2 Unix SMB/Netbios implementation.
4 NT Domain Authentication SMB / MSRPC client
5 Copyright (C) Andrew Tridgell 1994-1997
6 Copyright (C) Luke Kenneth Casson Leighton 1996-1997
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
32 extern int DEBUGLEVEL;
36 extern struct ntuser_creds *usr_creds;
41 /****************************************************************************
42 experimental nt login.
43 ****************************************************************************/
44 void cmd_netlogon_login_test(struct client_info *info, int argc, char *argv[])
47 extern BOOL global_machine_password_needs_changing;
54 unsigned char trust_passwd[16];
60 fstrcpy(srv_name, "\\\\");
61 fstrcat(srv_name, info->dest_host);
64 fstrcpy(domain, usr_creds->domain);
68 fstrcpy(domain, info->dom.level3_dom);
71 /* machine account passwords */
83 fstrcpy(nt_user_name, usr_creds->user_name);
84 if (nt_user_name[0] == 0)
86 report(out_hnd,"ntlogin: must specify username with anonymous connection\n");
87 report(out_hnd,"ntlogin [[DOMAIN\\]user] [password]\n");
93 fstrcpy(nt_user_name, argv[0]);
96 p = strchr(nt_user_name, '\\');
99 fstrcpy(domain, nt_user_name);
100 p = strchr(domain, '\\');
104 fstrcpy(nt_user_name, p+1);
111 report(out_hnd,"no domain specified.\n");
119 nt_password = argv[0];
123 nt_password = getpass("Enter NT Login password:");
126 DEBUG(5,("do_nt_login_test: username %s from: %s\n",
127 nt_user_name, info->myhostname));
129 fstrcpy(trust_acct, info->myhostname);
130 fstrcat(trust_acct, "$");
132 res = res ? trust_get_passwd(trust_passwd, domain, info->myhostname) : False;
135 /* check whether the user wants to change their machine password */
136 res = res ? trust_account_check(info->dest_ip, info->dest_host,
137 info->myhostname, usr_creds->domain,
138 info->mach_acct, new_mach_pwd) : False;
141 res = res ? cli_nt_setup_creds(srv_name, info->myhostname,
143 trust_passwd, SEC_CHAN_WKSTA) == 0x0 : False;
146 /* change the machine password? */
147 if (global_machine_password_needs_changing)
149 unsigned char new_trust_passwd[16];
150 generate_random_buffer(new_trust_passwd, 16, True);
151 res = res ? cli_nt_srv_pwset(srv_name, info->myhostname, new_trust_passwd, SEC_CHAN_WKSTA) : False;
155 global_machine_password_needs_changing = !set_trust_account_password(new_trust_passwd);
158 memset(new_trust_passwd, 0, 16);
162 memset(trust_passwd, 0, 16);
165 res = res ? cli_nt_login_interactive(srv_name, info->myhostname,
166 usr_creds->domain, nt_user_name,
167 getuid(), nt_password,
168 &info->dom.ctr, &info->dom.user_info3) : False;
170 /*** clear out the password ***/
171 memset(password, 0, sizeof(password));
174 /* ok! you're logged in! do anything you like, then... */
176 /* do an NT logout */
177 res = res ? cli_nt_logoff(srv_name, info->myhostname, &info->dom.ctr) : False;
180 report(out_hnd,"cmd_nt_login: login (%s) test succeeded: %s\n",
181 nt_user_name, BOOLSTR(res));
184 /****************************************************************************
185 experimental nt login.
186 ****************************************************************************/
187 void cmd_netlogon_domain_test(struct client_info *info, int argc, char *argv[])
191 unsigned char trust_passwd[16];
192 fstring inter_dom_acct;
195 fstrcpy(srv_name, "\\\\");
196 fstrcat(srv_name, info->dest_host);
201 report(out_hnd,"domtest: must specify domain name\n");
205 nt_trust_dom = argv[1];
207 DEBUG(5,("do_nt_login_test: domain %s\n", nt_trust_dom));
209 fstrcpy(inter_dom_acct, nt_trust_dom);
210 fstrcat(inter_dom_acct, "$");
212 res = res ? trust_get_passwd(trust_passwd, usr_creds->domain, nt_trust_dom) : False;
214 res = res ? cli_nt_setup_creds(srv_name,
215 info->myhostname, inter_dom_acct,
217 SEC_CHAN_DOMAIN) == 0x0 : False;
219 memset(trust_passwd, 0, 16);
221 report(out_hnd,"cmd_nt_login: credentials (%s) test succeeded: %s\n",
222 nt_trust_dom, BOOLSTR(res));
225 /****************************************************************************
226 experimental SAM synchronisation.
227 ****************************************************************************/
228 void cmd_sam_sync(struct client_info *info, int argc, char *argv[])
230 SAM_DELTA_HDR hdr_deltas[MAX_SAM_DELTAS];
231 SAM_DELTA_CTR deltas[MAX_SAM_DELTAS];
233 uchar trust_passwd[16];
237 fstrcpy(srv_name, "\\\\");
238 fstrcat(srv_name, info->dest_host);
241 fstrcpy(trust_acct, info->myhostname);
242 fstrcat(trust_acct, "$");
244 if (!trust_get_passwd(trust_passwd, usr_creds->domain, info->myhostname))
246 report(out_hnd, "cmd_sam_sync: no trust account password\n");
250 if (net_sam_sync(srv_name, info->myhostname,
251 trust_acct, trust_passwd,
252 hdr_deltas, deltas, &num))
254 display_sam_sync(out_hnd, ACTION_HEADER , hdr_deltas, deltas, num);
255 display_sam_sync(out_hnd, ACTION_ENUMERATE, hdr_deltas, deltas, num);
256 display_sam_sync(out_hnd, ACTION_FOOTER , hdr_deltas, deltas, num);