2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2001 Steve French (sfrench@us.ibm.com)
5 Copyright (C) 2001 Jim McDonough (jmcd@us.ibm.com)
6 Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
7 Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org)
8 Copyright (C) 2008 Kai Blin (kai@samba.org)
10 Originally written by Steve and Jim. Largely rewritten by tridge in
13 Reworked again by abartlet in December 2001
15 Another overhaul, moving functionality into plug-ins loaded on demand by Kai
18 This program is free software; you can redistribute it and/or modify
19 it under the terms of the GNU General Public License as published by
20 the Free Software Foundation; either version 3 of the License, or
21 (at your option) any later version.
23 This program is distributed in the hope that it will be useful,
24 but WITHOUT ANY WARRANTY; without even the implied warranty of
25 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 GNU General Public License for more details.
28 You should have received a copy of the GNU General Public License
29 along with this program. If not, see <http://www.gnu.org/licenses/>. */
31 /*****************************************************/
33 /* Distributed SMB/CIFS Server Management Utility */
35 /* The intent was to make the syntax similar */
36 /* to the NET utility (first developed in DOS */
37 /* with additional interesting & useful functions */
38 /* added in later SMB server network operating */
41 /*****************************************************/
44 #include "utils/net.h"
46 /***********************************************************************/
47 /* Beginning of internationalization section. Translatable constants */
48 /* should be kept in this area and referenced in the rest of the code. */
50 /* No functions, outside of Samba or LSB (Linux Standards Base) should */
51 /* be used (if possible). */
52 /***********************************************************************/
54 #define YES_STRING "Yes"
55 #define NO_STRING "No"
57 /***********************************************************************/
58 /* end of internationalization section */
59 /***********************************************************************/
61 uint32 get_sec_channel_type(const char *param)
63 if (!(param && *param)) {
64 return get_default_sec_channel();
66 if (strequal(param, "PDC")) {
68 } else if (strequal(param, "BDC")) {
70 } else if (strequal(param, "MEMBER")) {
71 return SEC_CHAN_WKSTA;
73 } else if (strequal(param, "DOMAIN")) {
74 return SEC_CHAN_DOMAIN;
77 return get_default_sec_channel();
83 run a function from a function table. If not found then
84 call the specified usage function
86 int net_run_function(struct net_context *c, int argc, const char **argv,
87 struct functable *table,
88 int (*usage_fn)(struct net_context *c,
89 int argc, const char **argv))
94 d_printf("\nUsage: \n");
95 return usage_fn(c, argc, argv);
97 for (i=0; table[i].funcname; i++) {
98 if (StrCaseCmp(argv[0], table[i].funcname) == 0)
99 return table[i].fn(c, argc-1, argv+1);
101 d_fprintf(stderr, "No command: %s\n", argv[0]);
102 return usage_fn(c, argc, argv);
106 * run a function from a function table.
108 int net_run_function2(struct net_context *c, int argc, const char **argv,
109 const char *whoami, struct functable2 *table)
114 for (i=0; table[i].funcname; i++) {
115 if (StrCaseCmp(argv[0], table[i].funcname) == 0)
116 return table[i].fn(c, argc-1, argv+1);
120 for (i=0; table[i].funcname != NULL; i++) {
121 d_printf("%s %-15s %s\n", whoami, table[i].funcname,
128 /****************************************************************************
