#define LIBNET_UNJOIN_OUT_DUMP_CTX(ctx, r) \
LIBNET_UNJOIN_DUMP_CTX(ctx, r, NDR_OUT)
+static void init_lsa_String(struct lsa_String *name, const char *s)
+{
+ name->string = s;
+}
+
/****************************************************************
****************************************************************/
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
const char *const_acct_name;
+ struct lsa_String lsa_acct_name;
uint32 user_rid;
uint32 num_rids, *name_types, *user_rids;
uint32 flags = 0x3e8;
strlower_m(acct_name);
const_acct_name = acct_name;
+ init_lsa_String(&lsa_acct_name, acct_name);
+
if (r->in.join_flags & WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE) {
uint32_t acct_flags =
SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
SAMR_USER_ACCESS_SET_PASSWORD |
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
-
- status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx,
- &domain_pol,
- acct_name, ACB_WSTRUST,
- acct_flags, &user_pol,
- &user_rid);
+ uint32_t access_granted = 0;
+
+ status = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
+ &domain_pol,
+ &lsa_acct_name,
+ ACB_WSTRUST,
+ acct_flags,
+ &user_pol,
+ &access_granted,
+ &user_rid);
if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
if (!(r->in.join_flags &
WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED)) {
extern DOM_SID domain_sid;
+static void init_lsa_String(struct lsa_String *name, const char *s)
+{
+ name->string = s;
+}
+
/****************************************************************************
display sam_user_info_7 structure
****************************************************************************/
{
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- const char *acct_name;
+ struct lsa_String acct_name;
uint32 acb_info;
uint32 acct_flags, user_rid;
uint32 access_mask = MAXIMUM_ALLOWED_ACCESS;
+ uint32_t access_granted = 0;
if ((argc < 2) || (argc > 3)) {
printf("Usage: %s username [access mask]\n", argv[0]);
return NT_STATUS_OK;
}
- acct_name = argv[1];
+ init_lsa_String(&acct_name, argv[1]);
if (argc > 2)
sscanf(argv[2], "%x", &access_mask);
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
- result = rpccli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
- acct_name, acb_info, acct_flags,
- &user_pol, &user_rid);
+ result = rpccli_samr_CreateUser2(cli, mem_ctx,
+ &domain_pol,
+ &acct_name,
+ acb_info,
+ acct_flags,
+ &user_pol,
+ &access_granted,
+ &user_rid);
if (!NT_STATUS_IS_OK(result))
goto done;
return result;
}
-static void init_lsa_String(struct lsa_String *name, const char *s)
-{
- name->string = s;
-}
-
/* Create domain group */
static NTSTATUS cmd_samr_create_dom_group(struct rpc_pipe_client *cli,
goto done; \
}
+static void init_lsa_String(struct lsa_String *name, const char *s)
+{
+ name->string = s;
+}
+
/*******************************************************************
Leave an AD domain. Windows XP disables the machine account.
We'll try the same. The old code would do an LDAP delete.
NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
const char *const_acct_name;
+ struct lsa_String lsa_acct_name;
uint32 user_rid;
uint32 num_rids, *name_types, *user_rids;
uint32 flags = 0x3e8;
uchar md5buffer[16];
DATA_BLOB digested_session_key;
uchar md4_trust_password[16];
+ uint32_t access_granted = 0;
/* Open the domain */
strlower_m(acct_name);
const_acct_name = acct_name;
+ init_lsa_String(&lsa_acct_name, acct_name);
+
/* Don't try to set any acb_info flags other than ACB_WSTRUST */
acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
SEC_STD_WRITE_DAC | SEC_STD_DELETE |
DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
- status = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info, acct_flags, &user_pol, &user_rid);
+ status = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
+ &domain_pol,
+ &lsa_acct_name,
+ acb_info,
+ acct_flags,
+ &user_pol,
+ &access_granted,
+ &user_rid);
if ( !NT_STATUS_IS_OK(status)
&& !NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS))
#include "includes.h"
#include "utils/net.h"
+static void init_lsa_String(struct lsa_String *name, const char *s)
+{
+ name->string = s;
+}
+
static int net_mode_share;
static bool sync_files(struct copy_clistate *cp_clistate, const char *mask);
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
+ struct lsa_String lsa_acct_name;
uint32 acb_info;
uint32 acct_flags, user_rid;
+ uint32_t access_granted = 0;
if (argc < 1) {
d_printf("User must be specified\n");
}
acct_name = argv[0];
+ init_lsa_String(&lsa_acct_name, acct_name);
/* Get sam policy handle */
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
- result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info, acct_flags,
- &user_pol, &user_rid);
+ result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
+ &domain_pol,
+ &lsa_acct_name,
+ acb_info,
+ acct_flags,
+ &user_pol,
+ &access_granted,
+ &user_rid);
+
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
argc,argv);
}
-static void init_lsa_String(struct lsa_String *name, const char *s)
-{
- name->string = s;
-}
-
static NTSTATUS rpc_group_add_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
+ struct lsa_String lsa_acct_name;
uint32 acb_info;
uint32 acct_flags=0;
uint32 user_rid;
+ uint32_t access_granted = 0;
if (argc != 2) {
d_printf("Usage: net rpc trustdom add <domain_name> <pw>\n");
/*
* Make valid trusting domain account (ie. uppercased and with '$' appended)
*/
-
+
if (asprintf(&acct_name, "%s$", argv[0]) < 0) {
return NT_STATUS_NO_MEMORY;
}
strupper_m(acct_name);
+ init_lsa_String(&lsa_acct_name, acct_name);
+
/* Get samr policy handle */
result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
SAMR_USER_ACCESS_GET_ATTRIBUTES |
SAMR_USER_ACCESS_SET_ATTRIBUTES;
- result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info, acct_flags,
- &user_pol, &user_rid);
+ result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
+ &domain_pol,
+ &lsa_acct_name,
+ acb_info,
+ acct_flags,
+ &user_pol,
+ &access_granted,
+ &user_rid);
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
goto done; \
}
+static void init_lsa_String(struct lsa_String *name, const char *s)
+{
+ name->string = s;
+}
+
+
/**
* confirm that a domain join is still valid
*
uint32 flags = 0x3e8;
char *acct_name;
const char *const_acct_name;
+ struct lsa_String lsa_acct_name;
uint32 acct_flags=0;
+ uint32_t access_granted = 0;
/* check what type of join */
if (argc >= 0) {
strlower_m(acct_name);
const_acct_name = acct_name;
+ init_lsa_String(&lsa_acct_name, acct_name);
+
acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
SEC_STD_WRITE_DAC | SEC_STD_DELETE |
SAMR_USER_ACCESS_SET_PASSWORD |
DEBUG(10, ("Creating account with flags: %d\n",acct_flags));
- result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info,
- acct_flags, &user_pol,
- &user_rid);
+ result = rpccli_samr_CreateUser2(pipe_hnd, mem_ctx,
+ &domain_pol,
+ &lsa_acct_name,
+ acb_info,
+ acct_flags,
+ &user_pol,
+ &access_granted,
+ &user_rid);
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, NT_STATUS_USER_EXISTS)) {