2 Unix SMB/CIFS implementation.
4 Copyright (C) Stefan Metzmacher 2004
5 Copyright (C) Andrew Bartlett <abartlet@samba.org> 2005
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 #include "libnet/libnet.h"
24 #include "librpc/gen_ndr/ndr_samr.h"
25 #include "lib/crypto/crypto.h"
28 * do a domain join using DCERPC/SAMR calls
29 * 1. connect to the SAMR pipe of users domain PDC (maybe a standalone server or workstation)
30 * is it correct to contact the the pdc of the domain of the user who's password should be set?
31 * 2. do a samr_Connect to get a policy handle
32 * 3. do a samr_LookupDomain to get the domain sid
33 * 4. do a samr_OpenDomain to get a domain handle
34 * 5. do a samr_CreateAccount to try and get a new account
37 * 5.1. do a samr_LookupNames to get the users rid
38 * 5.2. do a samr_OpenUser to get a user handle
40 * 6. call libnet_SetPassword_samr_handle to set the password
42 * 7. do a samrSetUserInfo to set the account flags
44 static NTSTATUS libnet_JoinDomain_samr(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, union libnet_JoinDomain *r)
47 union libnet_rpc_connect c;
48 struct samr_Connect sc;
49 struct policy_handle p_handle;
50 struct samr_LookupDomain ld;
51 struct samr_String d_name;
52 struct samr_OpenDomain od;
53 struct policy_handle d_handle;
54 struct samr_LookupNames ln;
55 struct samr_OpenUser ou;
56 struct samr_CreateUser2 cu;
57 struct policy_handle u_handle;
58 struct samr_SetUserInfo sui;
59 union samr_UserInfo u_info;
60 union libnet_SetPassword r2;
61 struct samr_GetUserPwInfo pwp;
62 struct samr_String samr_account_name;
64 uint32 rid, access_granted;
65 int policy_min_pw_len = 0;
67 /* prepare connect to the SAMR pipe of users domain PDC */
68 c.pdc.level = LIBNET_RPC_CONNECT_PDC;
69 c.pdc.in.domain_name = r->samr.in.domain_name;
70 c.pdc.in.dcerpc_iface_name = DCERPC_SAMR_NAME;
71 c.pdc.in.dcerpc_iface_uuid = DCERPC_SAMR_UUID;
72 c.pdc.in.dcerpc_iface_version = DCERPC_SAMR_VERSION;
74 /* 1. connect to the SAMR pipe of users domain PDC (maybe a standalone server or workstation) */
75 status = libnet_rpc_connect(ctx, mem_ctx, &c);
76 if (!NT_STATUS_IS_OK(status)) {
77 r->samr.out.error_string = talloc_asprintf(mem_ctx,
78 "Connection to SAMR pipe of PDC of domain '%s' failed: %s\n",
79 r->samr.in.domain_name, nt_errstr(status));
83 /* prepare samr_Connect */
84 ZERO_STRUCT(p_handle);
85 sc.in.system_name = NULL;
86 sc.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
87 sc.out.connect_handle = &p_handle;
89 /* 2. do a samr_Connect to get a policy handle */
90 status = dcerpc_samr_Connect(c.pdc.out.dcerpc_pipe, mem_ctx, &sc);
91 if (!NT_STATUS_IS_OK(status)) {
92 r->samr.out.error_string = talloc_asprintf(mem_ctx,
93 "samr_Connect failed: %s\n",
98 /* check result of samr_Connect */
99 if (!NT_STATUS_IS_OK(sc.out.result)) {
100 r->samr.out.error_string = talloc_asprintf(mem_ctx,
101 "samr_Connect failed: %s\n",
102 nt_errstr(sc.out.result));
103 status = sc.out.result;
107 /* prepare samr_LookupDomain */
108 d_name.string = r->samr.in.domain_name;
109 ld.in.connect_handle = &p_handle;
110 ld.in.domain = &d_name;
112 /* 3. do a samr_LookupDomain to get the domain sid */
113 status = dcerpc_samr_LookupDomain(c.pdc.out.dcerpc_pipe, mem_ctx, &ld);
114 if (!NT_STATUS_IS_OK(status)) {
115 r->samr.out.error_string = talloc_asprintf(mem_ctx,
116 "samr_LookupDomain for [%s] failed: %s\n",
117 r->samr.in.domain_name, nt_errstr(status));
121 /* check result of samr_LookupDomain */
122 if (!NT_STATUS_IS_OK(ld.out.result)) {
123 r->samr.out.error_string = talloc_asprintf(mem_ctx,
124 "samr_LookupDomain for [%s] failed: %s\n",
125 r->samr.in.domain_name, nt_errstr(ld.out.result));
126 status = ld.out.result;
130 /* prepare samr_OpenDomain */
131 ZERO_STRUCT(d_handle);
132 od.in.connect_handle = &p_handle;
133 od.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
134 od.in.sid = ld.out.sid;
135 od.out.domain_handle = &d_handle;
137 /* 4. do a samr_OpenDomain to get a domain handle */
138 status = dcerpc_samr_OpenDomain(c.pdc.out.dcerpc_pipe, mem_ctx, &od);
139 if (!NT_STATUS_IS_OK(status)) {
140 r->samr.out.error_string = talloc_asprintf(mem_ctx,
