Fix bug #5568 net rpc trustdom add broken !

net rpc trustdom add was broken. The default 10second timeout can be too short
to create an account on a Samba DC (calling out to a script), error message
reporting was poor, and more importantly the new marshalling code for
user_info23 was broken (maps onto a user_info21 but doesn't clear the
user_info23 struct before marshalling, leaving an uninitialized size field -
give "alloc failure").
Jeremy.

diff --git a/source/rpc_client/init_samr.c b/source/rpc_client/init_samr.c
index 3b62e7effb11f72637376d9fb6509ee6afc83563..c5d7dcdb1322a136c3b98f769fc97e6fd3ebc167 100644 (file)
--- a/source/rpc_client/init_samr.c
+++ b/source/rpc_client/init_samr.c
@@ -413,6 +413,7 @@ void init_samr_user_info23(struct samr_UserInfo23 *r,
                           uint8_t data[516],
                           uint8_t pw_len)
 {
+       memset(r, '\0', sizeof(*r));
        init_samr_user_info21(&r->info,
                              last_logon,
                              last_logoff,

diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c
index a24aa8bdad66da4be3c612d81aa6753fd68ce823..a5c2de0df32859a6af273770f2d10f83fe6a3781 100644 (file)
--- a/source/utils/net_rpc.c
+++ b/source/utils/net_rpc.c
@@ -5355,6 +5355,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
        uint32 user_rid;
        uint32_t access_granted = 0;
        union samr_UserInfo info;
+       unsigned int orig_timeout;
 
        if (argc != 2) {
                d_printf("Usage: net rpc trustdom add <domain_name> <trust password>\n");
@@ -5392,6 +5393,11 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
                goto done;
        }
 
+        /* This call can take a long time - allow the server to time out.
+        * 35 seconds should do it. */
+
+        orig_timeout = cli_set_timeout(pipe_hnd->cli, 35000);
+
        /* Create trusting domain's account */
        acb_info = ACB_NORMAL;
        acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
@@ -5408,7 +5414,13 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
                                         &user_pol,
                                         &access_granted,
                                         &user_rid);
+
+       /* And restore our original timeout. */
+       cli_set_timeout(pipe_hnd->cli, orig_timeout);
+
        if (!NT_STATUS_IS_OK(result)) {
+               d_printf("net rpc trustdom add: create user %s failed %s\n",
+                       acct_name, nt_errstr(result));
                goto done;
        }
 
@@ -5558,6 +5570,8 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
                                         &name_types);
 
        if (!NT_STATUS_IS_OK(result)) {
+               d_printf("net rpc trustdom del: LookupNames on user %s failed %s\n",
+                       acct_name, nt_errstr(result) );
                goto done;
        }
 
@@ -5568,6 +5582,8 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
                                      &user_pol);
 
        if (!NT_STATUS_IS_OK(result)) {
+               d_printf("net rpc trustdom del: OpenUser on user %s failed %s\n",
+                       acct_name, nt_errstr(result) );
                goto done;
        }
 
@@ -5583,6 +5599,8 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
                                                           &user_pol,
                                                           &trust_acct_sid);
        if (!NT_STATUS_IS_OK(result)) {
+               d_printf("net rpc trustdom del: RemoveMemberFromForeignDomain on user %s failed %s\n",
+                       acct_name, nt_errstr(result) );
                goto done;
        }
 
@@ -5592,13 +5610,15 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
                                        &user_pol);
 
        if (!NT_STATUS_IS_OK(result)) {
+               d_printf("net rpc trustdom del: DeleteUser on user %s failed %s\n",
+                       acct_name, nt_errstr(result) );
                goto done;
        }
 
        if (!NT_STATUS_IS_OK(result)) {
-         DEBUG(0,("Could not set trust account password: %s\n",
-                  nt_errstr(result)));
-         goto done;
+               d_printf("Could not set trust account password: %s\n",
+                  nt_errstr(result));
+               goto done;
        }
 
  done: