2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2001 Steve French (sfrench@us.ibm.com)
5 Copyright (C) 2001 Jim McDonough (jmcd@us.ibm.com)
6 Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
7 Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org)
8 Copyright (C) 2008 Kai Blin (kai@samba.org)
10 Originally written by Steve and Jim. Largely rewritten by tridge in
13 Reworked again by abartlet in December 2001
15 Another overhaul, moving functionality into plug-ins loaded on demand by Kai
18 This program is free software; you can redistribute it and/or modify
19 it under the terms of the GNU General Public License as published by
20 the Free Software Foundation; either version 3 of the License, or
21 (at your option) any later version.
23 This program is distributed in the hope that it will be useful,
24 but WITHOUT ANY WARRANTY; without even the implied warranty of
25 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 GNU General Public License for more details.
28 You should have received a copy of the GNU General Public License
29 along with this program. If not, see <http://www.gnu.org/licenses/>. */
31 /*****************************************************/
33 /* Distributed SMB/CIFS Server Management Utility */
35 /* The intent was to make the syntax similar */
36 /* to the NET utility (first developed in DOS */
37 /* with additional interesting & useful functions */
38 /* added in later SMB server network operating */
41 /*****************************************************/
44 #include "lib/cmdline/cmdline.h"
45 #include "utils/net.h"
47 #include "lib/netapi/netapi.h"
48 #include "../libcli/security/security.h"
51 #include "cmdline_contexts.h"
52 #include "lib/gencache.h"
53 #include "auth/credentials/credentials.h"
54 #include "source3/utils/passwd_proto.h"
55 #include "auth/gensec/gensec.h"
57 #ifdef WITH_FAKE_KASERVER
58 #include "utils/net_afs.h"
61 /***********************************************************************/
62 /* end of internationalization section */
63 /***********************************************************************/
65 enum netr_SchannelType get_sec_channel_type(const char *param)
67 if (!(param && *param)) {
68 return get_default_sec_channel();
70 if (strequal(param, "PDC")) {
72 } else if (strequal(param, "BDC")) {
74 } else if (strequal(param, "MEMBER")) {
75 return SEC_CHAN_WKSTA;
77 } else if (strequal(param, "DOMAIN")) {
78 return SEC_CHAN_DOMAIN;
81 return get_default_sec_channel();
86 static int net_changetrustpw(struct net_context *c, int argc, const char **argv)
88 if (net_ads_check_our_domain(c) == 0)
89 return net_ads_changetrustpw(c, argc, argv);
91 return net_rpc_changetrustpw(c, argc, argv);
94 static void set_line_buffering(FILE *f)
96 setvbuf(f, NULL, _IOLBF, 0);
99 static int net_primarytrust_dumpinfo(struct net_context *c, int argc,
102 int role = lp_server_role();
103 const char *domain = lp_workgroup();
104 struct secrets_domain_info1 *info = NULL;
105 bool include_secrets = c->opt_force;
109 if (role >= ROLE_ACTIVE_DIRECTORY_DC) {
110 d_printf(_("net primarytrust dumpinfo is only supported "
111 "on a DOMAIN_MEMBER for now.\n"));
116 set_line_buffering(stdin);
117 set_line_buffering(stdout);
118 set_line_buffering(stderr);
121 status = secrets_fetch_or_upgrade_domain_info(domain,
124 if (!NT_STATUS_IS_OK(status)) {
126 _("Unable to fetch the information for domain[%s] "
127 "in the secrets database.\n"),
132 str = secrets_domain_info_string(info, info, domain, include_secrets);
134 d_fprintf(stderr, "secrets_domain_info_string() failed.\n");
140 d_printf(_("The password values are only included using "
149 * Entrypoint for 'net primarytrust' code.
151 * @param argc Standard argc.
152 * @param argv Standard argv without initial components.
154 * @return Integer status (0 means success).
