-/*
- Samba Unix/Linux SMB client library
- Distributed SMB/CIFS Server Management Utility
+/*
+ Samba Unix/Linux SMB client library
+ Distributed SMB/CIFS Server Management Utility
Copyright (C) 2006 Volker Lendecke (vl@samba.org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>. */
-
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
#include "includes.h"
#include "utils/net.h"
+#include "rpc_client/rpc_client.h"
+#include "../librpc/gen_ndr/ndr_samr_c.h"
+#include "../libcli/security/security.h"
/*
* Do something with the account policies. Read them all, run a function on
* it has modified, it can return 0 for no change.
*/
-static NTSTATUS rpc_sh_acct_do(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_do(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv,
- int (*fn)(TALLOC_CTX *mem_ctx,
+ int (*fn)(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
struct samr_DomInfo12 *i12,
int argc, const char **argv))
{
- POLICY_HND connect_pol, domain_pol;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ struct policy_handle connect_pol, domain_pol;
+ NTSTATUS status, result;
union samr_DomainInfo *info1 = NULL;
union samr_DomainInfo *info3 = NULL;
union samr_DomainInfo *info12 = NULL;
int store;
+ struct dcerpc_binding_handle *b = pipe_hnd->binding_handle;
ZERO_STRUCT(connect_pol);
ZERO_STRUCT(domain_pol);
/* Get sam policy handle */
- result = rpccli_samr_Connect2(pipe_hnd, mem_ctx,
- pipe_hnd->cli->desthost,
+ status = dcerpc_samr_Connect2(b, mem_ctx,
+ pipe_hnd->desthost,
MAXIMUM_ALLOWED_ACCESS,
- &connect_pol);
+ &connect_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
-
+
/* Get domain policy handle */
- result = rpccli_samr_OpenDomain(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_OpenDomain(b, mem_ctx,
&connect_pol,
MAXIMUM_ALLOWED_ACCESS,
ctx->domain_sid,
- &domain_pol);
+ &domain_pol,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
+ status = result;
goto done;
}
- result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryDomainInfo(b, mem_ctx,
&domain_pol,
1,
- &info1);
-
+ &info1,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
- d_fprintf(stderr, "query_domain_info level 1 failed: %s\n",
+ status = result;
+ d_fprintf(stderr, _("query_domain_info level 1 failed: %s\n"),
nt_errstr(result));
goto done;
}
- result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryDomainInfo(b, mem_ctx,
&domain_pol,
3,
- &info3);
-
+ &info3,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
- d_fprintf(stderr, "query_domain_info level 3 failed: %s\n",
+ status = result;
+ d_fprintf(stderr, _("query_domain_info level 3 failed: %s\n"),
nt_errstr(result));
goto done;
}
- result = rpccli_samr_QueryDomainInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_QueryDomainInfo(b, mem_ctx,
&domain_pol,
12,
- &info12);
-
+ &info12,
+ &result);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
if (!NT_STATUS_IS_OK(result)) {
- d_fprintf(stderr, "query_domain_info level 12 failed: %s\n",
+ status = result;
+ d_fprintf(stderr, _("query_domain_info level 12 failed: %s\n"),
nt_errstr(result));
goto done;
}
- store = fn(mem_ctx, ctx, &info1->info1, &info3->info3,
+ store = fn(c, mem_ctx, ctx, &info1->info1, &info3->info3,
&info12->info12, argc, argv);
if (store <= 0) {
switch (store) {
case 1:
- result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_SetDomainInfo(b, mem_ctx,
&domain_pol,
1,
- info1);
+ info1,
+ &result);
break;
case 3:
- result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_SetDomainInfo(b, mem_ctx,
&domain_pol,
3,
- info3);
+ info3,
+ &result);
break;
case 12:
- result = rpccli_samr_SetDomainInfo(pipe_hnd, mem_ctx,
