2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2001 Steve French (sfrench@us.ibm.com)
5 Copyright (C) 2001 Jim McDonough (jmcd@us.ibm.com)
6 Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
7 Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org)
8 Copyright (C) 2008 Kai Blin (kai@samba.org)
10 Originally written by Steve and Jim. Largely rewritten by tridge in
13 Reworked again by abartlet in December 2001
15 Another overhaul, moving functionality into plug-ins loaded on demand by Kai
18 This program is free software; you can redistribute it and/or modify
19 it under the terms of the GNU General Public License as published by
20 the Free Software Foundation; either version 3 of the License, or
21 (at your option) any later version.
23 This program is distributed in the hope that it will be useful,
24 but WITHOUT ANY WARRANTY; without even the implied warranty of
25 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 GNU General Public License for more details.
28 You should have received a copy of the GNU General Public License
29 along with this program. If not, see <http://www.gnu.org/licenses/>. */
31 /*****************************************************/
33 /* Distributed SMB/CIFS Server Management Utility */
35 /* The intent was to make the syntax similar */
36 /* to the NET utility (first developed in DOS */
37 /* with additional interesting & useful functions */
38 /* added in later SMB server network operating */
41 /*****************************************************/
44 #include "utils/net.h"
46 /***********************************************************************/
47 /* Beginning of internationalization section. Translatable constants */
48 /* should be kept in this area and referenced in the rest of the code. */
50 /* No functions, outside of Samba or LSB (Linux Standards Base) should */
51 /* be used (if possible). */
52 /***********************************************************************/
54 #define YES_STRING "Yes"
55 #define NO_STRING "No"
57 /***********************************************************************/
58 /* end of internationalization section */
59 /***********************************************************************/
61 uint32 get_sec_channel_type(const char *param)
63 if (!(param && *param)) {
64 return get_default_sec_channel();
66 if (strequal(param, "PDC")) {
68 } else if (strequal(param, "BDC")) {
70 } else if (strequal(param, "MEMBER")) {
71 return SEC_CHAN_WKSTA;
73 } else if (strequal(param, "DOMAIN")) {
74 return SEC_CHAN_DOMAIN;
77 return get_default_sec_channel();
83 run a function from a function table. If not found then
84 call the specified usage function
86 int net_run_function(struct net_context *c, int argc, const char **argv,
87 struct functable *table,
88 int (*usage_fn)(struct net_context *c,
89 int argc, const char **argv))
94 d_printf("\nUsage: \n");
95 return usage_fn(c, argc, argv);
97 for (i=0; table[i].funcname; i++) {
98 if (StrCaseCmp(argv[0], table[i].funcname) == 0)
99 return table[i].fn(c, argc-1, argv+1);
101 d_fprintf(stderr, "No command: %s\n", argv[0]);
102 return usage_fn(c, argc, argv);
106 * run a function from a function table.
108 int net_run_function2(struct net_context *c, int argc, const char **argv,
109 const char *whoami, struct functable2 *table)
114 for (i=0; table[i].funcname; i++) {
115 if (StrCaseCmp(argv[0], table[i].funcname) == 0)
116 return table[i].fn(c, argc-1, argv+1);
120 for (i=0; table[i].funcname != NULL; i++) {
121 d_printf("%s %-15s %s\n", whoami, table[i].funcname,
128 /****************************************************************************