157 static int net_primarytrust(struct net_context *c, int argc, const char **argv)
159 struct functable func[] = {
161 .funcname = "dumpinfo",
162 .fn = net_primarytrust_dumpinfo,
163 .valid_transports = NET_TRANSPORT_LOCAL,
164 .description = N_("Dump the details of the "
165 "workstation trust"),
166 .usage = N_(" net [options] primarytrust "
168 " Dump the details of the "
169 "workstation trust in "
171 " Requires the -f flag to "
172 "include the password values."),
179 return net_run_function(c, argc, argv, "net primarytrust", func);
182 static int net_changesecretpw(struct net_context *c, int argc,
186 int role = lp_server_role();
188 if (role != ROLE_DOMAIN_MEMBER) {
189 d_printf(_("Machine account password change only supported on a DOMAIN_MEMBER.\n"
190 "Do NOT use this function unless you know what it does!\n"
191 "This function will change the ADS Domain member "
192 "machine account password in the secrets.tdb file!\n"));
197 struct secrets_domain_info1 *info = NULL;
198 struct secrets_domain_info1_change *prev = NULL;
200 struct timeval tv = timeval_current();
201 NTTIME now = timeval_to_nttime(&tv);
204 set_line_buffering(stdin);
205 set_line_buffering(stdout);
206 set_line_buffering(stderr);
209 trust_pw = get_pass(_("Enter machine password: "), c->opt_stdin);
210 if (trust_pw == NULL) {
212 _("Error in reading machine password\n"));
216 status = secrets_prepare_password_change(lp_workgroup(),
221 if (!NT_STATUS_IS_OK(status)) {
223 _("Unable to write the machine account password in the secrets database"));
228 _("Pending machine account password change found - aborting."));
229 status = secrets_failed_password_change("localhost",
230 NT_STATUS_REQUEST_NOT_ACCEPTED,
231 NT_STATUS_NOT_COMMITTED,
233 if (!NT_STATUS_IS_OK(status)) {
235 _("Failed to abort machine account password change"));
239 status = secrets_finish_password_change("localhost", now, info);
240 if (!NT_STATUS_IS_OK(status)) {
242 _("Unable to write the machine account password in the secrets database"));
246 d_printf(_("Modified trust account password in secrets database\n"));
249 d_printf(_("Machine account password change requires the -f flag.\n"
250 "Do NOT use this function unless you know what it does!\n"
251 "This function will change the ADS Domain member "
252 "machine account password in the secrets.tdb file!\n"));
259 * @brief Set the authorised user for winbindd access in secrets.tdb
261 static int net_setauthuser(struct net_context *c, int argc, const char **argv)
263 const char *password = NULL;
266 if (!secrets_init()) {
267 d_fprintf(stderr, _("Failed to open secrets.tdb.\n"));
271 /* Delete the settings. */
273 if (strncmp(argv[0], "delete", 6) != 0) {
274 d_fprintf(stderr,_("Usage:\n"));
276 _(" net setauthuser -U user[%%password] \n"
277 " Set the auth user account to user"
278 "password. Prompt for password if not "
281 _(" net setauthuser delete\n"
282 " Delete the auth user setting.\n"));
285 secrets_delete_entry(SECRETS_AUTH_USER);
286 secrets_delete_entry(SECRETS_AUTH_DOMAIN);
287 secrets_delete_entry(SECRETS_AUTH_PASSWORD);
291 if (!c->opt_user_specified) {
292 d_fprintf(stderr, _("Usage:\n"));
294 _(" net setauthuser -U user[%%password]\n"
295 " Set the auth user account to user"
296 "password. Prompt for password if not "
299 _(" net setauthuser delete\n"
300 " Delete the auth user setting.\n"));
304 password = net_prompt_pass(c, _("the auth user"));
305 if (password == NULL) {
306 d_fprintf(stderr,_("Failed to get the auth users password.\n"));
310 ok = secrets_store_creds(c->creds);
312 d_fprintf(stderr, _("Failed storing auth user credentials\n"));
320 * @brief Get the auth user settings
322 static int net_getauthuser(struct net_context *c, int argc, const char **argv)
324 char *user, *domain, *password;
326 /* Lift data from secrets file */
328 secrets_fetch_ipc_userpass(&user, &domain, &password);
330 if ((!user || !*user) && (!domain || !*domain ) &&
331 (!password || !*password)){
335 BURN_FREE_STR(password);
336 d_printf(_("No authorised user configured\n"));
340 /* Pretty print authorised user info */