129 Connect to \\server\service.
130 ****************************************************************************/
132 NTSTATUS connect_to_service(struct net_context *c,
133 struct cli_state **cli_ctx,
134 struct sockaddr_storage *server_ss,
135 const char *server_name,
136 const char *service_name,
137 const char *service_type)
141 c->opt_password = net_prompt_pass(c, c->opt_user_name);
142 if (!c->opt_password) {
143 return NT_STATUS_NO_MEMORY;
146 nt_status = cli_full_connection(cli_ctx, NULL, server_name,
147 server_ss, c->opt_port,
148 service_name, service_type,
149 c->opt_user_name, c->opt_workgroup,
150 c->opt_password, 0, Undefined, NULL);
151 if (!NT_STATUS_IS_OK(nt_status)) {
152 d_fprintf(stderr, "Could not connect to server %s\n", server_name);
154 /* Display a nicer message depending on the result */
156 if (NT_STATUS_V(nt_status) ==
157 NT_STATUS_V(NT_STATUS_LOGON_FAILURE))
158 d_fprintf(stderr, "The username or password was not correct.\n");
160 if (NT_STATUS_V(nt_status) ==
161 NT_STATUS_V(NT_STATUS_ACCOUNT_LOCKED_OUT))
162 d_fprintf(stderr, "The account was locked out.\n");
164 if (NT_STATUS_V(nt_status) ==
165 NT_STATUS_V(NT_STATUS_ACCOUNT_DISABLED))
166 d_fprintf(stderr, "The account was disabled.\n");
170 if (c->smb_encrypt) {
171 nt_status = cli_force_encryption(*cli_ctx,
176 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_NOT_SUPPORTED)) {
177 d_printf("Encryption required and "
178 "server that doesn't support "
179 "UNIX extensions - failing connect\n");
180 } else if (NT_STATUS_EQUAL(nt_status,NT_STATUS_UNKNOWN_REVISION)) {
181 d_printf("Encryption required and "
182 "can't get UNIX CIFS extensions "
183 "version from server.\n");
184 } else if (NT_STATUS_EQUAL(nt_status,NT_STATUS_UNSUPPORTED_COMPRESSION)) {
185 d_printf("Encryption required and "
186 "share %s doesn't support "
187 "encryption.\n", service_name);
188 } else if (!NT_STATUS_IS_OK(nt_status)) {
189 d_printf("Encryption required and "
190 "setup failed with error %s.\n",
191 nt_errstr(nt_status));
194 if (!NT_STATUS_IS_OK(nt_status)) {
195 cli_shutdown(*cli_ctx);
203 /****************************************************************************
204 Connect to \\server\ipc$.
205 ****************************************************************************/
207 NTSTATUS connect_to_ipc(struct net_context *c,
208 struct cli_state **cli_ctx,
209 struct sockaddr_storage *server_ss,
210 const char *server_name)
212 return connect_to_service(c, cli_ctx, server_ss, server_name, "IPC$",
216 /****************************************************************************
217 Connect to \\server\ipc$ anonymously.
218 ****************************************************************************/
220 NTSTATUS connect_to_ipc_anonymous(struct net_context *c,
221 struct cli_state **cli_ctx,
222 struct sockaddr_storage *server_ss,
223 const char *server_name)
227 nt_status = cli_full_connection(cli_ctx, c->opt_requester_name,
228 server_name, server_ss, c->opt_port,
231 "", 0, Undefined, NULL);
233 if (NT_STATUS_IS_OK(nt_status)) {
236 DEBUG(1,("Cannot connect to server (anonymously). Error was %s\n", nt_errstr(nt_status)));
241 /****************************************************************************
242 Return malloced user@realm for krb5 login.
243 ****************************************************************************/
245 static char *get_user_and_realm(const char *username)
247 char *user_and_realm = NULL;
252 if (strchr_m(username, '@')) {
253 user_and_realm = SMB_STRDUP(username);
255 if (asprintf(&user_and_realm, "%s@%s", username, lp_realm()) == -1) {
256 user_and_realm = NULL;
259 return user_and_realm;
262 /****************************************************************************
