source3/rpcclient/cmd_netlogon.c

   1 /*
   2    Unix SMB/Netbios implementation.
   3    Version 1.9.
   4    NT Domain Authentication SMB / MSRPC client
   5    Copyright (C) Andrew Tridgell 1994-1997
   6    Copyright (C) Luke Kenneth Casson Leighton 1996-1997
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 2 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program; if not, write to the Free Software
  20    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21 */
  22
  23
  24
  25 #ifdef SYSLOG
  26 #undef SYSLOG
  27 #endif
  28
  29 #include "includes.h"
  30 #include "nterr.h"
  31
  32 extern int DEBUGLEVEL;
  33
  34 #define DEBUG_TESTING
  35
  36 extern struct ntuser_creds *usr_creds;
  37
  38 extern FILE* out_hnd;
  39
  40
  41 /****************************************************************************
  42 experimental nt login.
  43 ****************************************************************************/
  44 void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[])
  45 {
  46 #if 0
  47         extern BOOL global_machine_password_needs_changing;
  48 #endif
  49
  50         fstring nt_user_name;
  51         fstring password;
  52         BOOL res = True;
  53         char *nt_password;
  54         unsigned char trust_passwd[16];
  55         fstring trust_acct;
  56         fstring domain;
  57         char *p;
  58
  59         fstring srv_name;
  60         fstrcpy(srv_name, "\\\\");
  61         fstrcat(srv_name, info->dest_host);
  62         strupper(srv_name);
  63
  64         fstrcpy(domain, usr_creds->domain);
  65
  66         if (domain[0] == 0)
  67         {
  68                 fstrcpy(domain, info->dom.level3_dom);
  69         }
  70 #if 0
  71         /* machine account passwords */
  72         pstring new_mach_pwd;
  73
  74         /* initialisation */
  75         new_mach_pwd[0] = 0;
  76 #endif
  77
  78         argc--;
  79         argv++;
  80
  81         if (argc < 1)
  82         {
  83                 fstrcpy(nt_user_name, usr_creds->user_name);
  84                 if (nt_user_name[0] == 0)
  85                 {
  86                         report(out_hnd,"ntlogin: must specify username with anonymous connection\n");
  87                         report(out_hnd,"ntlogin [[DOMAIN\\]user] [password]\n");
  88                         return;
  89                 }
  90         }
  91         else
  92         {
  93                 fstrcpy(nt_user_name, argv[0]);
  94         }
  95
  96         p = strchr(nt_user_name, '\\');
  97         if (p != NULL)
  98         {
  99                 fstrcpy(domain, nt_user_name);
 100                 p = strchr(domain, '\\');
 101                 if (p != NULL)
 102                 {
 103                         *p = 0;
 104                         fstrcpy(nt_user_name, p+1);
 105                 }
 106
 107         }
 108
 109         if (domain[0] == 0)
 110         {
 111                 report(out_hnd,"no domain specified.\n");
 112         }
 113
 114         argc--;
 115         argv++;
 116
 117         if (argc > 0)
 118         {
 119                 nt_password = argv[0];
 120         }
 121         else
 122         {
 123                 nt_password = getpass("Enter NT Login password:");
 124         }
 125
 126         DEBUG(5,("do_nt_login_test: username %s from: %s\n",
 127                     nt_user_name, info->myhostname));
 128
 129         fstrcpy(trust_acct, info->myhostname);
 130         fstrcat(trust_acct, "$");
 131
 132         res = res ? trust_get_passwd(trust_passwd, domain, info->myhostname) : False;
 133
 134 #if 0
 135         /* check whether the user wants to change their machine password */
 136         res = res ? trust_account_check(info->dest_ip, info->dest_host,
 137                                         info->myhostname, usr_creds->domain,
 138                                         info->mach_acct, new_mach_pwd) : False;
 139 #endif
 140
 141         res = res ? cli_nt_setup_creds(srv_name, info->myhostname,
 142                                        trust_acct,
 143                                        trust_passwd, SEC_CHAN_WKSTA) == 0x0 : False;
 144
 145 #if 0
 146         /* change the machine password? */
 147         if (global_machine_password_needs_changing)
 148         {
 149                 unsigned char new_trust_passwd[16];