342 d_printf("%s%s%s%s%s\n", domain ? domain : "",
343 domain ? lp_winbind_separator(): "", user,
344 password ? "%" : "", password ? password : "");
348 BURN_FREE_STR(password);
353 Retrieve our local SID or the SID for the specified name
355 static int net_getlocalsid(struct net_context *c, int argc, const char **argv)
359 struct dom_sid_buf sid_str;
365 name = lp_netbios_name();
368 if(!initialize_password_db(false, NULL)) {
369 d_fprintf(stderr, _("WARNING: Could not open passdb\n"));
373 /* first check to see if we can even access secrets, so we don't
374 panic when we can't. */
376 if (!secrets_init()) {
378 _("Unable to open secrets.tdb. Can't fetch domain "
379 "SID for name: %s\n"), name);
383 /* Generate one, if it doesn't exist */
384 get_global_sam_sid();
386 if (!secrets_fetch_domain_sid(name, &sid)) {
387 DEBUG(0, ("Can't fetch domain SID for name: %s\n", name));
390 d_printf(_("SID for domain %s is: %s\n"),
392 dom_sid_str_buf(&sid, &sid_str));
396 static int net_setlocalsid(struct net_context *c, int argc, const char **argv)
401 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
402 || (!string_to_sid(&sid, argv[0]))
403 || (sid.num_auths != 4)) {
404 d_printf(_("Usage:"));
405 d_printf(" net setlocalsid S-1-5-21-x-y-z\n");
409 if (!secrets_store_domain_sid(lp_netbios_name(), &sid)) {
410 DEBUG(0,("Can't store domain SID as a pdc/bdc.\n"));
417 static int net_setdomainsid(struct net_context *c, int argc, const char **argv)
422 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
423 || (!string_to_sid(&sid, argv[0]))
424 || (sid.num_auths != 4)) {
425 d_printf(_("Usage:"));
426 d_printf(" net setdomainsid S-1-5-21-x-y-z\n");
430 if (!secrets_store_domain_sid(lp_workgroup(), &sid)) {
431 DEBUG(0,("Can't store domain SID.\n"));
438 static int net_getdomainsid(struct net_context *c, int argc, const char **argv)
440 struct dom_sid domain_sid;
441 struct dom_sid_buf sid_str;
444 d_printf(_("Usage:"));
445 d_printf(" net getdomainsid\n");
449 if(!initialize_password_db(false, NULL)) {
450 d_fprintf(stderr, _("WARNING: Could not open passdb\n"));
454 /* first check to see if we can even access secrets, so we don't
455 panic when we can't. */
457 if (!secrets_init()) {
458 d_fprintf(stderr, _("Unable to open secrets.tdb. Can't fetch "
459 "domain SID for name: %s\n"),
460 get_global_sam_name());
464 /* Generate one, if it doesn't exist */
465 get_global_sam_sid();
468 if (!secrets_fetch_domain_sid(lp_netbios_name(), &domain_sid)) {
469 d_fprintf(stderr, _("Could not fetch local SID\n"));
472 d_printf(_("SID for local machine %s is: %s\n"),
474 dom_sid_str_buf(&domain_sid, &sid_str));
476 if (!secrets_fetch_domain_sid(c->opt_workgroup, &domain_sid)) {
477 d_fprintf(stderr, _("Could not fetch domain SID\n"));
481 d_printf(_("SID for domain %s is: %s\n"),
483 dom_sid_str_buf(&domain_sid, &sid_str));
488 static bool search_maxrid(struct pdb_search *search, const char *type,
491 struct samr_displayentry *entries;
492 uint32_t i, num_entries;
494 if (search == NULL) {
495 d_fprintf(stderr, _("get_maxrid: Could not search %s\n"), type);
499 num_entries = pdb_search_entries(search, 0, 0xffffffff, &entries);
500 for (i=0; i<num_entries; i++)
501 *max_rid = MAX(*max_rid, entries[i].rid);
506 static uint32_t get_maxrid(void)
508 uint32_t max_rid = 0;
510 if (!search_maxrid(pdb_search_users(talloc_tos(), 0), "users", &max_rid))
513 if (!search_maxrid(pdb_search_groups(talloc_tos()), "groups", &max_rid))
516 if (!search_maxrid(pdb_search_aliases(talloc_tos(),
517 get_global_sam_sid()),
518 "aliases", &max_rid))
524 static int net_maxrid(struct net_context *c, int argc, const char **argv)
529 d_fprintf(stderr, "%s net maxrid\n", _("Usage:"));
533 if ((rid = get_maxrid()) == 0) {
534 d_fprintf(stderr, _("can't get current maximum rid\n"));
538 d_printf(_("Currently used maximum rid: %d\n"), rid);
543 /* main function table */
544 static struct functable net_func[] = {
549 N_("Run functions using RPC transport"),
550 N_(" Use 'net help rpc' to get more extensive information "
551 "about 'net rpc' commands.")