263 Connect to \\server\ipc$ using KRB5.
264 ****************************************************************************/
266 NTSTATUS connect_to_ipc_krb5(struct net_context *c,
267 struct cli_state **cli_ctx,
268 struct sockaddr_storage *server_ss,
269 const char *server_name)
272 char *user_and_realm = NULL;
274 /* FIXME: Should get existing kerberos ticket if possible. */
275 c->opt_password = net_prompt_pass(c, c->opt_user_name);
276 if (!c->opt_password) {
277 return NT_STATUS_NO_MEMORY;
280 user_and_realm = get_user_and_realm(c->opt_user_name);
281 if (!user_and_realm) {
282 return NT_STATUS_NO_MEMORY;
285 nt_status = cli_full_connection(cli_ctx, NULL, server_name,
286 server_ss, c->opt_port,
288 user_and_realm, c->opt_workgroup,
290 CLI_FULL_CONNECTION_USE_KERBEROS,
293 SAFE_FREE(user_and_realm);
295 if (!NT_STATUS_IS_OK(nt_status)) {
296 DEBUG(1,("Cannot connect to server using kerberos. Error was %s\n", nt_errstr(nt_status)));
300 if (c->smb_encrypt) {
301 nt_status = cli_cm_force_encryption(*cli_ctx,
306 if (!NT_STATUS_IS_OK(nt_status)) {
307 cli_shutdown(*cli_ctx);
316 * Connect a server and open a given pipe
318 * @param cli_dst A cli_state
319 * @param pipe The pipe to open
320 * @param got_pipe boolean that stores if we got a pipe
322 * @return Normal NTSTATUS return.
324 NTSTATUS connect_dst_pipe(struct net_context *c, struct cli_state **cli_dst,
325 struct rpc_pipe_client **pp_pipe_hnd, int pipe_num)
328 char *server_name = SMB_STRDUP("127.0.0.1");
329 struct cli_state *cli_tmp = NULL;
330 struct rpc_pipe_client *pipe_hnd = NULL;
332 if (server_name == NULL) {
333 return NT_STATUS_NO_MEMORY;
336 if (c->opt_destination) {
337 SAFE_FREE(server_name);
338 if ((server_name = SMB_STRDUP(c->opt_destination)) == NULL) {
339 return NT_STATUS_NO_MEMORY;
343 /* make a connection to a named pipe */
344 nt_status = connect_to_ipc(c, &cli_tmp, NULL, server_name);
345 if (!NT_STATUS_IS_OK(nt_status)) {
346 SAFE_FREE(server_name);
350 pipe_hnd = cli_rpc_pipe_open_noauth(cli_tmp, pipe_num, &nt_status);
352 DEBUG(0, ("couldn't not initialize pipe\n"));
353 cli_shutdown(cli_tmp);
354 SAFE_FREE(server_name);
359 *pp_pipe_hnd = pipe_hnd;
360 SAFE_FREE(server_name);
365 /****************************************************************************
366 Use the local machine account (krb) and password for this session.
367 ****************************************************************************/
369 int net_use_krb_machine_account(struct net_context *c)
371 char *user_name = NULL;
373 if (!secrets_init()) {
374 d_fprintf(stderr, "ERROR: Unable to open secrets database\n");
378 c->opt_password = secrets_fetch_machine_password(
379 c->opt_target_workgroup, NULL, NULL);
380 if (asprintf(&user_name, "%s$@%s", global_myname(), lp_realm()) == -1) {
383 c->opt_user_name = user_name;
387 /****************************************************************************