+ status = dcerpc_samr_SetDomainInfo(b, mem_ctx,
&domain_pol,
12,
- info12);
+ info12,
+ &result);
break;
default:
- d_fprintf(stderr, "Got unexpected info level %d\n", store);
- result = NT_STATUS_INTERNAL_ERROR;
+ d_fprintf(stderr, _("Got unexpected info level %d\n"), store);
+ status = NT_STATUS_INTERNAL_ERROR;
goto done;
}
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ status = result;
+
done:
if (is_valid_policy_hnd(&domain_pol)) {
- rpccli_samr_Close(pipe_hnd, mem_ctx, &domain_pol);
+ dcerpc_samr_Close(b, mem_ctx, &domain_pol, &result);
}
if (is_valid_policy_hnd(&connect_pol)) {
- rpccli_samr_Close(pipe_hnd, mem_ctx, &connect_pol);
+ dcerpc_samr_Close(b, mem_ctx, &connect_pol, &result);
}
- return result;
+ return status;
}
-static int account_show(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
+static int account_show(struct net_context *c,
+ TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
struct samr_DomInfo12 *i12,
int argc, const char **argv)
{
if (argc != 0) {
- d_fprintf(stderr, "usage: %s\n", ctx->whoami);
+ d_fprintf(stderr, "%s %s\n", _("Usage:"), ctx->whoami);
return -1;
}
- d_printf("Minimum password length: %d\n", i1->min_password_length);
- d_printf("Password history length: %d\n", i1->password_history_length);
+ d_printf(_("Minimum password length: %d\n"), i1->min_password_length);
+ d_printf(_("Password history length: %d\n"),
+ i1->password_history_length);
- d_printf("Minimum password age: ");
+ d_printf(_("Minimum password age: "));
if (!nt_time_is_zero((NTTIME *)&i1->min_password_age)) {
time_t t = nt_time_to_unix_abs((NTTIME *)&i1->min_password_age);
- d_printf("%d seconds\n", (int)t);
+ d_printf(_("%d seconds\n"), (int)t);
} else {
- d_printf("not set\n");
+ d_printf(_("not set\n"));
}
- d_printf("Maximum password age: ");
+ d_printf(_("Maximum password age: "));
if (nt_time_is_set((NTTIME *)&i1->max_password_age)) {
time_t t = nt_time_to_unix_abs((NTTIME *)&i1->max_password_age);
- d_printf("%d seconds\n", (int)t);
+ d_printf(_("%d seconds\n"), (int)t);
} else {
- d_printf("not set\n");
+ d_printf(_("not set\n"));
}
- d_printf("Bad logon attempts: %d\n", i12->lockout_threshold);
+ d_printf(_("Bad logon attempts: %d\n"), i12->lockout_threshold);
if (i12->lockout_threshold != 0) {
- d_printf("Account lockout duration: ");
+ d_printf(_("Account lockout duration: "));
if (nt_time_is_set(&i12->lockout_duration)) {
time_t t = nt_time_to_unix_abs(&i12->lockout_duration);
- d_printf("%d seconds\n", (int)t);
+ d_printf(_("%d seconds\n"), (int)t);
} else {
- d_printf("not set\n");
+ d_printf(_("not set\n"));
}
- d_printf("Bad password count reset after: ");
+ d_printf(_("Bad password count reset after: "));
if (nt_time_is_set(&i12->lockout_window)) {
time_t t = nt_time_to_unix_abs(&i12->lockout_window);
- d_printf("%d seconds\n", (int)t);
+ d_printf(_("%d seconds\n"), (int)t);
} else {
- d_printf("not set\n");
+ d_printf(_("not set\n"));
}
}
- d_printf("Disconnect users when logon hours expire: %s\n",
- nt_time_is_zero(&i3->force_logoff_time) ? "yes" : "no");
+ d_printf(_("Disconnect users when logon hours expire: %s\n"),
+ nt_time_is_zero(&i3->force_logoff_time) ? _("yes") : _("no"));
+
+ d_printf(_("User must logon to change password: %s\n"),
+ (i1->password_properties & 0x2) ? _("yes") : _("no"));
- d_printf("User must logon to change password: %s\n",
- (i1->password_properties & 0x2) ? "yes" : "no");
-
return 0; /* Don't save */
}
-static NTSTATUS rpc_sh_acct_pol_show(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_pol_show(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv) {
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_show);
}