557 N_("Run functions using RAP transport"),
558 N_(" Use 'net help rap' to get more extensive information "
559 "about 'net rap' commands.")
565 N_("Run functions using ADS transport"),
566 N_(" Use 'net help ads' to get more extensive information "
567 "about 'net ads' commands.")
570 /* eventually these should auto-choose the transport ... */
574 NET_TRANSPORT_RPC | NET_TRANSPORT_RAP,
575 N_("Functions on remote opened files"),
576 N_(" Use 'net help file' to get more information about 'net "
582 NET_TRANSPORT_RPC | NET_TRANSPORT_RAP,
583 N_("Functions on shares"),
584 N_(" Use 'net help share' to get more information about 'net "
591 N_("Manage sessions"),
592 N_(" Use 'net help session' to get more information about "
593 "'net session' commands.")
599 N_("List servers in workgroup"),
600 N_(" Use 'net help server' to get more information about 'net "
607 N_("List domains/workgroups on network"),
608 N_(" Use 'net help domain' to get more information about 'net "
615 N_("Modify printer queue"),
616 N_(" Use 'net help printq' to get more information about 'net "
622 NET_TRANSPORT_ADS | NET_TRANSPORT_RPC | NET_TRANSPORT_RAP,
624 N_(" Use 'net help user' to get more information about 'net "
630 NET_TRANSPORT_ADS | NET_TRANSPORT_RPC | NET_TRANSPORT_RAP,
632 N_(" Use 'net help group' to get more information about 'net "
639 N_("Manage group mappings"),
640 N_(" Use 'net help groupmap' to get more information about "
641 "'net groupmap' commands.")
647 N_("Functions on the SAM database"),
648 N_(" Use 'net help sam' to get more information about 'net "
655 N_("Validate username and password"),
656 N_(" Use 'net help validate' to get more information about "
657 "'net validate' commands.")
663 N_("Modify group memberships"),
664 N_(" Use 'net help groupmember' to get more information about "
665 "'net groupmember' commands.")
670 N_("Execute remote command on a remote OS/2 server"),
671 N_(" Use 'net help admin' to get more information about 'net "
677 N_("List/modify running services"),
678 N_(" Use 'net help service' to get more information about "
679 "'net service' commands.")
685 N_("Change user password on target server"),
686 N_(" Use 'net help password' to get more information about "
687 "'net password' commands.")
693 N_("Run functions related to the primary workstation trust."),
694 N_(" Use 'net help primarytrust' to get more extensive information "
695 "about 'net primarytrust' commands.")
699 NET_TRANSPORT_ADS | NET_TRANSPORT_RPC,
700 N_("Change the trust password"),
701 N_(" Use 'net help changetrustpw' to get more information "
702 "about 'net changetrustpw'.")
707 N_("Change the secret password"),
708 N_(" net [options] changesecretpw\n"
709 " Change the ADS domain member machine account password "
711 " Do NOT use this function unless you know what it does.\n"
712 " Requires the -f flag to work.")
718 N_("Set the winbind auth user"),
719 N_(" net -U user[%%password] [-W domain] setauthuser\n"
720 " Set the auth user, password (and optionally domain\n"
721 " Will prompt for password if not given.\n"
722 " net setauthuser delete\n"
723 " Delete the existing auth user settings.")
729 N_("Get the winbind auth user settings"),
730 N_(" net getauthuser\n"
731 " Get the current winbind auth user settings.")
737 N_(" Use 'net help time' to get more information about 'net "
743 N_("Look up host names/IP addresses"),
744 N_(" Use 'net help lookup' to get more information about 'net "
750 N_("Manipulate the global lock table"),
751 N_(" Use 'net help g_lock' to get more information about "
752 "'net g_lock' commands.")