388 Use the machine account name and password for this session.
389 ****************************************************************************/
391 int net_use_machine_account(struct net_context *c)
393 char *user_name = NULL;
395 if (!secrets_init()) {
396 d_fprintf(stderr, "ERROR: Unable to open secrets database\n");
400 c->opt_password = secrets_fetch_machine_password(
401 c->opt_target_workgroup, NULL, NULL);
402 if (asprintf(&user_name, "%s$", global_myname()) == -1) {
405 c->opt_user_name = user_name;
409 bool net_find_server(struct net_context *c,
412 struct sockaddr_storage *server_ss,
415 const char *d = domain ? domain : c->opt_target_workgroup;
418 *server_name = SMB_STRDUP(c->opt_host);
421 if (c->opt_have_ip) {
422 *server_ss = c->opt_dest_ip;
424 char addr[INET6_ADDRSTRLEN];
425 print_sockaddr(addr, sizeof(addr), &c->opt_dest_ip);
426 *server_name = SMB_STRDUP(addr);
428 } else if (*server_name) {
429 /* resolve the IP address */
430 if (!resolve_name(*server_name, server_ss, 0x20)) {
431 DEBUG(1,("Unable to resolve server name\n"));
434 } else if (flags & NET_FLAGS_PDC) {
436 struct sockaddr_storage pdc_ss;
438 if (!get_pdc_ip(d, &pdc_ss)) {
439 DEBUG(1,("Unable to resolve PDC server address\n"));
443 if (is_zero_addr(&pdc_ss)) {
447 if (!name_status_find(d, 0x1b, 0x20, &pdc_ss, dc_name)) {
451 *server_name = SMB_STRDUP(dc_name);
453 } else if (flags & NET_FLAGS_DMB) {
454 struct sockaddr_storage msbrow_ss;
455 char addr[INET6_ADDRSTRLEN];
457 /* if (!resolve_name(MSBROWSE, &msbrow_ip, 1)) */
458 if (!resolve_name(d, &msbrow_ss, 0x1B)) {
459 DEBUG(1,("Unable to resolve domain browser via name lookup\n"));
462 *server_ss = msbrow_ss;
463 print_sockaddr(addr, sizeof(addr), server_ss);
464 *server_name = SMB_STRDUP(addr);
465 } else if (flags & NET_FLAGS_MASTER) {
466 struct sockaddr_storage brow_ss;
467 char addr[INET6_ADDRSTRLEN];
468 if (!resolve_name(d, &brow_ss, 0x1D)) {
469 /* go looking for workgroups */
470 DEBUG(1,("Unable to resolve master browser via name lookup\n"));
473 *server_ss = brow_ss;
474 print_sockaddr(addr, sizeof(addr), server_ss);
475 *server_name = SMB_STRDUP(addr);
476 } else if (!(flags & NET_FLAGS_LOCALHOST_DEFAULT_INSANE)) {
477 if (!interpret_string_addr(server_ss,
478 "127.0.0.1", AI_NUMERICHOST)) {
479 DEBUG(1,("Unable to resolve 127.0.0.1\n"));
482 *server_name = SMB_STRDUP("127.0.0.1");
486 DEBUG(1,("no server to connect to\n"));
493 bool net_find_pdc(struct sockaddr_storage *server_ss,
495 const char *domain_name)
497 if (!get_pdc_ip(domain_name, server_ss)) {
500 if (is_zero_addr(server_ss)) {
504 if (!name_status_find(domain_name, 0x1b, 0x20, server_ss, server_name)) {
511 NTSTATUS net_make_ipc_connection(struct net_context *c, unsigned flags,
512 struct cli_state **pcli)
514 return net_make_ipc_connection_ex(c, NULL, NULL, NULL, flags, pcli);
517 NTSTATUS net_make_ipc_connection_ex(struct net_context *c ,const char *domain,
519 struct sockaddr_storage *pss,
520 unsigned flags, struct cli_state **pcli)
522 char *server_name = NULL;
523 struct sockaddr_storage server_ss;
524 struct cli_state *cli = NULL;
527 if ( !server || !pss ) {
528 if (!net_find_server(c, domain, flags, &server_ss,
