/**
* Rename a user on a remote RPC server.
*
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success).
**/
-static NTSTATUS rpc_user_rename_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_user_rename(struct net_context *c, int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 info_level = 7;
- const char *old_name, *new_name;
- struct samr_Ids user_rids, name_types;
- struct lsa_String lsa_acct_name;
- union samr_UserInfo *info = NULL;
+ NET_API_STATUS status;
+ struct USER_INFO_0 u0;
+ uint32_t parm_err = 0;
if (argc != 2 || c->display_usage) {
rpc_user_usage(c, argc, argv);
- return NT_STATUS_OK;
- }
-
- old_name = argv[0];
- new_name = argv[1];
-
- /* Get sam policy handle */
-
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Get domain policy handle */
-
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- init_lsa_String(&lsa_acct_name, old_name);
-
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
- &domain_pol,
- 1,
- &lsa_acct_name,
- &user_rids,
- &name_types);
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Open domain user */
- result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
- &domain_pol,
- MAXIMUM_ALLOWED_ACCESS,
- user_rids.ids[0],
- &user_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Query user info */
- result = rpccli_samr_QueryUserInfo(pipe_hnd, mem_ctx,
- &user_pol,
- info_level,
- &info);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
+ return 0;
}
- init_samr_user_info7(&info->info7, new_name);
-
- /* Set new name */
- result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
- &user_pol,
- info_level,
- info);
+ u0.usri0_name = argv[1];
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- done:
- if (!NT_STATUS_IS_OK(result)) {
- d_fprintf(stderr, "Failed to rename user from %s to %s - %s\n", old_name, new_name,
- nt_errstr(result));
+ status = NetUserSetInfo(c->opt_host, argv[0],
+ 0, (uint8_t *)&u0, &parm_err);
+ if (status) {
+ d_fprintf(stderr, "Failed to rename user from %s to %s - %s\n",
+ argv[0], argv[1],
+ libnetapi_get_error_string(c->netapi_ctx, status));
} else {
- d_printf("Renamed user from %s to %s\n", old_name, new_name);
+ d_printf("Renamed user from %s to %s\n", argv[0], argv[1]);
}
- return result;
-}
-
-/**
- * Rename a user on a remote RPC server.
- *
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return A shell status integer (0 for success).
- **/
-static int rpc_user_rename(struct net_context *c, int argc, const char **argv)
-{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
- rpc_user_rename_internals, argc, argv);
+ return status;
}
/**
}
/**
- * Set a password for a user on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
+ * Set a user's password on a remote RPC server.
*
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success).
**/
-static NTSTATUS rpc_user_password_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_user_password(struct net_context *c, int argc, const char **argv)
{
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- POLICY_HND connect_pol, domain_pol, user_pol;
- uchar pwbuf[516];
- const char *user;
- const char *new_password;
+ NET_API_STATUS status;
char *prompt = NULL;
- union samr_UserInfo info;
+ struct USER_INFO_1003 u1003;
+ uint32_t parm_err = 0;
if (argc < 1 || c->display_usage) {
rpc_user_usage(c, argc, argv);
- return NT_STATUS_OK;
+ return 0;
}
- user = argv[0];
-
if (argv[1]) {
- new_password = argv[1];
+ u1003.usri1003_password = argv[1];
} else {
- asprintf(&prompt, "Enter new password for %s:", user);
- new_password = getpass(prompt);
- SAFE_FREE(prompt);
- }
-
- /* Get sam policy and domain handles */
-
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Get handle on user */
-
- {
- struct samr_Ids user_rids, name_types;
- struct lsa_String lsa_acct_name;
-
- init_lsa_String(&lsa_acct_name, user);
-
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
- &domain_pol,
- 1,
- &lsa_acct_name,
- &user_rids,
- &name_types);
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
- &domain_pol,
- MAXIMUM_ALLOWED_ACCESS,
- user_rids.ids[0],
- &user_pol);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
+ if (asprintf(&prompt, "Enter new password for %s:", argv[0]) == -1) {
+ return -1;
}
+ u1003.usri1003_password = getpass(prompt);
+ SAFE_FREE(prompt);
}
- /* Set password on account */
-
- encode_pw_buffer(pwbuf, new_password, STR_UNICODE);
-
- init_samr_user_info24(&info.info24, pwbuf, 24);
-
- SamOEMhashBlob(info.info24.password.data, 516,
- &cli->user_session_key);
-
- result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
- &user_pol,
- 24,
- &info);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
+ status = NetUserSetInfo(c->opt_host, argv[0], 1003, (uint8_t *)&u1003, &parm_err);
/* Display results */
+ if (status != 0) {
+ d_fprintf(stderr, "Failed to set password for '%s' with: %s.\n",
+ argv[0], libnetapi_get_error_string(c->netapi_ctx,
+ status));
+ return -1;
+ }
- done:
- return result;
-
+ return 0;
}
/**
- * Set a user's password on a remote RPC server.