129 Connect to \\server\service.
130 ****************************************************************************/
132 NTSTATUS connect_to_service(struct net_context *c,
133 struct cli_state **cli_ctx,
134 struct sockaddr_storage *server_ss,
135 const char *server_name,
136 const char *service_name,
137 const char *service_type)
141 c->opt_password = net_prompt_pass(c, c->opt_user_name);
142 if (!c->opt_password) {
143 return NT_STATUS_NO_MEMORY;
146 nt_status = cli_full_connection(cli_ctx, NULL, server_name,
147 server_ss, c->opt_port,
148 service_name, service_type,
149 c->opt_user_name, c->opt_workgroup,
150 c->opt_password, 0, Undefined, NULL);
151 if (!NT_STATUS_IS_OK(nt_status)) {
152 d_fprintf(stderr, "Could not connect to server %s\n", server_name);
154 /* Display a nicer message depending on the result */
156 if (NT_STATUS_V(nt_status) ==
157 NT_STATUS_V(NT_STATUS_LOGON_FAILURE))
158 d_fprintf(stderr, "The username or password was not correct.\n");
160 if (NT_STATUS_V(nt_status) ==
161 NT_STATUS_V(NT_STATUS_ACCOUNT_LOCKED_OUT))
162 d_fprintf(stderr, "The account was locked out.\n");
164 if (NT_STATUS_V(nt_status) ==
165 NT_STATUS_V(NT_STATUS_ACCOUNT_DISABLED))
166 d_fprintf(stderr, "The account was disabled.\n");
170 if (c->smb_encrypt) {
171 nt_status = cli_force_encryption(*cli_ctx,
176 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_NOT_SUPPORTED)) {
177 d_printf("Encryption required and "
178 "server that doesn't support "
179 "UNIX extensions - failing connect\n");
180 } else if (NT_STATUS_EQUAL(nt_status,NT_STATUS_UNKNOWN_REVISION)) {
181 d_printf("Encryption required and "
182 "can't get UNIX CIFS extensions "
183 "version from server.\n");
184 } else if (NT_STATUS_EQUAL(nt_status,NT_STATUS_UNSUPPORTED_COMPRESSION)) {
185 d_printf("Encryption required and "
186 "share %s doesn't support "
187 "encryption.\n", service_name);
188 } else if (!NT_STATUS_IS_OK(nt_status)) {
189 d_printf("Encryption required and "
190 "setup failed with error %s.\n",
191 nt_errstr(nt_status));
194 if (!NT_STATUS_IS_OK(nt_status)) {
195 cli_shutdown(*cli_ctx);
203 /****************************************************************************
204 Connect to \\server\ipc$.
205 ****************************************************************************/
207 NTSTATUS connect_to_ipc(struct net_context *c,
208 struct cli_state **cli_ctx,
209 struct sockaddr_storage *server_ss,
210 const char *server_name)
212 return connect_to_service(c, cli_ctx, server_ss, server_name, "IPC$",
216 /****************************************************************************
217 Connect to \\server\ipc$ anonymously.
218 ****************************************************************************/
220 NTSTATUS connect_to_ipc_anonymous(struct net_context *c,
221 struct cli_state **cli_ctx,
222 struct sockaddr_storage *server_ss,
223 const char *server_name)
227 nt_status = cli_full_connection(cli_ctx, c->opt_requester_name,
228 server_name, server_ss, c->opt_port,
231 "", 0, Undefined, NULL);
233 if (NT_STATUS_IS_OK(nt_status)) {
236 DEBUG(1,("Cannot connect to server (anonymously). Error was %s\n", nt_errstr(nt_status)));
241 /****************************************************************************
242 Return malloced user@realm for krb5 login.
243 ****************************************************************************/
245 static char *get_user_and_realm(const char *username)
247 char *user_and_realm = NULL;
252 if (strchr_m(username, '@')) {
253 user_and_realm = SMB_STRDUP(username);
255 if (asprintf(&user_and_realm, "%s@%s", username, lp_realm()) == -1) {
256 user_and_realm = NULL;
259 return user_and_realm;
262 /****************************************************************************