530 d_fprintf(stderr, "Unable to find a suitable server\n");
531 nt_status = NT_STATUS_UNSUCCESSFUL;
535 server_name = SMB_STRDUP( server );
539 if (flags & NET_FLAGS_ANONYMOUS) {
540 nt_status = connect_to_ipc_anonymous(c, &cli, &server_ss,
543 nt_status = connect_to_ipc(c, &cli, &server_ss,
547 /* store the server in the affinity cache if it was a PDC */
549 if ( (flags & NET_FLAGS_PDC) && NT_STATUS_IS_OK(nt_status) )
550 saf_store( cli->server_domain, cli->desthost );
552 SAFE_FREE(server_name);
553 if (!NT_STATUS_IS_OK(nt_status)) {
554 d_fprintf(stderr, "Connection failed: %s\n",
555 nt_errstr(nt_status));
566 static int net_changetrustpw(struct net_context *c, int argc, const char **argv)
568 if (net_ads_check_our_domain(c) == 0)
569 return net_ads_changetrustpw(c, argc, argv);
571 return net_rpc_changetrustpw(c, argc, argv);
574 static void set_line_buffering(FILE *f)
576 setvbuf(f, NULL, _IOLBF, 0);
579 static int net_changesecretpw(struct net_context *c, int argc,
583 uint32 sec_channel_type = SEC_CHAN_WKSTA;
587 set_line_buffering(stdin);
588 set_line_buffering(stdout);
589 set_line_buffering(stderr);
592 trust_pw = get_pass("Enter machine password: ", c->opt_stdin);
594 if (!secrets_store_machine_password(trust_pw, lp_workgroup(), sec_channel_type)) {
595 d_fprintf(stderr, "Unable to write the machine account password in the secrets database");
599 d_printf("Modified trust account password in secrets database\n");
603 d_printf("Machine account password change requires the -f flag.\n");
604 d_printf("Do NOT use this function unless you know what it does!\n");
605 d_printf("This function will change the ADS Domain member machine account password in the secrets.tdb file!\n");
611 static int net_share(struct net_context *c, int argc, const char **argv)
613 if (net_rpc_check(c, 0))
614 return net_rpc_share(c, argc, argv);
615 return net_rap_share(c, argc, argv);
619 Retrieve our local SID or the SID for the specified name
621 static int net_getlocalsid(struct net_context *c, int argc, const char **argv)
631 name = global_myname();
634 if(!initialize_password_db(false, NULL)) {
635 DEBUG(0, ("WARNING: Could not open passdb - local sid may not reflect passdb\n"
636 "backend knowledge (such as the sid stored in LDAP)\n"));
639 /* first check to see if we can even access secrets, so we don't
640 panic when we can't. */
642 if (!secrets_init()) {
643 d_fprintf(stderr, "Unable to open secrets.tdb. Can't fetch domain SID for name: %s\n", name);
647 /* Generate one, if it doesn't exist */
648 get_global_sam_sid();
650 if (!secrets_fetch_domain_sid(name, &sid)) {
651 DEBUG(0, ("Can't fetch domain SID for name: %s\n", name));
654 sid_to_fstring(sid_str, &sid);
655 d_printf("SID for domain %s is: %s\n", name, sid_str);
659 static int net_setlocalsid(struct net_context *c, int argc, const char **argv)
664 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
665 || (!string_to_sid(&sid, argv[0]))
666 || (sid.num_auths != 4)) {
667 d_printf("usage: net setlocalsid S-1-5-21-x-y-z\n");
671 if (!secrets_store_domain_sid(global_myname(), &sid)) {
672 DEBUG(0,("Can't store domain SID as a pdc/bdc.\n"));
679 static int net_setdomainsid(struct net_context *c, int argc, const char **argv)