+ * List a user's groups from a remote RPC server.
*
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return A shell status integer (0 for success).
+ * @return A shell status integer (0 for success)
**/
-static int rpc_user_password(struct net_context *c, int argc, const char **argv)
-{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
- rpc_user_password_internals, argc, argv);
-}
-
-/**
- * List user's groups on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return Normal NTSTATUS return.
- **/
+static int rpc_user_info(struct net_context *c, int argc, const char **argv)
-static NTSTATUS rpc_user_info_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
{
- POLICY_HND connect_pol, domain_pol, user_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ NET_API_STATUS status;
+ struct GROUP_USERS_INFO_0 *u0 = NULL;
+ uint32_t entries_read = 0;
+ uint32_t total_entries = 0;
int i;
- struct samr_RidWithAttributeArray *rid_array = NULL;
- struct lsa_Strings names;
- struct samr_Ids types;
- uint32_t *lrids = NULL;
- struct samr_Ids rids, name_types;
- struct lsa_String lsa_acct_name;
if (argc < 1 || c->display_usage) {
rpc_user_usage(c, argc, argv);
- return NT_STATUS_OK;
+ return 0;
}
- /* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- /* Get domain policy handle */
-
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- /* Get handle on user */
-
- init_lsa_String(&lsa_acct_name, argv[0]);
-
- result = rpccli_samr_LookupNames(pipe_hnd, mem_ctx,
- &domain_pol,
- 1,
- &lsa_acct_name,
- &rids,
- &name_types);
-
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- result = rpccli_samr_OpenUser(pipe_hnd, mem_ctx,
- &domain_pol,
- MAXIMUM_ALLOWED_ACCESS,
- rids.ids[0],
- &user_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- result = rpccli_samr_GetGroupsForUser(pipe_hnd, mem_ctx,
- &user_pol,
- &rid_array);
-
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- /* Look up rids */
-
- if (rid_array->count) {
- if ((lrids = TALLOC_ARRAY(mem_ctx, uint32, rid_array->count)) == NULL) {
- result = NT_STATUS_NO_MEMORY;
- goto done;
- }
-
- for (i = 0; i < rid_array->count; i++)
- lrids[i] = rid_array->rids[i].rid;
-
- result = rpccli_samr_LookupRids(pipe_hnd, mem_ctx,
- &domain_pol,
- rid_array->count,
- lrids,
- &names,
- &types);
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Display results */
-
- for (i = 0; i < names.count; i++)
- printf("%s\n", names.names[i].string);
+ status = NetUserGetGroups(c->opt_host,
+ argv[0],
+ 0,
+ (uint8_t **)&u0,
+ (uint32_t)-1,
+ &entries_read,
+ &total_entries);
+ if (status != 0) {
+ d_fprintf(stderr, "Failed to get groups for '%s' with: %s.\n",
+ argv[0], libnetapi_get_error_string(c->netapi_ctx,
+ status));
+ return -1;
}
- done:
- return result;
-}
-/**
- * List a user's groups from a remote RPC server.
- *
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return A shell status integer (0 for success)
- **/
+ for (i=0; i < entries_read; i++) {
+ printf("%s\n", u0->grui0_name);
+ u0++;
+ }
-static int rpc_user_info(struct net_context *c, int argc, const char **argv)
-{
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
- rpc_user_info_internals, argc, argv);
+ return 0;
}
/**
* @return Normal NTSTATUS return.
