[SUBSYSTEM::LIBSAMBA-NET]
PRIVATE_PROTO_HEADER = libnet_proto.h
+PRIVATE_DEPENDENCIES = PROVISION
OBJ_FILES = \
libnet.o \
libnet_passwd.o \
#include "lib/ldb_wrap.h"
#include "auth/auth.h"
#include "param/param.h"
+#include "param/provision.h"
/*
List of tasks vampire.py must perform:
*/
struct vampire_state {
- struct libnet_context *ctx;
const char *netbios_name;
struct libnet_JoinDomain *join;
struct cli_credentials *machine_account;
settings.schema_dn_str = p->forest->schema_dn_str;
settings.netbios_name = p->dest_dsa->netbios_name;
settings.realm = s->join->out.realm;
- settings.domain = s->join->out.domain;
+ settings.domain = s->join->out.domain_name;
settings.server_dn_str = p->dest_dsa->server_dn_str;
settings.machine_password = generate_random_str(s, 16);
settings.targetdir = s->targetdir;
return NT_STATUS_INTERNAL_DB_ERROR;
}
- /* We must set these up to ensure the replMetaData is written correctly, before our NTDS Settings entry is replicated */
+ /* We must set these up to ensure the replMetaData is written correctly,
+ before our NTDS Settings entry is replicated */
ok = samdb_set_ntds_invocation_id(s->ldb, &p->dest_dsa->invocation_id);
if (!ok) {
DEBUG(0,("Failed to set cached ntds invocationId\n"));
return NT_STATUS_FOOBAR;
}
- ok = samdb_set_ntds_objectGUID(s->ldb, &p->dest_dsa->ntds_guid);
- if (!ok) {
- DEBUG(0,("Failed to set cached ntds objectGUID\n"));
- return NT_STATUS_FOOBAR;
- }
-
s->lp_ctx = lp_ctx;
return NT_STATUS_OK;
return NT_STATUS_OK;
}
-NTSTATUS libnet_vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
- struct libnet_vampire *r)
+NTSTATUS libnet_Vampire(struct libnet_context *ctx, TALLOC_CTX *mem_ctx,
+ struct libnet_Vampire *r)
{
struct libnet_JoinDomain *join;
+ struct libnet_set_join_secrets *set_secrets;
struct libnet_BecomeDC b;
struct libnet_UnbecomeDC u;
struct vampire_state *s;
s->join = join;
+ s->targetdir = r->in.targetdir;
+
ZERO_STRUCT(b);
b.in.domain_dns_name = join->out.realm;
b.in.domain_netbios_name = join->out.domain_name;
b.in.callbacks.config_chunk = vampire_store_chunk;
b.in.callbacks.domain_chunk = vampire_store_chunk;
- status = libnet_BecomeDC(s->ctx, s, &b);
+ status = libnet_BecomeDC(ctx, s, &b);
if (!NT_STATUS_IS_OK(status)) {
printf("libnet_BecomeDC() failed - %s\n", nt_errstr(status));
talloc_free(s);
talloc_free(s);
return NT_STATUS_INTERNAL_DB_ERROR;
}
+
+ set_secrets = talloc_zero(s, struct libnet_set_join_secrets);
+ if (!set_secrets) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ set_secrets->in.domain_name = join->out.domain_name;
+ set_secrets->in.realm = join->out.realm;
+ set_secrets->in.account_name = account_name;
+ set_secrets->in.netbios_name = netbios_name;
+ set_secrets->in.join_type = SEC_CHAN_BDC;
+ set_secrets->in.join_password = join->out.join_password;
+ set_secrets->in.kvno = join->out.kvno;
+ set_secrets->in.domain_sid = join->out.domain_sid;
+
+ status = libnet_set_join_secrets(ctx, set_secrets, set_secrets);
+ if (!NT_STATUS_IS_OK(status)) {
+ r->out.error_string = talloc_steal(mem_ctx, set_secrets->out.error_string);
+ talloc_free(s);
+ return status;
+ }
+