756 NET_TRANSPORT_ADS | NET_TRANSPORT_RPC,
757 N_("Join a domain/AD"),
758 N_(" Use 'net help join' to get more information about 'net "
763 NET_TRANSPORT_ADS | NET_TRANSPORT_RPC,
764 N_("Perform offline domain join"),
765 N_(" Use 'net help offlinejoin' to get more information about 'net "
771 N_("Join/unjoin (remote) machines to/from a domain/AD"),
772 N_(" Use 'net help dom' to get more information about 'net "
778 N_("Operate on the cache tdb file"),
779 N_(" Use 'net help cache' to get more information about 'net "
785 N_("Get the SID for the local domain"),
786 N_(" net getlocalsid")
791 N_("Set the SID for the local domain"),
792 N_(" net setlocalsid S-1-5-21-x-y-z")
797 N_("Set domain SID on member servers"),
798 N_(" net setdomainsid S-1-5-21-x-y-z")
803 N_("Get domain SID on member servers"),
804 N_(" net getdomainsid")
809 N_("Display the maximum RID currently used"),
815 N_("IDmap functions"),
816 N_(" Use 'net help idmap to get more information about 'net "
822 N_("Display server status"),
823 N_(" Use 'net help status' to get more information about 'net "
829 N_("Manage user-modifiable shares"),
830 N_(" Use 'net help usershare to get more information about "
831 "'net usershare' commands.")
836 N_("Display list of all users with SID"),
837 N_(" Use 'net help usersidlist' to get more information about "
838 "'net usersidlist'.")
843 N_("Manage Samba registry based configuration"),
844 N_(" Use 'net help conf' to get more information about 'net "
850 N_("Manage the Samba registry"),
851 N_(" Use 'net help registry' to get more information about "
852 "'net registry' commands.")
857 N_("Process Win32 *.evt eventlog files"),
858 N_(" Use 'net help eventlog' to get more information about "
859 "'net eventlog' commands.")
864 N_("Process tdb printer files"),
865 N_(" Use 'net help printing' to get more information about "
866 "'net printing' commands.")
872 N_("Manage the serverid tdb"),
873 N_(" Use 'net help serverid' to get more information about "
874 "'net serverid' commands.")
880 N_("notifyd client code"),
881 N_(" Use 'net help notify' to get more information about "
882 "'net notify' commands.")
888 N_("Show information from tdb records"),
889 N_(" Use 'net help tdb' to get more information about "
890 "'net tdb' commands.")
896 N_("Filesystem operation through the VFS stack"),
897 N_(" Use 'net help vfs' to get more information about "
898 "'net vfs' commands.")
901 #ifdef WITH_FAKE_KASERVER
905 N_("Manage AFS tokens"),
906 N_(" Use 'net help afs' to get more information about 'net "
914 N_("Print usage information"),
915 N_(" Use 'net help help' to list usage information for 'net' "
918 {NULL, NULL, 0, NULL, NULL}
922 /****************************************************************************
924 ****************************************************************************/
925 int main(int argc, char **argv)
930 const char ** argv_new;
931 const char **argv_const = discard_const_p(const char *, argv);
933 TALLOC_CTX *frame = talloc_stackframe();
934 struct net_context *c = talloc_zero(frame, struct net_context);
937 struct poptOption long_options[] = {
941 .argInfo = POPT_ARG_NONE,
945 .longName = "target-workgroup",
947 .argInfo = POPT_ARG_STRING,
948 .arg = &c->opt_target_workgroup,
951 .longName = "ipaddress",
953 .argInfo = POPT_ARG_STRING,
960 .argInfo = POPT_ARG_INT,
964 .longName = "myname",
966 .argInfo = POPT_ARG_STRING,
967 .arg = &c->opt_requester_name,
970 .longName = "server",
972 .argInfo = POPT_ARG_STRING,