**/
-static NTSTATUS rpc_user_list_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_user_list(struct net_context *c, int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- uint32 start_idx=0, num_entries, i, loop_count = 0;
-
- /* Get sam policy handle */
-
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- /* Get domain policy handle */
-
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
+ NET_API_STATUS status;
+ uint32_t start_idx=0, num_entries, i, loop_count = 0;
+ struct NET_DISPLAY_USER *info = NULL;
+ void *buffer = NULL;
/* Query domain users */
if (c->opt_long_list_entries)
d_printf("\nUser name Comment"
"\n-----------------------------\n");
do {
- const char *user = NULL;
- const char *desc = NULL;
- uint32 max_entries, max_size;
- uint32_t total_size, returned_size;
- union samr_DispInfo info;
+ uint32_t max_entries, max_size;
get_query_dispinfo_params(
loop_count, &max_entries, &max_size);
- result = rpccli_samr_QueryDisplayInfo(pipe_hnd, mem_ctx,
- &domain_pol,
- 1,
- start_idx,
- max_entries,
- max_size,
- &total_size,
- &returned_size,
- &info);
- loop_count++;
- start_idx += info.info1.count;
- num_entries = info.info1.count;
+ status = NetQueryDisplayInformation(c->opt_host,
+ 1,
+ start_idx,
+ max_entries,
+ max_size,
+ &num_entries,
+ &buffer);
+ if (status != 0 && status != ERROR_MORE_DATA) {
+ return status;
+ }
+
+ info = (struct NET_DISPLAY_USER *)buffer;
for (i = 0; i < num_entries; i++) {
- user = info.info1.entries[i].account_name.string;
- if (c->opt_long_list_entries)
- desc = info.info1.entries[i].description.string;
+
if (c->opt_long_list_entries)
- printf("%-21.21s %s\n", user, desc);
+ printf("%-21.21s %s\n", info->usri1_name,
+ info->usri1_comment);
else
- printf("%s\n", user);
+ printf("%s\n", info->usri1_name);
+ info++;
}
- } while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
- done:
- return result;
+ NetApiBufferFree(buffer);
+
+ loop_count++;
+ start_idx += num_entries;
+
+ } while (status == ERROR_MORE_DATA);
+
+ return status;
}
/**
}
libnetapi_set_username(c->netapi_ctx, c->opt_user_name);
libnetapi_set_password(c->netapi_ctx, c->opt_password);
+ if (c->opt_kerberos) {
+ libnetapi_set_use_kerberos(c->netapi_ctx);
+ }
if (argc == 0) {
if (c->display_usage) {
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
- rpc_user_list_internals,
- argc, argv);
+ return rpc_user_list(c, argc, argv);
}
return net_run_function(c, argc, argv, "net rpc user", func);
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_user_list_internals(c, ctx->domain_sid, ctx->domain_name,
- ctx->cli, pipe_hnd, mem_ctx,
- argc, argv);
+ return werror_to_ntstatus(W_ERROR(rpc_user_list(c, argc, argv)));
}
static NTSTATUS rpc_sh_user_info(struct net_context *c,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_user_info_internals(c, ctx->domain_sid, ctx->domain_name,
- ctx->cli, pipe_hnd, mem_ctx,
- argc, argv);
+ return werror_to_ntstatus(W_ERROR(rpc_user_info(c, argc, argv)));
}
static NTSTATUS rpc_sh_handle_user(struct net_context *c,
return 0;
}
-static NTSTATUS rpc_alias_add_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_alias_add_internals(struct net_context *c, int argc, const char **argv)
{
- POLICY_HND connect_pol, domain_pol, alias_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- union samr_AliasInfo alias_info;
- struct lsa_String alias_name;
- uint32_t rid = 0;
+ NET_API_STATUS status;
+ struct LOCALGROUP_INFO_1 info1;
+ uint32_t parm_error = 0;
if (argc != 1 || c->display_usage) {
rpc_group_usage(c, argc, argv);
- return NT_STATUS_OK;
+ return 0;
}
- init_lsa_String(&alias_name, argv[0]);
-
- /* Get sam policy handle */
-
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- /* Get domain policy handle */
-
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
- &connect_pol,
- MAXIMUM_ALLOWED_ACCESS,
- CONST_DISCARD(struct dom_sid2 *, domain_sid),
- &domain_pol);