 150                 generate_random_buffer(new_trust_passwd, 16, True);
 151                 res = res ? cli_nt_srv_pwset(srv_name, info->myhostname, new_trust_passwd, SEC_CHAN_WKSTA) : False;
 152
 153                 if (res)
 154                 {
 155                         global_machine_password_needs_changing = !set_trust_account_password(new_trust_passwd);
 156                 }
 157
 158                 memset(new_trust_passwd, 0, 16);
 159         }
 160 #endif
 161
 162         memset(trust_passwd, 0, 16);
 163
 164         /* do an NT login */
 165         res = res ? cli_nt_login_interactive(srv_name, info->myhostname,
 166                          usr_creds->domain, nt_user_name,
 167                          getuid(), nt_password,
 168                          &info->dom.ctr, &info->dom.user_info3) : False;
 169
 170         /*** clear out the password ***/
 171         memset(password, 0, sizeof(password));
 172
 173 #if 0
 174         /* ok!  you're logged in!  do anything you like, then... */
 175
 176         /* do an NT logout */
 177         res = res ? cli_nt_logoff(srv_name, info->myhostname, &info->dom.ctr) : False;
 178 #endif
 179
 180         report(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n",
 181                 nt_user_name, BOOLSTR(res));
 182 }
 183
 184 /****************************************************************************
 185 experimental nt login.
 186 ****************************************************************************/
 187 void cmd_netlogon_domain_test(struct client_info *info, int argc, char *argv[])
 188 {
 189         char *nt_trust_dom;
 190         BOOL res = True;
 191         unsigned char trust_passwd[16];
 192         fstring inter_dom_acct;
 193
 194         fstring srv_name;
 195         fstrcpy(srv_name, "\\\\");
 196         fstrcat(srv_name, info->dest_host);
 197         strupper(srv_name);
 198
 199         if (argc < 2)
 200         {
 201                 report(out_hnd,"domtest: must specify domain name\n");
 202                 return;
 203         }
 204
 205         nt_trust_dom = argv[1];
 206
 207         DEBUG(5,("do_nt_login_test: domain %s\n", nt_trust_dom));
 208
 209         fstrcpy(inter_dom_acct, nt_trust_dom);
 210         fstrcat(inter_dom_acct, "$");
 211
 212         res = res ? trust_get_passwd(trust_passwd, usr_creds->domain, nt_trust_dom) : False;
 213
 214         res = res ? cli_nt_setup_creds(srv_name,
 215                                        info->myhostname, inter_dom_acct,
 216                                        trust_passwd,
 217                                        SEC_CHAN_DOMAIN) == 0x0 : False;
 218
 219         memset(trust_passwd, 0, 16);
 220
 221         report(out_hnd,"cmd_nt_login: credentials (%s) test succeeded: %s\n",
 222                 nt_trust_dom, BOOLSTR(res));
 223 }
 224
 225 /****************************************************************************
 226 experimental SAM synchronisation.
 227 ****************************************************************************/
 228 void cmd_sam_sync(struct client_info *info, int argc, char *argv[])
 229 {
 230         SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS];
 231         SAM_DELTA_CTR deltas[MAX_SAM_DELTAS];
 232         uint32 num;
 233         uchar trust_passwd[16];
 234         fstring srv_name;
 235         fstring trust_acct;
 236
 237         fstrcpy(srv_name, "\\\\");
 238         fstrcat(srv_name, info->dest_host);
 239         strupper(srv_name);
 240
 241         fstrcpy(trust_acct, info->myhostname);
 242         fstrcat(trust_acct, "$");
 243
 244         if (!trust_get_passwd(trust_passwd, usr_creds->domain, info->myhostname))
 245         {
 246                 report(out_hnd, "cmd_sam_sync: no trust account password\n");
 247                 return;
 248         }
 249
 250         if (net_sam_sync(srv_name, info->myhostname,
 251                 trust_acct, trust_passwd,
 252             hdr_deltas, deltas, &num))
 253         {
 254                 display_sam_sync(out_hnd, ACTION_HEADER   , hdr_deltas, deltas, num);
 255                 display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas, deltas, num);
 256                 display_sam_sync(out_hnd, ACTION_FOOTER   , hdr_deltas, deltas, num);
 257         }
 258 }