{ NULL, NULL, NULL }
};
+/****************************************************************
+****************************************************************/
+
static const char *name_to_guid_string(const char *name, struct gpo_table *table)
{
int i;
return NULL;
}
+/****************************************************************
+****************************************************************/
+
static const char *guid_string_to_name(const char *guid_string, struct gpo_table *table)
{
int i;
return NULL;
}
+/****************************************************************
+****************************************************************/
+
static const char *snapin_guid_string_to_name(const char *guid_string,
struct snapin_table *table)
{
}
#endif
+/****************************************************************
+****************************************************************/
+
const char *cse_gpo_guid_string_to_name(const char *guid)
{
return guid_string_to_name(guid, gpo_cse_extensions);
}
-static const char *cse_gpo_name_to_guid_string(const char *name)
+/****************************************************************
+****************************************************************/
+
+const char *cse_gpo_name_to_guid_string(const char *name)
{
return name_to_guid_string(name, gpo_cse_extensions);
}
+/****************************************************************
+****************************************************************/
+
const char *cse_snapin_gpo_guid_string_to_name(const char *guid)
{
return snapin_guid_string_to_name(guid, gpo_cse_snapin_extensions);
}
+/****************************************************************
+****************************************************************/
+
void dump_gp_ext(struct GP_EXT *gp_ext, int debuglevel)
{
int lvl = debuglevel;
}
}
-void dump_gpo(TALLOC_CTX *mem_ctx, struct GROUP_POLICY_OBJECT *gpo, int debuglevel)
+/****************************************************************
+****************************************************************/
+
+void dump_gpo(ADS_STRUCT *ads, TALLOC_CTX *mem_ctx, struct GROUP_POLICY_OBJECT *gpo, int debuglevel)
{
int lvl = debuglevel;
}
dump_gp_ext(gp_ext, lvl);
}
+
+ DEBUGADD(lvl,("security descriptor:\n"));
+
+ ads_disp_sd(ads, mem_ctx, gpo->security_descriptor);
}
/****************************************************************
****************************************************************/
-void dump_gpo_list(TALLOC_CTX *mem_ctx,
+void dump_gpo_list(ADS_STRUCT *ads,
+ TALLOC_CTX *mem_ctx,
struct GROUP_POLICY_OBJECT *gpo_list,
int debuglevel)
{
struct GROUP_POLICY_OBJECT *gpo = NULL;
for (gpo = gpo_list; gpo; gpo = gpo->next) {
- dump_gpo(mem_ctx, gpo, debuglevel);
+ dump_gpo(ads, mem_ctx, gpo, debuglevel);
}
}
DEBUG(lvl,("get gpo for %s failed: %s\n", gp_link->link_names[i], ads_errstr(status)));
return;
}
- dump_gpo(mem_ctx, &gpo, lvl);
+ dump_gpo(ads, mem_ctx, &gpo, lvl);
}
}
}
d_printf(
"net ads gpo <COMMAND>\n"\
"<COMMAND> can be either:\n"\
-" ADDLINK Link a container to a GPO\n"\
-/* " APPLY Apply all GPOs\n"\ */
-/* " DELETELINK Delete a gPLink from a container\n"\ */
-" REFRESH Lists all GPOs assigned to an account and downloads them\n"\
+" APPLY Apply GPOs for machine/user\n"\
" GETGPO Lists specified GPO\n"\
-" GETLINK Lists gPLink of a containter\n"\
" HELP Prints this help message\n"\
-" LIST Lists all GPOs\n"\
+" LINKADD Link a container to a GPO\n"\
+/* " LINKDELETE Delete a gPLink from a container\n"\ */
+" LINKGET Lists gPLink of a containter\n"\
+" LIST Lists all GPOs for machine/user\n"\
+" LISTALL Lists all GPOs on a DC\n"\
+" REFRESH Lists all GPOs assigned to an account and downloads them\n"\
"\n"
);
return -1;
return 0;
}
-static int net_ads_gpo_list(int argc, const char **argv)
+static int net_ads_gpo_list_all(int argc, const char **argv)
{
ADS_STRUCT *ads;
ADS_STATUS status;
"name",
"gPCMachineExtensionNames",
"gPCUserExtensionNames",
+ "ntSecurityDescriptor",
NULL
};
- mem_ctx = talloc_init("net_ads_gpo_list");