+ r->out.domain_name = talloc_steal(r, join->out.domain_name);
+ r->out.domain_sid = talloc_steal(r, join->out.domain_sid);
+ talloc_free(s);
+
+ return NT_STATUS_OK;
+
}
#ifndef __LIBNET_VAMPIRE_H__
#define __LIBNET_VAMPIRE_H__
-struct libnet_vampire {
+struct libnet_Vampire {
struct {
const char *domain_name;
const char *netbios_name;
+ const char *targetdir;
} in;
struct {
+ struct dom_sid *domain_sid;
+ const char *domain_name;
const char *error_string;
} out;
};
{"time", "get remote server's time\n", net_time, net_time_usage},
{"join", "join a domain\n", net_join, net_join_usage},
{"samdump", "dump the sam of a domain\n", net_samdump, net_samdump_usage},
- {"samsync", "synchronise into the local ldb the sam of a domain\n", net_samsync_ldb, net_samsync_ldb_usage},
+ {"vampire", "join and syncronise an AD domain onto the local server\n", net_vampire, net_vampire_usage},
+ {"samsync", "synchronise into the local ldb the sam of an NT4 domain\n", net_samsync_ldb, net_samsync_ldb_usage},
{"user", "manage user accounts\n", net_user, net_user_usage},
{NULL, NULL, NULL, NULL}
};
d_printf("Joins domain as either member or backup domain controller.\n");
return 0;
}
+
+int net_vampire(struct net_context *ctx, int argc, const char **argv)
+{
+ NTSTATUS status;
+ struct libnet_context *libnetctx;
+ struct libnet_Vampire *r;
+ char *tmp, *targetdir = NULL;
+ const char *domain_name;
+
+ switch (argc) {
+ case 0: /* no args -> fail */
+ return net_vampire_usage(ctx, argc, argv);
+ case 1: /* only DOMAIN */
+ tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
+ break;
+ case 2: /* domain and target dir */
+ tmp = talloc_strdup(ctx->mem_ctx, argv[0]);
+ targetdir = talloc_strdup(ctx->mem_ctx, argv[1]);
+ break;
+ default: /* too many args -> fail */
+ return net_vampire_usage(ctx, argc, argv);
+ }
+
+ domain_name = tmp;
+
+ libnetctx = libnet_context_init(NULL, ctx->lp_ctx);
+ if (!libnetctx) {
+ return -1;
+ }
+ libnetctx->cred = ctx->credentials;
+ r = talloc(ctx->mem_ctx, struct libnet_Vampire);
+ if (!r) {
+ return -1;
+ }
+ /* prepare parameters for the vampire */
+ r->in.netbios_name = lp_netbios_name(ctx->lp_ctx);
+ r->in.domain_name = domain_name;
+ r->in.targetdir = targetdir;
+ r->out.error_string = NULL;
+
+ /* do the domain vampire */
+ status = libnet_Vampire(libnetctx, r, r);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "Vampire of domain failed: %s\n",
+ r->out.error_string ? r->out.error_string : nt_errstr(status));
+ talloc_free(r);
+ talloc_free(libnetctx);
+ return -1;
+ }
+ d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx->mem_ctx, r->out.domain_sid));
+
+ talloc_free(libnetctx);
+ return 0;
+}
+
+int net_vampire_usage(struct net_context *ctx, int argc, const char **argv)
+{
+ d_printf("net vampire <domain> [options]\n");
+ return 0;
+}
+
+int net_vampire_help(struct net_context *ctx, int argc, const char **argv)
+{
+ d_printf("Vampires domain as either member or backup domain controller.\n");
+ return 0;
+}
int net_samsync_ldb_usage(struct net_context *ctx, int argc, const char **argv)
{
- d_printf("net samsync_ldb\n");
+ d_printf("net samsync\n");
return 0;
}