-static int account_set_badpw(TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
+static int account_set_badpw(struct net_context *c,
+ TALLOC_CTX *mem_ctx, struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
struct samr_DomInfo12 *i12,
int argc, const char **argv)
{
if (argc != 1) {
- d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+ d_fprintf(stderr, "%s %s <count>\n", _("Usage:"), ctx->whoami);
return -1;
}
i12->lockout_threshold = atoi(argv[0]);
- d_printf("Setting bad password count to %d\n",
+ d_printf(_("Setting bad password count to %d\n"),
i12->lockout_threshold);
return 12;
}
-static NTSTATUS rpc_sh_acct_set_badpw(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_set_badpw(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_set_badpw);
}
-static int account_set_lockduration(TALLOC_CTX *mem_ctx,
+static int account_set_lockduration(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
int argc, const char **argv)
{
if (argc != 1) {
- d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+ d_fprintf(stderr, _("Usage: %s <count>\n"), ctx->whoami);
return -1;
}
unix_to_nt_time_abs(&i12->lockout_duration, atoi(argv[0]));
- d_printf("Setting lockout duration to %d seconds\n",
+ d_printf(_("Setting lockout duration to %d seconds\n"),
(int)nt_time_to_unix_abs(&i12->lockout_duration));
return 12;
}
-static NTSTATUS rpc_sh_acct_set_lockduration(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_set_lockduration(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_set_lockduration);
}
-static int account_set_resetduration(TALLOC_CTX *mem_ctx,
+static int account_set_resetduration(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
int argc, const char **argv)
{
if (argc != 1) {
- d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+ d_fprintf(stderr, _("Usage: %s <count>\n"), ctx->whoami);
return -1;
}
unix_to_nt_time_abs(&i12->lockout_window, atoi(argv[0]));
- d_printf("Setting bad password reset duration to %d seconds\n",
+ d_printf(_("Setting bad password reset duration to %d seconds\n"),
(int)nt_time_to_unix_abs(&i12->lockout_window));
return 12;
}
-static NTSTATUS rpc_sh_acct_set_resetduration(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_set_resetduration(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_set_resetduration);
}
-static int account_set_minpwage(TALLOC_CTX *mem_ctx,
+static int account_set_minpwage(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
int argc, const char **argv)
{
if (argc != 1) {
- d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+ d_fprintf(stderr, _("Usage: %s <count>\n"), ctx->whoami);
return -1;
}
unix_to_nt_time_abs((NTTIME *)&i1->min_password_age, atoi(argv[0]));
- d_printf("Setting minimum password age to %d seconds\n",
+ d_printf(_("Setting minimum password age to %d seconds\n"),
(int)nt_time_to_unix_abs((NTTIME *)&i1->min_password_age));
return 1;
}
-static NTSTATUS rpc_sh_acct_set_minpwage(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_set_minpwage(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_set_minpwage);
}
-static int account_set_maxpwage(TALLOC_CTX *mem_ctx,
+static int account_set_maxpwage(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
int argc, const char **argv)
{
if (argc != 1) {
- d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+ d_fprintf(stderr, _("Usage: %s <count>\n"), ctx->whoami);
return -1;
}
unix_to_nt_time_abs((NTTIME *)&i1->max_password_age, atoi(argv[0]));
- d_printf("Setting maximum password age to %d seconds\n",
+ d_printf(_("Setting maximum password age to %d seconds\n"),
(int)nt_time_to_unix_abs((NTTIME *)&i1->max_password_age));
return 1;
}