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- /* Create the group */
-
- result = rpccli_samr_CreateDomAlias(pipe_hnd, mem_ctx,
- &domain_pol,
- &alias_name,
- MAXIMUM_ALLOWED_ACCESS,
- &alias_pol,
- &rid);
- if (!NT_STATUS_IS_OK(result)) goto done;
-
- if (strlen(c->opt_comment) == 0) goto done;
-
- /* We've got a comment to set */
-
- init_lsa_String(&alias_info.description, c->opt_comment);
+ ZERO_STRUCT(info1);
- result = rpccli_samr_SetAliasInfo(pipe_hnd, mem_ctx,
- &alias_pol,
- 3,
- &alias_info);
+ info1.lgrpi1_name = argv[0];
+ if (c->opt_comment && strlen(c->opt_comment) > 0) {
+ info1.lgrpi1_comment = c->opt_comment;
+ }
- if (!NT_STATUS_IS_OK(result)) goto done;
+ status = NetLocalGroupAdd(c->opt_host, 1, (uint8_t *)&info1, &parm_error);
- done:
- if (NT_STATUS_IS_OK(result))
- DEBUG(5, ("add alias succeeded\n"));
- else
- d_fprintf(stderr, "add alias failed: %s\n", nt_errstr(result));
+ if (status != 0) {
+ d_fprintf(stderr, "Failed to add alias '%s' with: %s.\n",
+ argv[0], libnetapi_get_error_string(c->netapi_ctx,
+ status));
+ return -1;
+ } else {
+ d_printf("Added alias '%s'.\n", argv[0]);
+ }
- return result;
+ return 0;
}
static int rpc_group_add(struct net_context *c, int argc, const char **argv)
{
if (c->opt_localgroup)
- return run_rpc_command(c, NULL, &ndr_table_samr.syntax_id, 0,
- rpc_alias_add_internals,
- argc, argv);
+ return rpc_alias_add_internals(c, argc, argv);
return rpc_group_add_internals(c, argc, argv);
}
}
libnetapi_set_username(c->netapi_ctx, c->opt_user_name);
libnetapi_set_password(c->netapi_ctx, c->opt_password);
+ if (c->opt_kerberos) {
+ libnetapi_set_use_kerberos(c->netapi_ctx);
+ }
if (argc == 0) {
if (c->display_usage) {
argc, argv);
}
- return net_run_function(c, argc, argv, "net rpc group", func);
-}
-
-/****************************************************************************/
-
-static int rpc_share_usage(struct net_context *c, int argc, const char **argv)
-{
- return net_share_usage(c, argc, argv);
-}
-
-/**
- * Add a share on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return Normal NTSTATUS return.
- **/
-static NTSTATUS rpc_share_add_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,int argc,
- const char **argv)
-{
- WERROR result;
- NTSTATUS status;
- char *sharename;
- char *path;
- uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
- uint32 num_users=0, perms=0;
- char *password=NULL; /* don't allow a share password */
- uint32 level = 2;
- union srvsvc_NetShareInfo info;
- struct srvsvc_NetShareInfo2 info2;
- uint32_t parm_error = 0;
-
- if ((sharename = talloc_strdup(mem_ctx, argv[0])) == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
-
- path = strchr(sharename, '=');
- if (!path)
- return NT_STATUS_UNSUCCESSFUL;
- *path++ = '\0';
-
- info2.name = sharename;
- info2.type = type;
- info2.comment = c->opt_comment;
- info2.permissions = perms;
- info2.max_users = c->opt_maxusers;
- info2.current_users = num_users;
- info2.path = path;
- info2.password = password;
-
- info.info2 = &info2;
-
- status = rpccli_srvsvc_NetShareAdd(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- level,
- &info,
- &parm_error,
- &result);
- return status;
+ return net_run_function(c, argc, argv, "net rpc group", func);
}
-static int rpc_share_add(struct net_context *c, int argc, const char **argv)
+/****************************************************************************/
+
+static int rpc_share_usage(struct net_context *c, int argc, const char **argv)
{
- if ((argc < 1) || !strchr(argv[0], '=') || c->display_usage) {
- return rpc_share_usage(c, argc, argv);
- }
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_share_add_internals,
- argc, argv);
+ return net_share_usage(c, argc, argv);
}
/**
- * Delete a share on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
+ * Add a share on a remote RPC server.
*
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success).