263 Connect to \\server\ipc$ using KRB5.
264 ****************************************************************************/
266 NTSTATUS connect_to_ipc_krb5(struct net_context *c,
267 struct cli_state **cli_ctx,
268 struct sockaddr_storage *server_ss,
269 const char *server_name)
272 char *user_and_realm = NULL;
274 /* FIXME: Should get existing kerberos ticket if possible. */
275 c->opt_password = net_prompt_pass(c, c->opt_user_name);
276 if (!c->opt_password) {
277 return NT_STATUS_NO_MEMORY;
280 user_and_realm = get_user_and_realm(c->opt_user_name);
281 if (!user_and_realm) {
282 return NT_STATUS_NO_MEMORY;
285 nt_status = cli_full_connection(cli_ctx, NULL, server_name,
286 server_ss, c->opt_port,
288 user_and_realm, c->opt_workgroup,
290 CLI_FULL_CONNECTION_USE_KERBEROS,
293 SAFE_FREE(user_and_realm);
295 if (!NT_STATUS_IS_OK(nt_status)) {
296 DEBUG(1,("Cannot connect to server using kerberos. Error was %s\n", nt_errstr(nt_status)));
300 if (c->smb_encrypt) {
301 nt_status = cli_cm_force_encryption(*cli_ctx,
306 if (!NT_STATUS_IS_OK(nt_status)) {
307 cli_shutdown(*cli_ctx);
316 * Connect a server and open a given pipe
318 * @param cli_dst A cli_state
319 * @param pipe The pipe to open
320 * @param got_pipe boolean that stores if we got a pipe
322 * @return Normal NTSTATUS return.
324 NTSTATUS connect_dst_pipe(struct net_context *c, struct cli_state **cli_dst,
325 struct rpc_pipe_client **pp_pipe_hnd, int pipe_num)
328 char *server_name = SMB_STRDUP("127.0.0.1");
329 struct cli_state *cli_tmp = NULL;
330 struct rpc_pipe_client *pipe_hnd = NULL;
332 if (server_name == NULL) {
333 return NT_STATUS_NO_MEMORY;
336 if (c->opt_destination) {
337 SAFE_FREE(server_name);
338 if ((server_name = SMB_STRDUP(c->opt_destination)) == NULL) {
339 return NT_STATUS_NO_MEMORY;
343 /* make a connection to a named pipe */
344 nt_status = connect_to_ipc(c, &cli_tmp, NULL, server_name);
345 if (!NT_STATUS_IS_OK(nt_status)) {
346 SAFE_FREE(server_name);
350 pipe_hnd = cli_rpc_pipe_open_noauth(cli_tmp, pipe_num, &nt_status);
352 DEBUG(0, ("couldn't not initialize pipe\n"));
353 cli_shutdown(cli_tmp);
354 SAFE_FREE(server_name);
359 *pp_pipe_hnd = pipe_hnd;
360 SAFE_FREE(server_name);
365 /****************************************************************************
366 Use the local machine account (krb) and password for this session.
367 ****************************************************************************/
369 int net_use_krb_machine_account(struct net_context *c)
371 char *user_name = NULL;
373 if (!secrets_init()) {
374 d_fprintf(stderr, "ERROR: Unable to open secrets database\n");
378 c->opt_password = secrets_fetch_machine_password(
379 c->opt_target_workgroup, NULL, NULL);
380 if (asprintf(&user_name, "%s$@%s", global_myname(), lp_realm()) == -1) {
383 c->opt_user_name = user_name;
387 /****************************************************************************
