
nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE,
&connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
talloc_destroy(mem_ctx);
return -1;
};
-
+
/* query info level 5 to obtain sid of a domain being queried */
- nt_status = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
&connect_hnd,
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
- &info);
+ &info,
+ &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
talloc_destroy(mem_ctx);
return -1;
}
+ if (NT_STATUS_IS_ERR(result)) {
+ DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
queried_dom_sid = info->account_domain.sid;
found_domain = false;
do {
- nt_status = rpccli_lsa_EnumTrustDom(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_lsa_EnumTrustDom(b, mem_ctx,
&connect_hnd,
&enum_ctx,
&dom_list,
- (uint32_t)-1);
+ (uint32_t)-1,
+ &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
talloc_destroy(mem_ctx);
return -1;
};
+ if (NT_STATUS_IS_ERR(result)) {
+ DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ };
+
for (i = 0; i < dom_list.count; i++) {
print_trusted_domain(dom_list.domains[i].sid,
}
/* close this connection before doing next one */
- nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = dcerpc_lsa_Close(b, mem_ctx, &connect_hnd, &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
talloc_destroy(mem_ctx);
return -1;
};
-
+
TALLOC_FREE(pipe_hnd);
/*
* Listing trusting domains (stored in passdb backend, if local)
*/
-
+
d_printf(_("\nTrusting domains list:\n\n"));
/*
* Open \PIPE\samr and get needed policy handles
*/
- nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr.syntax_id,
+ nt_status = cli_rpc_pipe_open_noauth(cli, &ndr_table_samr,
&pipe_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status)));
return -1;
};
+ b = pipe_hnd->binding_handle;
+
/* SamrConnect2 */
- nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_samr_Connect2(b, mem_ctx,
pipe_hnd->desthost,
SAMR_ACCESS_LOOKUP_DOMAIN,
- &connect_hnd);
+ &connect_hnd,
+ &result);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
nt_errstr(nt_status)));
talloc_destroy(mem_ctx);
return -1;
};
+ if (!NT_STATUS_IS_OK(result)) {
+ nt_status = result;
+ DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ };
/* SamrOpenDomain - we have to open domain policy handle in order to be
able to enumerate accounts*/
- nt_status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_hnd,
SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
queried_dom_sid,
- &domain_hnd);
+ &domain_hnd,
+ &result);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open domain object. Error was %s\n",
nt_errstr(nt_status)));
talloc_destroy(mem_ctx);
return -1;
};
+ if (!NT_STATUS_IS_OK(result)) {
+ nt_status = result;
+ DEBUG(0, ("Couldn't open domain object. Error was %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ };
/*
* perform actual enumeration
enum_ctx = 0; /* reset enumeration context from last enumeration */
do {
- nt_status = rpccli_samr_EnumDomainUsers(pipe_hnd, mem_ctx,
+ nt_status = dcerpc_samr_EnumDomainUsers(b, mem_ctx,
&domain_hnd,
&enum_ctx,
ACB_DOMTRUST,
&trusts,
0xffff,
- &num_domains);
+ &num_domains,
+ &result);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n",
nt_errstr(nt_status)));
talloc_destroy(mem_ctx);
return -1;
};
+ if (NT_STATUS_IS_ERR(result)) {
+ nt_status = result;
+ DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n",
+ nt_errstr(result)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ };
for (i = 0; i < num_domains; i++) {
- char *str = CONST_DISCARD(char *, trusts->entries[i].name.string);
+ char *str = discard_const_p(char, trusts->entries[i].name.string);
found_domain = true;
str[ascii_dom_name_len - 1] = '\0';
/* set opt_* variables to remote domain */
- strupper_m(str);
+ if (!strupper_m(str)) {
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
+ return -1;
+ }
c->opt_workgroup = talloc_strdup(mem_ctx, str);
c->opt_target_workgroup = c->opt_workgroup;
/* query for domain's sid */
if (run_rpc_command(
c, remote_cli,
- &ndr_table_lsarpc.syntax_id, 0,
+ &ndr_table_lsarpc, 0,
rpc_query_domain_sid, argc,
argv))
d_printf(_("strange - couldn't get domain's sid\n"));
}
}
- } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
+ } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
if (!found_domain) {
d_printf("none\n");
}
/* close opened samr and domain policy handles */
- nt_status = rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_hnd);
+ nt_status = dcerpc_samr_Close(b, mem_ctx, &domain_hnd, &result);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't properly close domain policy handle for domain %s\n", domain_name));
};
- nt_status = rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = dcerpc_samr_Close(b, mem_ctx, &connect_hnd, &result);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't properly close samr policy handle for domain %s\n", domain_name));
};
if (!net_find_server(c, NULL, flags, &server_ss, &server_name))
return false;
- if ((cli = cli_initialise()) == NULL) {
+ status = cli_connect_nb(server_name, &server_ss, 0, 0x20,
+ lp_netbios_name(), SMB_SIGNING_DEFAULT,
+ 0, &cli);
+ if (!NT_STATUS_IS_OK(status)) {
return false;
}
-
- status = cli_connect(cli, server_name, &server_ss);
- if (!NT_STATUS_IS_OK(status))
- goto done;
- if (!attempt_netbios_session_request(&cli, global_myname(),
- server_name, &server_ss))
- goto done;
- status = cli_negprot(cli);
+ status = smbXcli_negprot(cli->conn, cli->timeout, PROTOCOL_CORE,
+ PROTOCOL_NT1);
if (!NT_STATUS_IS_OK(status))
goto done;
- if (cli->protocol < PROTOCOL_NT1)
+ if (smbXcli_conn_protocol(cli->conn) < PROTOCOL_NT1)
goto done;
ret = true;
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
+ return run_rpc_command(c, NULL, &ndr_table_netlogon,
NET_FLAGS_ANONYMOUS,
rpc_samdump_internals, argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_netlogon.syntax_id,
- NET_FLAGS_ANONYMOUS,
- rpc_vampire_internals,
- argc, argv);
+ return rpc_vampire_passdb(c, argc, argv);
}
return net_run_function(c, argc, argv, "net rpc vampire", func);
return -1;
}
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_printers_internals, argc,
argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_drivers_internals, argc,
argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_forms_internals, argc, argv);
if (ret)
return ret;
- ret = run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ ret = run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_settings_internals, argc,
argv);
if (ret)
return ret;
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_security_internals, argc,
argv);
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_drivers_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_forms_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_printers_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_security_internals,
argc, argv);
}
return -1;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_migrate_settings_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_list_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_driver_list_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_publish_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_update_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_unpublish_internals,
argc, argv);
}
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_list_internals,
argc, argv);
}
net_display_usage_from_functable(func);
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_publish_list_internals,
argc, argv);
}
net_display_usage_from_functable(func);
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_spoolss.syntax_id, 0,
+ return run_rpc_command(c, NULL, &ndr_table_spoolss, 0,
rpc_printer_list_internals,
argc, argv);
}
N_("net rpc shell\n"
" Open interactive shell on remote server")
},
+ {
+ "trust",
+ net_rpc_trust,
+ NET_TRANSPORT_RPC,
+ N_("Manage trusts"),
+ N_("net rpc trust\n"
+ " Manage trusts")
+ },
+ {
+ "conf",
+ net_rpc_conf,
+ NET_TRANSPORT_RPC,
+ N_("Configure a remote samba server"),
+ N_("net rpc conf\n"
+ " Configure a remote samba server")
+ },
{NULL, NULL, 0, NULL, NULL}
};