**/
-static NTSTATUS rpc_share_del_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+
+static int rpc_share_add(struct net_context *c, int argc, const char **argv)
{
- WERROR result;
+ NET_API_STATUS status;
+ char *sharename;
+ char *path;
+ uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
+ uint32 num_users=0, perms=0;
+ char *password=NULL; /* don't allow a share password */
+ struct SHARE_INFO_2 i2;
+ uint32_t parm_error = 0;
- return rpccli_srvsvc_NetShareDel(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- argv[0],
- 0,
- &result);
+ if ((argc < 1) || !strchr(argv[0], '=') || c->display_usage) {
+ return rpc_share_usage(c, argc, argv);
+ }
+
+ if ((sharename = talloc_strdup(c, argv[0])) == NULL) {
+ return -1;
+ }
+
+ path = strchr(sharename, '=');
+ if (!path) {
+ return -1;
+ }
+
+ *path++ = '\0';
+
+ i2.shi2_netname = sharename;
+ i2.shi2_type = type;
+ i2.shi2_remark = c->opt_comment;
+ i2.shi2_permissions = perms;
+ i2.shi2_max_uses = c->opt_maxusers;
+ i2.shi2_current_uses = num_users;
+ i2.shi2_path = path;
+ i2.shi2_passwd = password;
+
+ status = NetShareAdd(c->opt_host,
+ 2,
+ (uint8_t *)&i2,
+ &parm_error);
+ if (status != 0) {
+ printf("NetShareAdd failed with: %s\n",
+ libnetapi_get_error_string(c->netapi_ctx, status));
+ }
+
+ return status;
}
/**
if (argc < 1 || c->display_usage) {
return rpc_share_usage(c, argc, argv);
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_share_del_internals,
- argc, argv);
+
+ return NetShareDel(c->opt_host, argv[0], 0);
}
/**
* Formatted print of share info
*
- * @param info1 pointer to SRV_SHARE_INFO_1 to format
+ * @param r pointer to SHARE_INFO_1 to format
**/
static void display_share_info_1(struct net_context *c,
- struct srvsvc_NetShareInfo1 *r)
+ struct SHARE_INFO_1 *r)
{
if (c->opt_long_list_entries) {
d_printf("%-12s %-8.8s %-50s\n",
- r->name,
- c->share_type[r->type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)],
- r->comment);
+ r->shi1_netname,
+ net_share_type_str(r->shi1_type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)),
+ r->shi1_remark);
} else {
- d_printf("%s\n", r->name);
+ d_printf("%s\n", r->shi1_netname);
}
}
return result;
}
-/**
- * List shares on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
+/***
+ * 'net rpc share list' entrypoint.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
- *
- * @return Normal NTSTATUS return.
**/
-
-static NTSTATUS rpc_share_list_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_share_list(struct net_context *c, int argc, const char **argv)
{
- struct srvsvc_NetShareInfoCtr info_ctr;
- struct srvsvc_NetShareCtr1 ctr1;
- WERROR result;
- uint32 i, level = 1;
-
- ZERO_STRUCT(info_ctr);
- ZERO_STRUCT(ctr1);
+ NET_API_STATUS status;
+ struct SHARE_INFO_1 *i1 = NULL;
+ uint32_t entries_read = 0;
+ uint32_t total_entries = 0;
+ uint32_t resume_handle = 0;
+ uint32_t i, level = 1;
- info_ctr.level = 1;
- info_ctr.ctr.ctr1 = &ctr1;
+ if (c->display_usage) {
+ d_printf("Usage\n"
+ "net rpc share list\n"
+ " List shares on remote server\n");
+ return 0;
+ }
- result = get_share_info(c, pipe_hnd, mem_ctx, level, argc, argv,
- &info_ctr);
- if (!W_ERROR_IS_OK(result))
+ status = NetShareEnum(c->opt_host,
+ level,
+ (uint8_t **)&i1,
+ (uint32_t)-1,
+ &entries_read,
+ &total_entries,
+ &resume_handle);
+ if (status != 0) {
goto done;
+ }
/* Display results */
"\nShare name Type Description\n"
"---------- ---- -----------\n");
}
- for (i = 0; i < info_ctr.ctr.ctr1->count; i++)
- display_share_info_1(c, &info_ctr.ctr.ctr1->array[i]);
+ for (i = 0; i < entries_read; i++)
+ display_share_info_1(c, &i1[i]);
done:
- return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
-}
-
-/***
- * 'net rpc share list' entrypoint.