388 Use the machine account name and password for this session.
389 ****************************************************************************/
391 int net_use_machine_account(struct net_context *c)
393 char *user_name = NULL;
395 if (!secrets_init()) {
396 d_fprintf(stderr, "ERROR: Unable to open secrets database\n");
400 c->opt_password = secrets_fetch_machine_password(
401 c->opt_target_workgroup, NULL, NULL);
402 if (asprintf(&user_name, "%s$", global_myname()) == -1) {
405 c->opt_user_name = user_name;
409 bool net_find_server(struct net_context *c,
412 struct sockaddr_storage *server_ss,
415 const char *d = domain ? domain : c->opt_target_workgroup;
418 *server_name = SMB_STRDUP(c->opt_host);
421 if (c->opt_have_ip) {
422 *server_ss = c->opt_dest_ip;
424 char addr[INET6_ADDRSTRLEN];
425 print_sockaddr(addr, sizeof(addr), &c->opt_dest_ip);
426 *server_name = SMB_STRDUP(addr);
428 } else if (*server_name) {
429 /* resolve the IP address */
430 if (!resolve_name(*server_name, server_ss, 0x20)) {
431 DEBUG(1,("Unable to resolve server name\n"));
434 } else if (flags & NET_FLAGS_PDC) {
436 struct sockaddr_storage pdc_ss;
438 if (!get_pdc_ip(d, &pdc_ss)) {
439 DEBUG(1,("Unable to resolve PDC server address\n"));
443 if (is_zero_addr(&pdc_ss)) {
447 if (!name_status_find(d, 0x1b, 0x20, &pdc_ss, dc_name)) {
451 *server_name = SMB_STRDUP(dc_name);
453 } else if (flags & NET_FLAGS_DMB) {
454 struct sockaddr_storage msbrow_ss;
455 char addr[INET6_ADDRSTRLEN];
457 /* if (!resolve_name(MSBROWSE, &msbrow_ip, 1)) */
458 if (!resolve_name(d, &msbrow_ss, 0x1B)) {
459 DEBUG(1,("Unable to resolve domain browser via name lookup\n"));
462 *server_ss = msbrow_ss;
463 print_sockaddr(addr, sizeof(addr), server_ss);
464 *server_name = SMB_STRDUP(addr);
465 } else if (flags & NET_FLAGS_MASTER) {
466 struct sockaddr_storage brow_ss;
467 char addr[INET6_ADDRSTRLEN];
468 if (!resolve_name(d, &brow_ss, 0x1D)) {
469 /* go looking for workgroups */
470 DEBUG(1,("Unable to resolve master browser via name lookup\n"));
473 *server_ss = brow_ss;
474 print_sockaddr(addr, sizeof(addr), server_ss);
475 *server_name = SMB_STRDUP(addr);
476 } else if (!(flags & NET_FLAGS_LOCALHOST_DEFAULT_INSANE)) {
477 if (!interpret_string_addr(server_ss,
478 "127.0.0.1", AI_NUMERICHOST)) {
479 DEBUG(1,("Unable to resolve 127.0.0.1\n"));
482 *server_name = SMB_STRDUP("127.0.0.1");
486 DEBUG(1,("no server to connect to\n"));
493 bool net_find_pdc(struct sockaddr_storage *server_ss,
495 const char *domain_name)
497 if (!get_pdc_ip(domain_name, server_ss)) {
500 if (is_zero_addr(server_ss)) {
504 if (!name_status_find(domain_name, 0x1b, 0x20, server_ss, server_name)) {
511 NTSTATUS net_make_ipc_connection(struct net_context *c, unsigned flags,
512 struct cli_state **pcli)
514 return net_make_ipc_connection_ex(c, NULL, NULL, NULL, flags, pcli);
517 NTSTATUS net_make_ipc_connection_ex(struct net_context *c ,const char *domain,
519 struct sockaddr_storage *pss,
520 unsigned flags, struct cli_state **pcli)
522 char *server_name = NULL;
523 struct sockaddr_storage server_ss;
524 struct cli_state *cli = NULL;
527 if ( !server || !pss ) {
528 if (!net_find_server(c, domain, flags, &server_ss,
530 d_fprintf(stderr, "Unable to find a suitable server\n");
531 nt_status = NT_STATUS_UNSUCCESSFUL;
535 server_name = SMB_STRDUP( server );
539 if (flags & NET_FLAGS_ANONYMOUS) {