141 "samr_OpenDomain for [%s] failed: %s\n",
142 r->samr.in.domain_name, nt_errstr(status));
146 /* prepare samr_CreateUser2 */
147 ZERO_STRUCT(u_handle);
148 cu.in.domain_handle = &d_handle;
149 cu.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
150 samr_account_name.string = r->samr.in.account_name;
151 cu.in.account_name = &samr_account_name;
152 cu.in.acct_flags = r->samr.in.acct_type;
153 cu.out.user_handle = &u_handle;
155 cu.out.access_granted = &access_granted;
157 /* 4. do a samr_CreateUser2 to get an account handle, or an error */
158 status = dcerpc_samr_CreateUser2(c.pdc.out.dcerpc_pipe, mem_ctx, &cu);
159 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
160 r->samr.out.error_string = talloc_asprintf(mem_ctx,
161 "samr_CreateUser2 for [%s] failed: %s\n",
162 r->samr.in.domain_name, nt_errstr(status));
165 } else if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
166 /* prepare samr_LookupNames */
167 ln.in.domain_handle = &d_handle;
169 ln.in.names = talloc_array_p(mem_ctx, struct samr_String, 1);
171 r->samr.out.error_string = "Out of Memory";
172 return NT_STATUS_NO_MEMORY;
174 ln.in.names[0].string = r->samr.in.account_name;
176 /* 5. do a samr_LookupNames to get the users rid */
177 status = dcerpc_samr_LookupNames(c.pdc.out.dcerpc_pipe, mem_ctx, &ln);
178 if (!NT_STATUS_IS_OK(status)) {
179 r->samr.out.error_string = talloc_asprintf(mem_ctx,
180 "samr_LookupNames for [%s] failed: %s\n",
181 r->samr.in.account_name, nt_errstr(status));
186 /* check if we got one RID for the user */
187 if (ln.out.rids.count != 1) {
188 r->samr.out.error_string = talloc_asprintf(mem_ctx,
189 "samr_LookupNames for [%s] returns %d RIDs\n",
190 r->samr.in.account_name, ln.out.rids.count);
191 status = NT_STATUS_INVALID_PARAMETER;
195 /* prepare samr_OpenUser */
196 ZERO_STRUCT(u_handle);
197 ou.in.domain_handle = &d_handle;
198 ou.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
199 ou.in.rid = ln.out.rids.ids[0];
200 ou.out.user_handle = &u_handle;
202 /* 6. do a samr_OpenUser to get a user handle */
203 status = dcerpc_samr_OpenUser(c.pdc.out.dcerpc_pipe, mem_ctx, &ou);
204 if (!NT_STATUS_IS_OK(status)) {
205 r->samr.out.error_string = talloc_asprintf(mem_ctx,
206 "samr_OpenUser for [%s] failed: %s\n",
207 r->samr.in.account_name, nt_errstr(status));
212 pwp.in.user_handle = &u_handle;
214 status = dcerpc_samr_GetUserPwInfo(c.pdc.out.dcerpc_pipe, mem_ctx, &pwp);
215 if (NT_STATUS_IS_OK(status)) {
216 policy_min_pw_len = pwp.out.info.min_password_length;
219 r->samr.out.join_password = generate_random_str(mem_ctx, MAX(8, policy_min_pw_len));
221 r2.samr_handle.level = LIBNET_SET_PASSWORD_SAMR_HANDLE;
222 r2.samr_handle.in.account_name = r->samr.in.account_name;
223 r2.samr_handle.in.newpassword = r->samr.out.join_password;
224 r2.samr_handle.in.user_handle = &u_handle;
225 r2.samr_handle.in.dcerpc_pipe = c.pdc.out.dcerpc_pipe;
227 status = libnet_SetPassword(ctx, mem_ctx, &r2);
229 r->samr.out.error_string = r2.samr_handle.out.error_string;
231 if (!NT_STATUS_IS_OK(status)) {
235 /* prepare samr_SetUserInfo level 23 */
237 u_info.info16.acct_flags = r->samr.in.acct_type;
239 sui.in.user_handle = &u_handle;
240 sui.in.info = &u_info;
243 dcerpc_samr_SetUserInfo(c.pdc.out.dcerpc_pipe, mem_ctx, &sui);
246 /* close connection */
247 dcerpc_pipe_close(c.pdc.out.dcerpc_pipe);
252 static NTSTATUS libnet_JoinDomain_generic(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, union libnet_JoinDomain *r)
255 union libnet_JoinDomain r2;
257 r2.samr.level = LIBNET_JOIN_DOMAIN_SAMR;
258 r2.samr.in.account_name = r->generic.in.account_name;
259 r2.samr.in.domain_name = r->generic.in.domain_name;
260 r2.samr.in.acct_type = r->generic.in.acct_type;
262 status = libnet_JoinDomain(ctx, mem_ctx, &r2);
264 r->generic.out.error_string = r2.samr.out.error_string;
269 NTSTATUS libnet_JoinDomain(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, union libnet_JoinDomain *r)
271 switch (r->generic.level) {
272 case LIBNET_JOIN_DOMAIN_GENERIC:
273 return libnet_JoinDomain_generic(ctx, mem_ctx, r);
274 case LIBNET_JOIN_DOMAIN_SAMR:
275 return libnet_JoinDomain_samr(ctx, mem_ctx, r);
278 return NT_STATUS_INVALID_LEVEL;