-static NTSTATUS rpc_sh_acct_set_maxpwage(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_set_maxpwage(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_set_maxpwage);
}
-static int account_set_minpwlen(TALLOC_CTX *mem_ctx,
+static int account_set_minpwlen(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
int argc, const char **argv)
{
if (argc != 1) {
- d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+ d_fprintf(stderr, _("Usage: %s <count>\n"), ctx->whoami);
return -1;
}
i1->min_password_length = atoi(argv[0]);
- d_printf("Setting minimum password length to %d\n",
+ d_printf(_("Setting minimum password length to %d\n"),
i1->min_password_length);
return 1;
}
-static NTSTATUS rpc_sh_acct_set_minpwlen(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_set_minpwlen(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_set_minpwlen);
}
-static int account_set_pwhistlen(TALLOC_CTX *mem_ctx,
+static int account_set_pwhistlen(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct samr_DomInfo1 *i1,
struct samr_DomInfo3 *i3,
int argc, const char **argv)
{
if (argc != 1) {
- d_fprintf(stderr, "usage: %s <count>\n", ctx->whoami);
+ d_fprintf(stderr, _("Usage: %s <count>\n"), ctx->whoami);
return -1;
}
i1->password_history_length = atoi(argv[0]);
- d_printf("Setting password history length to %d\n",
+ d_printf(_("Setting password history length to %d\n"),
i1->password_history_length);
return 1;
}
-static NTSTATUS rpc_sh_acct_set_pwhistlen(TALLOC_CTX *mem_ctx,
+static NTSTATUS rpc_sh_acct_set_pwhistlen(struct net_context *c,
+ TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx,
struct rpc_pipe_client *pipe_hnd,
int argc, const char **argv)
{
- return rpc_sh_acct_do(mem_ctx, ctx, pipe_hnd, argc, argv,
+ return rpc_sh_acct_do(c, mem_ctx, ctx, pipe_hnd, argc, argv,
account_set_pwhistlen);
}
-struct rpc_sh_cmd *net_rpc_acct_cmds(TALLOC_CTX *mem_ctx,
+struct rpc_sh_cmd *net_rpc_acct_cmds(struct net_context *c, TALLOC_CTX *mem_ctx,
struct rpc_sh_ctx *ctx)
{
static struct rpc_sh_cmd cmds[9] = {
- { "show", NULL, PI_SAMR, rpc_sh_acct_pol_show,
- "Show current account policy settings" },
- { "badpw", NULL, PI_SAMR, rpc_sh_acct_set_badpw,
- "Set bad password count before lockout" },
- { "lockduration", NULL, PI_SAMR, rpc_sh_acct_set_lockduration,
- "Set account lockout duration" },
- { "resetduration", NULL, PI_SAMR,
+ { "show", NULL, &ndr_table_samr, rpc_sh_acct_pol_show,
+ N_("Show current account policy settings") },
+ { "badpw", NULL, &ndr_table_samr, rpc_sh_acct_set_badpw,
+ N_("Set bad password count before lockout") },
+ { "lockduration", NULL, &ndr_table_samr, rpc_sh_acct_set_lockduration,
+ N_("Set account lockout duration") },
+ { "resetduration", NULL, &ndr_table_samr,
rpc_sh_acct_set_resetduration,
- "Set bad password count reset duration" },
- { "minpwage", NULL, PI_SAMR, rpc_sh_acct_set_minpwage,
- "Set minimum password age" },
- { "maxpwage", NULL, PI_SAMR, rpc_sh_acct_set_maxpwage,
- "Set maximum password age" },
- { "minpwlen", NULL, PI_SAMR, rpc_sh_acct_set_minpwlen,
- "Set minimum password length" },
- { "pwhistlen", NULL, PI_SAMR, rpc_sh_acct_set_pwhistlen,
- "Set the password history length" },
+ N_("Set bad password count reset duration") },
+ { "minpwage", NULL, &ndr_table_samr, rpc_sh_acct_set_minpwage,
+ N_("Set minimum password age") },
+ { "maxpwage", NULL, &ndr_table_samr, rpc_sh_acct_set_maxpwage,
+ N_("Set maximum password age") },
+ { "minpwlen", NULL, &ndr_table_samr, rpc_sh_acct_set_minpwlen,
+ N_("Set minimum password length") },
+ { "pwhistlen", NULL, &ndr_table_samr, rpc_sh_acct_set_pwhistlen,
+ N_("Set the password history length") },
{ NULL, NULL, 0, NULL, NULL }
};