540 nt_status = connect_to_ipc_anonymous(c, &cli, &server_ss,
543 nt_status = connect_to_ipc(c, &cli, &server_ss,
547 /* store the server in the affinity cache if it was a PDC */
549 if ( (flags & NET_FLAGS_PDC) && NT_STATUS_IS_OK(nt_status) )
550 saf_store( cli->server_domain, cli->desthost );
552 SAFE_FREE(server_name);
553 if (!NT_STATUS_IS_OK(nt_status)) {
554 d_fprintf(stderr, "Connection failed: %s\n",
555 nt_errstr(nt_status));
566 static int net_user(struct net_context *c, int argc, const char **argv)
568 if (net_ads_check(c) == 0)
569 return net_ads_user(c, argc, argv);
571 /* if server is not specified, default to PDC? */
572 if (net_rpc_check(c, NET_FLAGS_PDC))
573 return net_rpc_user(c, argc, argv);
575 return net_rap_user(c, argc, argv);
578 static int net_group(struct net_context *c, int argc, const char **argv)
580 if (net_ads_check(c) == 0)
581 return net_ads_group(c, argc, argv);
583 if (argc == 0 && net_rpc_check(c, NET_FLAGS_PDC))
584 return net_rpc_group(c,argc, argv);
586 return net_rap_group(c, argc, argv);
589 static int net_changetrustpw(struct net_context *c, int argc, const char **argv)
591 if (net_ads_check_our_domain(c) == 0)
592 return net_ads_changetrustpw(c, argc, argv);
594 return net_rpc_changetrustpw(c, argc, argv);
597 static void set_line_buffering(FILE *f)
599 setvbuf(f, NULL, _IOLBF, 0);
602 static int net_changesecretpw(struct net_context *c, int argc,
606 uint32 sec_channel_type = SEC_CHAN_WKSTA;
610 set_line_buffering(stdin);
611 set_line_buffering(stdout);
612 set_line_buffering(stderr);
615 trust_pw = get_pass("Enter machine password: ", c->opt_stdin);
617 if (!secrets_store_machine_password(trust_pw, lp_workgroup(), sec_channel_type)) {
618 d_fprintf(stderr, "Unable to write the machine account password in the secrets database");
622 d_printf("Modified trust account password in secrets database\n");
626 d_printf("Machine account password change requires the -f flag.\n");
627 d_printf("Do NOT use this function unless you know what it does!\n");
628 d_printf("This function will change the ADS Domain member machine account password in the secrets.tdb file!\n");
634 static int net_share(struct net_context *c, int argc, const char **argv)
636 if (net_rpc_check(c, 0))
637 return net_rpc_share(c, argc, argv);
638 return net_rap_share(c, argc, argv);
641 static int net_file(struct net_context *c, int argc, const char **argv)
643 if (net_rpc_check(c, 0))
644 return net_rpc_file(c, argc, argv);
645 return net_rap_file(c, argc, argv);
649 Retrieve our local SID or the SID for the specified name
651 static int net_getlocalsid(struct net_context *c, int argc, const char **argv)
661 name = global_myname();
664 if(!initialize_password_db(false, NULL)) {
665 DEBUG(0, ("WARNING: Could not open passdb - local sid may not reflect passdb\n"
666 "backend knowledge (such as the sid stored in LDAP)\n"));
669 /* first check to see if we can even access secrets, so we don't
670 panic when we can't. */
672 if (!secrets_init()) {
673 d_fprintf(stderr, "Unable to open secrets.tdb. Can't fetch domain SID for name: %s\n", name);
677 /* Generate one, if it doesn't exist */
678 get_global_sam_sid();
680 if (!secrets_fetch_domain_sid(name, &sid)) {
681 DEBUG(0, ("Can't fetch domain SID for name: %s\n", name));
684 sid_to_fstring(sid_str, &sid);
685 d_printf("SID for domain %s is: %s\n", name, sid_str);