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- **/
-static int rpc_share_list(struct net_context *c, int argc, const char **argv)
-{
- if (c->display_usage) {
- d_printf("Usage\n"
- "net rpc share list\n"
- " List shares on remote server\n");
- return 0;
- }
-
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_share_list_internals, argc, argv);
+ return status;
}
static bool check_share_availability(struct cli_state *cli, const char *netname)
goto done;
/* connect destination PI_SRVSVC */
- nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe, PI_SRVSVC);
+ nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe,
+ &ndr_table_srvsvc.syntax_id);
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
goto done;
/* connect destination PI_SRVSVC */
- nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe, PI_SRVSVC);
+ nt_status = connect_dst_pipe(c, &cli_dst, &srvsvc_pipe,
+ &ndr_table_srvsvc.syntax_id);
if (!NT_STATUS_IS_OK(nt_status))
return nt_status;
SAFE_FREE(token->user_sids);
}
-static bool is_sid_in_token(NT_USER_TOKEN *token, DOM_SID *sid)
-{
- int i;
-
- for (i=0; i<token->num_sids; i++) {
- if (sid_compare(sid, &token->user_sids[i]) == 0)
- return true;
- }
- return false;
-}
-
static void add_sid_to_token(NT_USER_TOKEN *token, DOM_SID *sid)
{
if (is_sid_in_token(token, sid))
return false;
}
- string_to_sid(&user_sid, sid_str);
+ if (!string_to_sid(&user_sid, sid_str)) {
+ DEBUG(1,("Could not convert sid %s from string\n", sid_str));
+ return false;
+ }
+
wbcFreeMemory(sid_str);
sid_str = NULL;
/* We have a SID */
DOM_SID sid;
- string_to_sid(&sid, &line[1]);
+ if(!string_to_sid(&sid, &line[1])) {
+ DEBUG(1,("get_user_tokens_from_file: Could "
+ "not convert sid %s \n",&line[1]));
+ return false;
+ }
if (token == NULL) {
DEBUG(0, ("File does not begin with username"));
uint32 acc_granted;
if (share_sd != NULL) {
- if (!se_access_check(share_sd, &tokens[i].token,
- 1, &acc_granted, &status)) {
+ status = se_access_check(share_sd, &tokens[i].token,
+ 1, &acc_granted);
+
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not check share_sd for "
"user %s\n",
tokens[i].name));
continue;
}
-
- if (!NT_STATUS_IS_OK(status))
- continue;
}
if (root_sd == NULL) {
continue;
}
- if (!se_access_check(root_sd, &tokens[i].token,
- 1, &acc_granted, &status)) {
+ status = se_access_check(root_sd, &tokens[i].token,
+ 1, &acc_granted);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("Could not check root_sd for user %s\n",
tokens[i].name));
continue;
}
-
- if (!NT_STATUS_IS_OK(status))
- continue;
-
d_printf(" %s\n", tokens[i].name);
}
{
int ret;
bool r;
- ENUM_HND hnd;
uint32 i;
FILE *f;
for (i=0; i<num_tokens; i++)
collect_alias_memberships(&tokens[i].token);
- init_enum_hnd(&hnd, 0);
-
share_list.num_shares = 0;
share_list.shares = NULL;
int net_rpc_share(struct net_context *c, int argc, const char **argv)
{
+ NET_API_STATUS status;
+
struct functable func[] = {
{
"add",
{NULL, NULL, 0, NULL, NULL}
};
+ status = libnetapi_init(&c->netapi_ctx);
+ if (status != 0) {
+ return -1;
+ }
+ libnetapi_set_username(c->netapi_ctx, c->opt_user_name);
+ libnetapi_set_password(c->netapi_ctx, c->opt_password);
+ if (c->opt_kerberos) {
+ libnetapi_set_use_kerberos(c->netapi_ctx);
+ }
if (argc == 0) {
if (c->display_usage) {
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_share_list_internals,
- argc, argv);
+ return rpc_share_list(c, argc, argv);
}
return net_run_function(c, argc, argv, "net rpc share", func);
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_share_list_internals(c, ctx->domain_sid, ctx->domain_name,
- ctx->cli, pipe_hnd, mem_ctx,
- argc, argv);
+
+ return werror_to_ntstatus(W_ERROR(rpc_share_list(c, argc, argv)));
}
static NTSTATUS rpc_sh_share_add(struct net_context *c,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- WERROR result;
- NTSTATUS status;
+ NET_API_STATUS status;
uint32_t parm_err = 0;
- union srvsvc_NetShareInfo info;
- struct srvsvc_NetShareInfo2 info2;
+ struct SHARE_INFO_2 i2;
if ((argc < 2) || (argc > 3)) {
d_fprintf(stderr, "usage: %s <share> <path> [comment]\n",
return NT_STATUS_INVALID_PARAMETER;
}
- info2.name = argv[0];
- info2.type = STYPE_DISKTREE;
- info2.comment = (argc == 3) ? argv[2] : "";
- info2.permissions = 0;
- info2.max_users = 0;
- info2.current_users = 0;
- info2.path = argv[1];
- info2.password = NULL;
+ i2.shi2_netname = argv[0];
+ i2.shi2_type = STYPE_DISKTREE;
+ i2.shi2_remark = (argc == 3) ? argv[2] : "";
+ i2.shi2_permissions = 0;
+ i2.shi2_max_uses = 0;
+ i2.shi2_current_uses = 0;
+ i2.shi2_path = argv[1];
+ i2.shi2_passwd = NULL;
- info.info2 = &info2;
+ status = NetShareAdd(pipe_hnd->desthost,
+ 2,
+ (uint8_t *)&i2,
+ &parm_err);
- status = rpccli_srvsvc_NetShareAdd(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- 2,
- &info,
- &parm_err,
- &result);
-
- return status;
+ return werror_to_ntstatus(W_ERROR(status));
}
static NTSTATUS rpc_sh_share_delete(struct net_context *c,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- WERROR result;
- NTSTATUS status;
-
if (argc != 1) {
d_fprintf(stderr, "usage: %s <share>\n", ctx->whoami);
return NT_STATUS_INVALID_PARAMETER;
}
- status = rpccli_srvsvc_NetShareDel(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- argv[0],
- 0,
- &result);
-
- return status;
+ return werror_to_ntstatus(W_ERROR(NetShareDel(pipe_hnd->desthost, argv[0], 0)));
}
static NTSTATUS rpc_sh_share_info(struct net_context *c,
return net_file_usage(c, argc, argv);
}
-/**
- * Close a file on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
- *
- * @param c A net_context structure.