684 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
685 || (!string_to_sid(&sid, argv[0]))
686 || (sid.num_auths != 4)) {
687 d_printf("usage: net setdomainsid S-1-5-21-x-y-z\n");
691 if (!secrets_store_domain_sid(lp_workgroup(), &sid)) {
692 DEBUG(0,("Can't store domain SID.\n"));
699 static int net_getdomainsid(struct net_context *c, int argc, const char **argv)
705 d_printf("usage: net getdomainsid\n");
709 if(!initialize_password_db(false, NULL)) {
710 DEBUG(0, ("WARNING: Could not open passdb - domain SID may "
711 "not reflect passdb\n"
712 "backend knowledge (such as the SID stored in "
716 /* first check to see if we can even access secrets, so we don't
717 panic when we can't. */
719 if (!secrets_init()) {
720 d_fprintf(stderr, "Unable to open secrets.tdb. Can't fetch domain"
721 "SID for name: %s\n", get_global_sam_name());
725 /* Generate one, if it doesn't exist */
726 get_global_sam_sid();
728 if (!secrets_fetch_domain_sid(global_myname(), &domain_sid)) {
729 d_fprintf(stderr, "Could not fetch local SID\n");
732 sid_to_fstring(sid_str, &domain_sid);
733 d_printf("SID for local machine %s is: %s\n", global_myname(), sid_str);
735 if (!secrets_fetch_domain_sid(c->opt_workgroup, &domain_sid)) {
736 d_fprintf(stderr, "Could not fetch domain SID\n");
740 sid_to_fstring(sid_str, &domain_sid);
741 d_printf("SID for domain %s is: %s\n", c->opt_workgroup, sid_str);
746 #ifdef WITH_FAKE_KASERVER
748 int net_help_afs(struct net_context *c, int argc, const char **argv)
750 d_printf(" net afs key filename\n"
751 "\tImports a OpenAFS KeyFile into our secrets.tdb\n\n");
752 d_printf(" net afs impersonate <user> <cell>\n"
753 "\tCreates a token for user@cell\n\n");
757 static int net_afs_key(struct net_context *c, int argc, const char **argv)
760 struct afs_keyfile keyfile;
763 d_printf("usage: 'net afs key <keyfile> cell'\n");
767 if (!secrets_init()) {
768 d_fprintf(stderr, "Could not open secrets.tdb\n");
772 if ((fd = open(argv[0], O_RDONLY, 0)) < 0) {
773 d_fprintf(stderr, "Could not open %s\n", argv[0]);
777 if (read(fd, &keyfile, sizeof(keyfile)) != sizeof(keyfile)) {
778 d_fprintf(stderr, "Could not read keyfile\n");
782 if (!secrets_store_afs_keyfile(argv[1], &keyfile)) {
783 d_fprintf(stderr, "Could not write keyfile to secrets.tdb\n");
790 static int net_afs_impersonate(struct net_context *c, int argc,
796 fprintf(stderr, "Usage: net afs impersonate <user> <cell>\n");
800 token = afs_createtoken_str(argv[0], argv[1]);
803 fprintf(stderr, "Could not create token\n");
807 if (!afs_settoken_str(token)) {
808 fprintf(stderr, "Could not set token into kernel\n");
812 printf("Success: %s@%s\n", argv[0], argv[1]);
816 static int net_afs(struct net_context *c, int argc, const char **argv)
818 struct functable func[] = {
819 {"key", net_afs_key},
820 {"impersonate", net_afs_impersonate},
821 {"help", net_help_afs},
824 return net_run_function(c, argc, argv, func, net_help_afs);
827 #endif /* WITH_FAKE_KASERVER */
829 static bool search_maxrid(struct pdb_search *search, const char *type,
832 struct samr_displayentry *entries;
833 uint32 i, num_entries;
835 if (search == NULL) {
836 d_fprintf(stderr, "get_maxrid: Could not search %s\n", type);