689 static int net_setlocalsid(struct net_context *c, int argc, const char **argv)
694 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
695 || (!string_to_sid(&sid, argv[0]))
696 || (sid.num_auths != 4)) {
697 d_printf("usage: net setlocalsid S-1-5-21-x-y-z\n");
701 if (!secrets_store_domain_sid(global_myname(), &sid)) {
702 DEBUG(0,("Can't store domain SID as a pdc/bdc.\n"));
709 static int net_setdomainsid(struct net_context *c, int argc, const char **argv)
714 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
715 || (!string_to_sid(&sid, argv[0]))
716 || (sid.num_auths != 4)) {
717 d_printf("usage: net setdomainsid S-1-5-21-x-y-z\n");
721 if (!secrets_store_domain_sid(lp_workgroup(), &sid)) {
722 DEBUG(0,("Can't store domain SID.\n"));
729 static int net_getdomainsid(struct net_context *c, int argc, const char **argv)
735 d_printf("usage: net getdomainsid\n");
739 if(!initialize_password_db(false, NULL)) {
740 DEBUG(0, ("WARNING: Could not open passdb - domain SID may "
741 "not reflect passdb\n"
742 "backend knowledge (such as the SID stored in "
746 /* first check to see if we can even access secrets, so we don't
747 panic when we can't. */
749 if (!secrets_init()) {
750 d_fprintf(stderr, "Unable to open secrets.tdb. Can't fetch domain"
751 "SID for name: %s\n", get_global_sam_name());
755 /* Generate one, if it doesn't exist */
756 get_global_sam_sid();
758 if (!secrets_fetch_domain_sid(global_myname(), &domain_sid)) {
759 d_fprintf(stderr, "Could not fetch local SID\n");
762 sid_to_fstring(sid_str, &domain_sid);
763 d_printf("SID for local machine %s is: %s\n", global_myname(), sid_str);
765 if (!secrets_fetch_domain_sid(c->opt_workgroup, &domain_sid)) {
766 d_fprintf(stderr, "Could not fetch domain SID\n");
770 sid_to_fstring(sid_str, &domain_sid);
771 d_printf("SID for domain %s is: %s\n", c->opt_workgroup, sid_str);
776 #ifdef WITH_FAKE_KASERVER
778 int net_help_afs(struct net_context *c, int argc, const char **argv)
780 d_printf(" net afs key filename\n"
781 "\tImports a OpenAFS KeyFile into our secrets.tdb\n\n");
782 d_printf(" net afs impersonate <user> <cell>\n"
783 "\tCreates a token for user@cell\n\n");
787 static int net_afs_key(struct net_context *c, int argc, const char **argv)
790 struct afs_keyfile keyfile;
793 d_printf("usage: 'net afs key <keyfile> cell'\n");
797 if (!secrets_init()) {
798 d_fprintf(stderr, "Could not open secrets.tdb\n");
802 if ((fd = open(argv[0], O_RDONLY, 0)) < 0) {
803 d_fprintf(stderr, "Could not open %s\n", argv[0]);
807 if (read(fd, &keyfile, sizeof(keyfile)) != sizeof(keyfile)) {
808 d_fprintf(stderr, "Could not read keyfile\n");
812 if (!secrets_store_afs_keyfile(argv[1], &keyfile)) {
813 d_fprintf(stderr, "Could not write keyfile to secrets.tdb\n");
820 static int net_afs_impersonate(struct net_context *c, int argc,
826 fprintf(stderr, "Usage: net afs impersonate <user> <cell>\n");
830 token = afs_createtoken_str(argv[0], argv[1]);
833 fprintf(stderr, "Could not create token\n");
837 if (!afs_settoken_str(token)) {
838 fprintf(stderr, "Could not set token into kernel\n");
842 printf("Success: %s@%s\n", argv[0], argv[1]);
846 static int net_afs(struct net_context *c, int argc, const char **argv)
848 struct functable func[] = {
849 {"key", net_afs_key},
850 {"impersonate", net_afs_impersonate},
851 {"help", net_help_afs},
854 return net_run_function(c, argc, argv, func, net_help_afs);