976 .longName = "container",
978 .argInfo = POPT_ARG_STRING,
979 .arg = &c->opt_container,
982 .longName = "comment",
984 .argInfo = POPT_ARG_STRING,
985 .arg = &c->opt_comment,
988 .longName = "maxusers",
990 .argInfo = POPT_ARG_INT,
991 .arg = &c->opt_maxusers,
996 .argInfo = POPT_ARG_INT,
997 .arg = &c->opt_flags,
1001 .argInfo = POPT_ARG_NONE,
1002 .arg = &c->opt_long_list_entries,
1005 .longName = "reboot",
1007 .argInfo = POPT_ARG_NONE,
1008 .arg = &c->opt_reboot,
1011 .longName = "force",
1013 .argInfo = POPT_ARG_NONE,
1014 .arg = &c->opt_force,
1017 .longName = "stdin",
1019 .argInfo = POPT_ARG_NONE,
1020 .arg = &c->opt_stdin,
1023 .longName = "timeout",
1025 .argInfo = POPT_ARG_INT,
1026 .arg = &c->opt_timeout,
1029 .longName = "request-timeout",
1031 .argInfo = POPT_ARG_INT,
1032 .arg = &c->opt_request_timeout,
1035 .longName = "use-ccache",
1037 .argInfo = POPT_ARG_NONE,
1038 .arg = &c->opt_ccache,
1041 .longName = "verbose",
1043 .argInfo = POPT_ARG_NONE,
1044 .arg = &c->opt_verbose,
1049 .argInfo = POPT_ARG_NONE,
1050 .arg = &c->opt_testmode,
1052 /* Options for 'net groupmap set' */
1054 .longName = "local",
1056 .argInfo = POPT_ARG_NONE,
1057 .arg = &c->opt_localgroup,
1060 .longName = "domain",
1062 .argInfo = POPT_ARG_NONE,
1063 .arg = &c->opt_domaingroup,
1066 .longName = "ntname",
1068 .argInfo = POPT_ARG_STRING,
1069 .arg = &c->opt_newntname,
1074 .argInfo = POPT_ARG_INT,
1077 /* Options for 'net rpc share migrate' */
1081 .argInfo = POPT_ARG_NONE,
1082 .arg = &c->opt_acls,
1085 .longName = "attrs",
1087 .argInfo = POPT_ARG_NONE,
1088 .arg = &c->opt_attrs,
1091 .longName = "timestamps",
1093 .argInfo = POPT_ARG_NONE,
1094 .arg = &c->opt_timestamps,
1097 .longName = "exclude",
1099 .argInfo = POPT_ARG_STRING,
1100 .arg = &c->opt_exclude,
1103 .longName = "destination",
1105 .argInfo = POPT_ARG_STRING,
1106 .arg = &c->opt_destination,
1109 .longName = "tallocreport",
1111 .argInfo = POPT_ARG_NONE,
1112 .arg = &c->do_talloc_report,
1114 /* Options for 'net rpc vampire (keytab)' */
1116 .longName = "force-full-repl",
1118 .argInfo = POPT_ARG_NONE,
1119 .arg = &c->opt_force_full_repl,
1122 .longName = "single-obj-repl",
1124 .argInfo = POPT_ARG_NONE,
1125 .arg = &c->opt_single_obj_repl,
1128 .longName = "clean-old-entries",
1130 .argInfo = POPT_ARG_NONE,
1131 .arg = &c->opt_clean_old_entries,
1133 /* Options for 'net idmap'*/
1137 .argInfo = POPT_ARG_STRING,
1143 .argInfo = POPT_ARG_NONE,
1144 .arg = &c->opt_lock,
1149 .argInfo = POPT_ARG_NONE,
1150 .arg = &c->opt_auto,
1153 .longName = "repair",
1155 .argInfo = POPT_ARG_NONE,
1156 .arg = &c->opt_repair,
1158 /* Options for 'net registry check'*/
1160 .longName = "reg-version",
1162 .argInfo = POPT_ARG_INT,
1163 .arg = &c->opt_reg_version,
1166 .longName = "output",
1168 .argInfo = POPT_ARG_STRING,
1169 .arg = &c->opt_output,
1174 .argInfo = POPT_ARG_NONE,
1175 .arg = &c->opt_wipe,
1177 /* Options for 'net registry import' */
1179 .longName = "precheck",
1181 .argInfo = POPT_ARG_STRING,
1182 .arg = &c->opt_precheck,
1184 /* Options for 'net ads join or leave' */
1186 .longName = "no-dns-updates",
1188 .argInfo = POPT_ARG_NONE,
1189 .arg = &c->opt_no_dns_updates,
1192 .longName = "keep-account",
1194 .argInfo = POPT_ARG_NONE,
1195 .arg = &c->opt_keep_account,
1200 .argInfo = POPT_ARG_NONE,
1201 .arg = &c->opt_json,
1203 /* Options for 'net vfs' */
1205 .longName = "continue",
1206 .argInfo = POPT_ARG_NONE,
1207 .arg = &c->opt_continue_on_error,
1208 .descrip = "Continue on errors",