840 num_entries = pdb_search_entries(search, 0, 0xffffffff, &entries);
841 for (i=0; i<num_entries; i++)
842 *max_rid = MAX(*max_rid, entries[i].rid);
843 pdb_search_destroy(search);
847 static uint32 get_maxrid(void)
851 if (!search_maxrid(pdb_search_users(0), "users", &max_rid))
854 if (!search_maxrid(pdb_search_groups(), "groups", &max_rid))
857 if (!search_maxrid(pdb_search_aliases(get_global_sam_sid()),
858 "aliases", &max_rid))
864 static int net_maxrid(struct net_context *c, int argc, const char **argv)
869 DEBUG(0, ("usage: net maxrid\n"));
873 if ((rid = get_maxrid()) == 0) {
874 DEBUG(0, ("can't get current maximum rid\n"));
878 d_printf("Currently used maximum rid: %d\n", rid);
883 /****************************************************************************
884 ****************************************************************************/
886 const char *net_prompt_pass(struct net_context *c, const char *user)
889 const char *pass = NULL;
891 if (c->opt_password) {
892 return c->opt_password;
895 if (c->opt_machine_pass) {
899 asprintf(&prompt, "Enter %s's password:", user);
904 pass = getpass(prompt);
910 /* main function table */
911 static struct functable net_func[] = {
916 /* eventually these should auto-choose the transport ... */
918 {"SHARE", net_share},
919 {"SESSION", net_rap_session},
920 {"SERVER", net_rap_server},
921 {"DOMAIN", net_rap_domain},
922 {"PRINTQ", net_rap_printq},
924 {"GROUP", net_group},
925 {"GROUPMAP", net_groupmap},
927 {"VALIDATE", net_rap_validate},
928 {"GROUPMEMBER", net_rap_groupmember},
929 {"ADMIN", net_rap_admin},
930 {"SERVICE", net_rap_service},
931 {"PASSWORD", net_rap_password},
932 {"CHANGETRUSTPW", net_changetrustpw},
933 {"CHANGESECRETPW", net_changesecretpw},
935 {"LOOKUP", net_lookup},
938 {"CACHE", net_cache},
939 {"GETLOCALSID", net_getlocalsid},
940 {"SETLOCALSID", net_setlocalsid},
941 {"SETDOMAINSID", net_setdomainsid},
942 {"GETDOMAINSID", net_getdomainsid},
943 {"MAXRID", net_maxrid},
944 {"IDMAP", net_idmap},
945 {"STATUS", net_status},
946 {"USERSHARE", net_usershare},
947 {"USERSIDLIST", net_usersidlist},
949 {"REGISTRY", net_registry},
950 #ifdef WITH_FAKE_KASERVER
959 /****************************************************************************
961 ****************************************************************************/
962 int main(int argc, const char **argv)
968 const char ** argv_new;
970 TALLOC_CTX *frame = talloc_stackframe();
971 struct net_context *c = talloc_zero(frame, struct net_context);
973 struct poptOption long_options[] = {
974 {"help", 'h', POPT_ARG_NONE, 0, 'h'},
975 {"workgroup", 'w', POPT_ARG_STRING, &c->opt_target_workgroup},
976 {"user", 'U', POPT_ARG_STRING, &c->opt_user_name, 'U'},
977 {"ipaddress", 'I', POPT_ARG_STRING, 0,'I'},
978 {"port", 'p', POPT_ARG_INT, &c->opt_port},
979 {"myname", 'n', POPT_ARG_STRING, &c->opt_requester_name},
980 {"server", 'S', POPT_ARG_STRING, &c->opt_host},
981 {"encrypt", 'e', POPT_ARG_NONE, NULL, 'e', "Encrypt SMB transport (UNIX extended servers only)" },
982 {"container", 'c', POPT_ARG_STRING, &c->opt_container},
983 {"comment", 'C', POPT_ARG_STRING, &c->opt_comment},
984 {"maxusers", 'M', POPT_ARG_INT, &c->opt_maxusers},
985 {"flags", 'F', POPT_ARG_INT, &c->opt_flags},