857 #endif /* WITH_FAKE_KASERVER */
859 static bool search_maxrid(struct pdb_search *search, const char *type,
862 struct samr_displayentry *entries;
863 uint32 i, num_entries;
865 if (search == NULL) {
866 d_fprintf(stderr, "get_maxrid: Could not search %s\n", type);
870 num_entries = pdb_search_entries(search, 0, 0xffffffff, &entries);
871 for (i=0; i<num_entries; i++)
872 *max_rid = MAX(*max_rid, entries[i].rid);
873 pdb_search_destroy(search);
877 static uint32 get_maxrid(void)
881 if (!search_maxrid(pdb_search_users(0), "users", &max_rid))
884 if (!search_maxrid(pdb_search_groups(), "groups", &max_rid))
887 if (!search_maxrid(pdb_search_aliases(get_global_sam_sid()),
888 "aliases", &max_rid))
894 static int net_maxrid(struct net_context *c, int argc, const char **argv)
899 DEBUG(0, ("usage: net maxrid\n"));
903 if ((rid = get_maxrid()) == 0) {
904 DEBUG(0, ("can't get current maximum rid\n"));
908 d_printf("Currently used maximum rid: %d\n", rid);
913 /****************************************************************************
914 ****************************************************************************/
916 const char *net_prompt_pass(struct net_context *c, const char *user)
919 const char *pass = NULL;
921 if (c->opt_password) {
922 return c->opt_password;
925 if (c->opt_machine_pass) {
929 asprintf(&prompt, "Enter %s's password:", user);
934 pass = getpass(prompt);
940 /* main function table */
941 static struct functable net_func[] = {
946 /* eventually these should auto-choose the transport ... */
948 {"SHARE", net_share},
949 {"SESSION", net_rap_session},
950 {"SERVER", net_rap_server},
951 {"DOMAIN", net_rap_domain},
952 {"PRINTQ", net_rap_printq},
954 {"GROUP", net_group},
955 {"GROUPMAP", net_groupmap},
957 {"VALIDATE", net_rap_validate},
958 {"GROUPMEMBER", net_rap_groupmember},
959 {"ADMIN", net_rap_admin},
960 {"SERVICE", net_rap_service},
961 {"PASSWORD", net_rap_password},
962 {"CHANGETRUSTPW", net_changetrustpw},
963 {"CHANGESECRETPW", net_changesecretpw},
965 {"LOOKUP", net_lookup},
968 {"CACHE", net_cache},
969 {"GETLOCALSID", net_getlocalsid},
970 {"SETLOCALSID", net_setlocalsid},
971 {"SETDOMAINSID", net_setdomainsid},
972 {"GETDOMAINSID", net_getdomainsid},
973 {"MAXRID", net_maxrid},
974 {"IDMAP", net_idmap},
975 {"STATUS", net_status},
976 {"USERSHARE", net_usershare},
977 {"USERSIDLIST", net_usersidlist},
979 {"REGISTRY", net_registry},
980 #ifdef WITH_FAKE_KASERVER
989 /****************************************************************************
991 ****************************************************************************/
992 int main(int argc, const char **argv)
998 const char ** argv_new;
1000 TALLOC_CTX *frame = talloc_stackframe();
1001 struct net_context *c = talloc_zero(frame, struct net_context);
1003 struct poptOption long_options[] = {
1004 {"help", 'h', POPT_ARG_NONE, 0, 'h'},
1005 {"workgroup", 'w', POPT_ARG_STRING, &c->opt_target_workgroup},
1006 {"user", 'U', POPT_ARG_STRING, &c->opt_user_name, 'U'},
1007 {"ipaddress", 'I', POPT_ARG_STRING, 0,'I'},
1008 {"port", 'p', POPT_ARG_INT, &c->opt_port},
1009 {"myname", 'n', POPT_ARG_STRING, &c->opt_requester_name},
1010 {"server", 'S', POPT_ARG_STRING, &c->opt_host},
1011 {"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
1012 {"container", 'c', POPT_ARG_STRING, &c->opt_container},
1013 {"comment", 'C', POPT_ARG_STRING, &c->opt_comment},