1211 .longName = "recursive",
1212 .argInfo = POPT_ARG_NONE,
1213 .arg = &c->opt_recursive,
1214 .descrip = "Traverse directory hierarchy",
1217 .longName = "follow-symlinks",
1218 .argInfo = POPT_ARG_NONE,
1219 .arg = &c->opt_follow_symlink,
1220 .descrip = "follow symlinks",
1223 POPT_COMMON_CONNECTION
1224 POPT_COMMON_CREDENTIALS
1230 /* Ignore possible SIGPIPE upon ldap_unbind when over TLS */
1231 BlockSignals(True, SIGPIPE);
1233 zero_sockaddr(&c->opt_dest_ip);
1237 setlocale(LC_ALL, "");
1238 #if defined(HAVE_BINDTEXTDOMAIN)
1239 bindtextdomain(MODULE_NAME, get_dyn_LOCALEDIR());
1241 #if defined(HAVE_TEXTDOMAIN)
1242 textdomain(MODULE_NAME);
1245 ok = samba_cmdline_init(frame,
1246 SAMBA_CMDLINE_CONFIG_CLIENT,
1247 false /* require_smbconf */);
1249 DBG_ERR("Failed to init cmdline parser!\n");
1253 /* set default debug level to 0 regardless of what smb.conf sets */
1254 lp_set_cmdline("log level", "0");
1255 c->private_data = net_func;
1257 pc = samba_popt_get_context(getprogname(),
1261 POPT_CONTEXT_KEEP_FIRST);
1263 DBG_ERR("Failed to setup popt context!\n");
1268 while((opt = poptGetNextOpt(pc)) != -1) {
1271 c->display_usage = true;
1274 if (!interpret_string_addr(&c->opt_dest_ip,
1275 poptGetOptArg(pc), 0)) {
1276 d_fprintf(stderr, _("\nInvalid ip address specified\n"));
1278 c->opt_have_ip = true;
1282 d_fprintf(stderr, _("\nInvalid option %s: %s\n"),
1283 poptBadOption(pc, 0), poptStrerror(opt));
1284 net_help(c, argc, argv_const);
1289 c->creds = samba_cmdline_get_creds();
1290 c->lp_ctx = samba_cmdline_get_lp_ctx();
1293 enum credentials_obtained username_obtained =
1295 enum smb_encryption_setting encrypt_state =
1296 cli_credentials_get_smb_encryption(c->creds);
1297 enum credentials_use_kerberos krb5_state =
1298 cli_credentials_get_kerberos_state(c->creds);
1299 uint32_t gensec_features;
1301 c->opt_user_name = cli_credentials_get_username_and_obtained(
1303 &username_obtained);
1304 c->opt_user_specified = (username_obtained == CRED_SPECIFIED);
1306 c->opt_workgroup = cli_credentials_get_domain(c->creds);
1308 c->smb_encrypt = (encrypt_state == SMB_ENCRYPTION_REQUIRED);
1310 c->opt_kerberos = (krb5_state > CRED_USE_KERBEROS_DESIRED);
1312 gensec_features = cli_credentials_get_gensec_features(c->creds);
1313 c->opt_ccache = (gensec_features & GENSEC_FEATURE_NTLM_CCACHE);
1316 c->msg_ctx = cmdline_messaging_context(get_dyn_CONFIGFILE());
1318 #if defined(HAVE_BIND_TEXTDOMAIN_CODESET)
1319 /* Bind our gettext results to 'unix charset'
1321 This ensures that the translations and any embedded strings are in the
1322 same charset. It won't be the one from the user's locale (we no
1323 longer auto-detect that), but it will be self-consistent.
1325 bind_textdomain_codeset(MODULE_NAME, lp_unix_charset());
1328 argv_new = (const char **)poptGetArgs(pc);
1331 for (i=0; i<argc; i++) {
1332 if (argv_new[i] == NULL) {
1338 if (c->do_talloc_report) {
1339 talloc_enable_leak_report();
1342 if (c->opt_requester_name) {
1343 lp_set_cmdline("netbios name", c->opt_requester_name);
1346 if (!c->opt_target_workgroup) {
1347 c->opt_target_workgroup = talloc_strdup(c, lp_workgroup());
1352 /* this makes sure that when we do things like call scripts,
1353 that it won't assert because we are not root */
1356 samba_cmdline_burn(argc, argv);
1358 rc = net_run_function(c, argc_new-1, argv_new+1, "net", net_func);
1360 DEBUG(2,("return code = %d\n", rc));
1362 libnetapi_free(c->netapi_ctx);
1364 poptFreeContext(pc);
1366 cmdline_messaging_context_free();