+ mem_ctx = talloc_init("net_ads_gpo_list_all");
if (mem_ctx == NULL) {
return -1;
}
goto out;
}
- status = ads_do_search_all(ads, ads->config.bind_path,
- LDAP_SCOPE_SUBTREE,
- "(objectclass=groupPolicyContainer)", attrs, &res);
+ status = ads_do_search_all_sd_flags(ads, ads->config.bind_path,
+ LDAP_SCOPE_SUBTREE,
+ "(objectclass=groupPolicyContainer)",
+ attrs,
+ DACL_SECURITY_INFORMATION,
+ &res);
+
if (!ADS_ERR_OK(status)) {
d_printf("search failed: %s\n", ads_errstr(status));
goto out;
status = ads_parse_gpo(ads, mem_ctx, msg, dn, &gpo);
if (!ADS_ERR_OK(status)) {
- d_printf("parse failed: %s\n", ads_errstr(status));
+ d_printf("ads_parse_gpo failed: %s\n", ads_errstr(status));
ads_memfree(ads, dn);
goto out;
}
- dump_gpo(mem_ctx, &gpo, 1);
+ dump_gpo(ads, mem_ctx, &gpo, 0);
ads_memfree(ads, dn);
}
return 0;
}
-#if 0 /* not yet */
+static int net_ads_gpo_list(int argc, const char **argv)
+{
+ ADS_STRUCT *ads;
+ ADS_STATUS status;
+ LDAPMessage *res = NULL;
+ TALLOC_CTX *mem_ctx;
+ const char *dn = NULL;
+ uint32 uac = 0;
+ uint32 flags = 0;
+ struct GROUP_POLICY_OBJECT *gpo_list;
+ if (argc < 1) {
+ printf("usage: net ads gpo list <username|machinename>\n");
+ return -1;
+ }
+
+ mem_ctx = talloc_init("net_ads_gpo_list");
+ if (mem_ctx == NULL) {
+ goto out;
+ }
+
+ status = ads_startup(False, &ads);
+ if (!ADS_ERR_OK(status)) {
+ goto out;
+ }
+
+ status = ads_find_samaccount(ads, mem_ctx, argv[0], &uac, &dn);
+ if (!ADS_ERR_OK(status)) {
+ goto out;
+ }
+
+ if (uac & UF_WORKSTATION_TRUST_ACCOUNT) {
+ flags |= GPO_LIST_FLAG_MACHINE;
+ }
+
+ printf("%s: '%s' has dn: '%s'\n",
+ (uac & UF_WORKSTATION_TRUST_ACCOUNT) ? "machine" : "user",
+ argv[0], dn);
+
+ status = ads_get_gpo_list(ads, mem_ctx, dn, flags, &gpo_list);
+ if (!ADS_ERR_OK(status)) {
+ goto out;
+ }
+
+ dump_gpo_list(ads, mem_ctx, gpo_list, 0);
+
+out:
+ ads_msgfree(ads, res);
+
+ talloc_destroy(mem_ctx);
+ ads_destroy(&ads);
+
+ return 0;
+}
+
+#if 0 /* not yet */
static int net_ads_gpo_apply(int argc, const char **argv)
{
TALLOC_CTX *mem_ctx;
#endif
-static int net_ads_gpo_get_link(int argc, const char **argv)
+static int net_ads_gpo_link_get(int argc, const char **argv)
{
ADS_STRUCT *ads;
ADS_STATUS status;
struct GP_LINK gp_link;
if (argc < 1) {
- printf("usage: net ads gpo getlink <linkname>\n");
+ printf("usage: net ads gpo linkget <linkname>\n");
return -1;
}
return 0;
}
-static int net_ads_gpo_add_link(int argc, const char **argv)
+static int net_ads_gpo_link_add(int argc, const char **argv)
{
ADS_STRUCT *ads;
ADS_STATUS status;
TALLOC_CTX *mem_ctx;
if (argc < 2) {
- printf("usage: net ads gpo addlink <linkdn> <gpodn> [options]\n");
+ printf("usage: net ads gpo linkadd <linkdn> <gpodn> [options]\n");
printf("note: DNs must be provided properly escaped.\n See RFC 4514 for details\n");
return -1;
}
status = ads_add_gpo_link(ads, mem_ctx, argv[0], argv[1], gpo_opt);
if (!ADS_ERR_OK(status)) {
- d_printf("add link failed: %s\n", ads_errstr(status));
+ d_printf("link add failed: %s\n", ads_errstr(status));
goto out;
}
#if 0 /* broken */
-static int net_ads_gpo_delete_link(int argc, const char **argv)
+static int net_ads_gpo_link_delete(int argc, const char **argv)
{
ADS_STRUCT *ads;
ADS_STATUS status;
goto out;
}
- dump_gpo(mem_ctx, &gpo, 1);
+ dump_gpo(ads, mem_ctx, &gpo, 1);
out:
talloc_destroy(mem_ctx);
int net_ads_gpo(int argc, const char **argv)
{
struct functable func[] = {
- {"LIST", net_ads_gpo_list},
- {"REFRESH", net_ads_gpo_refresh},
- {"ADDLINK", net_ads_gpo_add_link},
- /* {"DELETELINK", net_ads_gpo_delete_link}, */
- {"GETLINK", net_ads_gpo_get_link},
+ /* {"APPLY", net_ads_gpo_apply}, */
{"GETGPO", net_ads_gpo_get_gpo},
{"HELP", net_ads_gpo_usage},
- /* {"APPLY", net_ads_gpo_apply}, */
+ {"LINKADD", net_ads_gpo_link_add},
+ /* {"LINKDELETE", net_ads_gpo_link_delete}, */
+ {"LINKGET", net_ads_gpo_link_get},
+ {"LIST", net_ads_gpo_list},
+ {"LISTALL", net_ads_gpo_list_all},
+ {"REFRESH", net_ads_gpo_refresh},
{NULL, NULL}
};
git.samba.org / tprouty / samba.git / commitdiff