1014 {"maxusers", 'M', POPT_ARG_INT, &c->opt_maxusers},
1015 {"flags", 'F', POPT_ARG_INT, &c->opt_flags},
1016 {"long", 'l', POPT_ARG_NONE, &c->opt_long_list_entries},
1017 {"reboot", 'r', POPT_ARG_NONE, &c->opt_reboot},
1018 {"force", 'f', POPT_ARG_NONE, &c->opt_force},
1019 {"stdin", 'i', POPT_ARG_NONE, &c->opt_stdin},
1020 {"timeout", 't', POPT_ARG_INT, &c->opt_timeout},
1021 {"machine-pass",'P', POPT_ARG_NONE, &c->opt_machine_pass},
1022 {"myworkgroup", 'W', POPT_ARG_STRING, &c->opt_workgroup},
1023 {"verbose", 'v', POPT_ARG_NONE, &c->opt_verbose},
1024 {"test", 'T', POPT_ARG_NONE, &c->opt_testmode},
1025 /* Options for 'net groupmap set' */
1026 {"local", 'L', POPT_ARG_NONE, &c->opt_localgroup},
1027 {"domain", 'D', POPT_ARG_NONE, &c->opt_domaingroup},
1028 {"ntname", 'N', POPT_ARG_STRING, &c->opt_newntname},
1029 {"rid", 'R', POPT_ARG_INT, &c->opt_rid},
1030 /* Options for 'net rpc share migrate' */
1031 {"acls", 0, POPT_ARG_NONE, &c->opt_acls},
1032 {"attrs", 0, POPT_ARG_NONE, &c->opt_attrs},
1033 {"timestamps", 0, POPT_ARG_NONE, &c->opt_timestamps},
1034 {"exclude", 'X', POPT_ARG_STRING, &c->opt_exclude},
1035 {"destination", 0, POPT_ARG_STRING, &c->opt_destination},
1036 {"tallocreport", 0, POPT_ARG_NONE, &c->do_talloc_report},
1043 zero_addr(&c->opt_dest_ip);
1047 /* set default debug level to 0 regardless of what smb.conf sets */
1048 DEBUGLEVEL_CLASS[DBGC_ALL] = 0;
1051 pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
1052 POPT_CONTEXT_KEEP_FIRST);
1054 while((opt = poptGetNextOpt(pc)) != -1) {
1057 net_help(c, argc, argv);
1061 c->smb_encrypt = true;
1064 if (!interpret_string_addr(&c->opt_dest_ip,
1065 poptGetOptArg(pc), 0)) {
1066 d_fprintf(stderr, "\nInvalid ip address specified\n");
1068 c->opt_have_ip = true;
1072 c->opt_user_specified = true;
1073 c->opt_user_name = SMB_STRDUP(c->opt_user_name);
1074 p = strchr(c->opt_user_name,'%');
1077 c->opt_password = p+1;
1081 d_fprintf(stderr, "\nInvalid option %s: %s\n",
1082 poptBadOption(pc, 0), poptStrerror(opt));
1083 net_help(c, argc, argv);
1089 * Don't load debug level from smb.conf. It should be
1090 * set by cmdline arg or remain default (0)
1092 c->AllowDebugChange = false;
1093 lp_load(get_dyn_CONFIGFILE(), true, false, false, true);
1095 argv_new = (const char **)poptGetArgs(pc);
1098 for (i=0; i<argc; i++) {
1099 if (argv_new[i] == NULL) {
1105 if (c->do_talloc_report) {
1106 talloc_enable_leak_report();
1109 if (c->opt_requester_name) {
1110 set_global_myname(c->opt_requester_name);
1113 if (!c->opt_user_name && getenv("LOGNAME")) {
1114 c->opt_user_name = getenv("LOGNAME");
1117 if (!c->opt_workgroup) {
1118 c->opt_workgroup = smb_xstrdup(lp_workgroup());
1121 if (!c->opt_target_workgroup) {
1122 c->opt_target_workgroup = smb_xstrdup(lp_workgroup());
1130 /* this makes sure that when we do things like call scripts,
1131 that it won't assert becouse we are not root */
1134 if (c->opt_machine_pass) {
1135 /* it is very useful to be able to make ads queries as the
1136 machine account for testing purposes and for domain leave */
1138 net_use_krb_machine_account(c);
1141 if (!c->opt_password) {
1142 c->opt_password = getenv("PASSWD");
1145 rc = net_run_function(c, argc_new-1, argv_new+1, net_func, net_help);
1147 DEBUG(2,("return code = %d\n", rc));
1149 libnetapi_free(c->netapi_ctx);
git.samba.org / ira / wip.git / blob