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return Normal NTSTATUS return.
- **/
-static NTSTATUS rpc_file_close_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
-{
- return rpccli_srvsvc_NetFileClose(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- atoi(argv[0]), NULL);
-}
-
/**
* Close a file on a remote RPC server.
*
return rpc_file_usage(c, argc, argv);
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_file_close_internals,
- argc, argv);
+ return NetFileClose(c->opt_host, atoi(argv[0]));
}
/**
* Formatted print of open file info
*
- * @param r struct srvsvc_NetFileInfo3 contents
+ * @param r struct FILE_INFO_3 contents
**/
-static void display_file_info_3(struct srvsvc_NetFileInfo3 *r)
+static void display_file_info_3(struct FILE_INFO_3 *r)
{
d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
- r->fid, r->user, r->permissions, r->num_locks, r->path);
+ r->fi3_id, r->fi3_username, r->fi3_permissions,
+ r->fi3_num_locks, r->fi3_pathname);
}
/**
- * List open files on a remote RPC server.
- *
- * All parameters are provided by the run_rpc_command function, except for
- * argc, argv which are passed through.
+ * List files for a user on a remote RPC server.
*
- * @param c A net_context structure.
- * @param domain_sid The domain sid acquired from the remote server.
- * @param cli A cli_state connected to the server.
- * @param mem_ctx Talloc context, destroyed on completion of the function.
* @param argc Standard main() style argc.
* @param argv Standard main() style argv. Initial components are already
* stripped.
*
- * @return Normal NTSTATUS return.
+ * @return A shell status integer (0 for success)..
**/
-static NTSTATUS rpc_file_list_internals(struct net_context *c,
- const DOM_SID *domain_sid,
- const char *domain_name,
- struct cli_state *cli,
- struct rpc_pipe_client *pipe_hnd,
- TALLOC_CTX *mem_ctx,
- int argc,
- const char **argv)
+static int rpc_file_user(struct net_context *c, int argc, const char **argv)
{
- struct srvsvc_NetFileInfoCtr info_ctr;
- struct srvsvc_NetFileCtr3 ctr3;
- WERROR result;
- NTSTATUS status;
+ NET_API_STATUS status;
uint32 preferred_len = 0xffffffff, i;
const char *username=NULL;
uint32_t total_entries = 0;
+ uint32_t entries_read = 0;
uint32_t resume_handle = 0;
+ struct FILE_INFO_3 *i3 = NULL;
+
+ if (c->display_usage) {
+ return rpc_file_usage(c, argc, argv);
+ }
/* if argc > 0, must be user command */
- if (argc > 0)
+ if (argc > 0) {
username = smb_xstrdup(argv[0]);
+ }
- ZERO_STRUCT(info_ctr);
- ZERO_STRUCT(ctr3);
-
- info_ctr.level = 3;
- info_ctr.ctr.ctr3 = &ctr3;
-
- status = rpccli_srvsvc_NetFileEnum(pipe_hnd, mem_ctx,
- pipe_hnd->desthost,
- NULL,
- username,
- &info_ctr,
- preferred_len,
- &total_entries,
- &resume_handle,
- &result);
+ status = NetFileEnum(c->opt_host,
+ NULL,
+ username,
+ 3,
+ (uint8_t **)&i3,
+ preferred_len,
+ &entries_read,
+ &total_entries,
+ &resume_handle);
- if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(result))
+ if (status != 0) {
goto done;
+ }
/* Display results */
"\nEnumerating open files on remote server:\n\n"
"\nFileId Opened by Perms Locks Path"
"\n------ --------- ----- ----- ---- \n");
- for (i = 0; i < total_entries; i++)
- display_file_info_3(&info_ctr.ctr.ctr3->array[i]);
- done:
- return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
-}
-
-/**
- * List files for a user on a remote RPC server.