986 {"long", 'l', POPT_ARG_NONE, &c->opt_long_list_entries},
987 {"reboot", 'r', POPT_ARG_NONE, &c->opt_reboot},
988 {"force", 'f', POPT_ARG_NONE, &c->opt_force},
989 {"stdin", 'i', POPT_ARG_NONE, &c->opt_stdin},
990 {"timeout", 't', POPT_ARG_INT, &c->opt_timeout},
991 {"machine-pass",'P', POPT_ARG_NONE, &c->opt_machine_pass},
992 {"myworkgroup", 'W', POPT_ARG_STRING, &c->opt_workgroup},
993 {"verbose", 'v', POPT_ARG_NONE, &c->opt_verbose},
994 {"test", 'T', POPT_ARG_NONE, &c->opt_testmode},
995 /* Options for 'net groupmap set' */
996 {"local", 'L', POPT_ARG_NONE, &c->opt_localgroup},
997 {"domain", 'D', POPT_ARG_NONE, &c->opt_domaingroup},
998 {"ntname", 'N', POPT_ARG_STRING, &c->opt_newntname},
999 {"rid", 'R', POPT_ARG_INT, &c->opt_rid},
1000 /* Options for 'net rpc share migrate' */
1001 {"acls", 0, POPT_ARG_NONE, &c->opt_acls},
1002 {"attrs", 0, POPT_ARG_NONE, &c->opt_attrs},
1003 {"timestamps", 0, POPT_ARG_NONE, &c->opt_timestamps},
1004 {"exclude", 'X', POPT_ARG_STRING, &c->opt_exclude},
1005 {"destination", 0, POPT_ARG_STRING, &c->opt_destination},
1006 {"tallocreport", 0, POPT_ARG_NONE, &c->do_talloc_report},
1013 zero_addr(&c->opt_dest_ip);
1017 /* set default debug level to 0 regardless of what smb.conf sets */
1018 DEBUGLEVEL_CLASS[DBGC_ALL] = 0;
1021 pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
1022 POPT_CONTEXT_KEEP_FIRST);
1024 while((opt = poptGetNextOpt(pc)) != -1) {
1027 net_help(c, argc, argv);
1031 c->smb_encrypt = true;
1034 if (!interpret_string_addr(&c->opt_dest_ip,
1035 poptGetOptArg(pc), 0)) {
1036 d_fprintf(stderr, "\nInvalid ip address specified\n");
1038 c->opt_have_ip = true;
1042 c->opt_user_specified = true;
1043 c->opt_user_name = SMB_STRDUP(c->opt_user_name);
1044 p = strchr(c->opt_user_name,'%');
1047 c->opt_password = p+1;
1051 d_fprintf(stderr, "\nInvalid option %s: %s\n",
1052 poptBadOption(pc, 0), poptStrerror(opt));
1053 net_help(c, argc, argv);
1059 * Don't load debug level from smb.conf. It should be
1060 * set by cmdline arg or remain default (0)
1062 c->AllowDebugChange = false;
1063 lp_load(get_dyn_CONFIGFILE(), true, false, false, true);
1065 argv_new = (const char **)poptGetArgs(pc);
1068 for (i=0; i<argc; i++) {
1069 if (argv_new[i] == NULL) {
1075 if (c->do_talloc_report) {
1076 talloc_enable_leak_report();
1079 if (c->opt_requester_name) {
1080 set_global_myname(c->opt_requester_name);
1083 if (!c->opt_user_name && getenv("LOGNAME")) {
1084 c->opt_user_name = getenv("LOGNAME");
1087 if (!c->opt_workgroup) {
1088 c->opt_workgroup = smb_xstrdup(lp_workgroup());
1091 if (!c->opt_target_workgroup) {
1092 c->opt_target_workgroup = smb_xstrdup(lp_workgroup());
1100 /* this makes sure that when we do things like call scripts,
1101 that it won't assert becouse we are not root */
1104 if (c->opt_machine_pass) {
1105 /* it is very useful to be able to make ads queries as the
1106 machine account for testing purposes and for domain leave */
1108 net_use_krb_machine_account(c);
1111 if (!c->opt_password) {
1112 c->opt_password = getenv("PASSWD");
1115 rc = net_run_function(c, argc_new-1, argv_new+1, net_func, net_help);
1117 DEBUG(2,("return code = %d\n", rc));
1119 libnetapi_free(c->netapi_ctx);