- *
- * @param argc Standard main() style argc.
- * @param argv Standard main() style argv. Initial components are already
- * stripped.
- *
- * @return A shell status integer (0 for success)..
- **/
-
-static int rpc_file_user(struct net_context *c, int argc, const char **argv)
-{
- if (argc < 1 || c->display_usage) {
- return rpc_file_usage(c, argc, argv);
+ for (i = 0; i < entries_read; i++) {
+ display_file_info_3(&i3[i]);
}
-
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_file_list_internals,
- argc, argv);
+ done:
+ return status;
}
/**
int net_rpc_file(struct net_context *c, int argc, const char **argv)
{
+ NET_API_STATUS status;
+
struct functable func[] = {
{
"close",
{NULL, NULL, 0, NULL, NULL}
};
+ status = libnetapi_init(&c->netapi_ctx);
+ if (status != 0) {
+ return -1;
+ }
+ libnetapi_set_username(c->netapi_ctx, c->opt_user_name);
+ libnetapi_set_password(c->netapi_ctx, c->opt_password);
+ if (c->opt_kerberos) {
+ libnetapi_set_use_kerberos(c->netapi_ctx);
+ }
+
if (argc == 0) {
if (c->display_usage) {
d_printf("Usage:\n");
return 0;
}
- return run_rpc_command(c, NULL, &ndr_table_srvsvc.syntax_id, 0,
- rpc_file_list_internals,
- argc, argv);
+ return rpc_file_user(c, argc, argv);
}
return net_run_function(c, argc, argv, "net rpc file", func);
struct samr_LogonHours hours;
struct lsa_BinaryString parameters;
const int units_per_week = 168;
- uchar pwbuf[516];
-
- encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
+ struct samr_CryptPassword crypt_pwd;
ZERO_STRUCT(notime);
ZERO_STRUCT(hours);
hours.units_per_week = units_per_week;
memset(hours.bits, 0xFF, units_per_week);
+ init_samr_CryptPassword(argv[1],
+ &cli->user_session_key,
+ &crypt_pwd);
+
init_samr_user_info23(&info.info23,
notime, notime, notime,
notime, notime, notime,
NULL, NULL, NULL, NULL, NULL,
NULL, NULL, NULL, NULL, ¶meters,
- 0, 0, ACB_DOMTRUST, SAMR_FIELD_ACCT_FLAGS,
+ 0, 0, ACB_DOMTRUST,
+ SAMR_FIELD_ACCT_FLAGS | SAMR_FIELD_NT_PASSWORD_PRESENT,
hours,
0, 0, 0, 0, 0, 0, 0,
- pwbuf, 24);
-
- SamOEMhashBlob(info.info23.password.data, 516,
- &cli->user_session_key);
+ &crypt_pwd);
result = rpccli_samr_SetUserInfo2(pipe_hnd, mem_ctx,
&user_pol,
strupper_m(domain_name);
/* account name used at first is our domain's name with '$' */
- asprintf(&acct_name, "%s$", lp_workgroup());
+ if (asprintf(&acct_name, "%s$", lp_workgroup()) == -1) {
+ return -1;
+ }
strupper_m(acct_name);
/*
/* SamrConnect2 */
nt_status = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
pipe_hnd->desthost,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SAMR_ACCESS_LOOKUP_DOMAIN,
&connect_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
able to enumerate accounts*/
nt_status = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
&connect_hnd,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
queried_dom_sid,
&domain_hnd);
if (!NT_STATUS_IS_OK(nt_status)) {
"net rpc vampire keytab\n"
" Dump remote SAM database to Kerberos keytab file"
},
+ {
+ "passdb",
+ rpc_vampire_passdb,
+ NET_TRANSPORT_RPC,
+ "Dump remote SAM database to passdb",
+ "net rpc vampire passdb\n"
+ " Dump remote SAM database to passdb"
+ },
{NULL, NULL, 0, NULL, NULL}
};