source3/lib/netapi/joindomain.c

   1 /*
   2  *  Unix SMB/CIFS implementation.
   3  *  NetApi Join Support
   4  *  Copyright (C) Guenther Deschner 2007
   5  *
   6  *  This program is free software; you can redistribute it and/or modify
   7  *  it under the terms of the GNU General Public License as published by
   8  *  the Free Software Foundation; either version 3 of the License, or
   9  *  (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU General Public License
  17  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 #include "includes.h"
  21
  22 extern const char *opt_user_name;
  23 extern const char *opt_workgroup;
  24 extern const char *opt_password;
  25
  26 WERROR NetJoinDomain(const char *server_name,
  27                      const char *domain_name,
  28                      const char *account_ou,
  29                      const char *Account,
  30                      const char *password,
  31                      uint32_t join_flags)
  32 {
  33         TALLOC_CTX *mem_ctx = NULL;
  34         struct cli_state *cli = NULL;
  35         struct rpc_pipe_client *pipe_cli = NULL;
  36         struct wkssvc_PasswordBuffer encrypted_password;
  37         NTSTATUS status;
  38         WERROR werr;
  39         unsigned int old_timeout = 0;
  40
  41         ZERO_STRUCT(encrypted_password);
  42
  43         mem_ctx = talloc_init("NetJoinDomain");
  44         if (!mem_ctx) {
  45                 werr = WERR_NOMEM;
  46                 goto done;
  47         }
  48
  49         if (!server_name || is_myname_or_ipaddr(server_name)) {
  50                 werr = WERR_NOT_SUPPORTED;
  51                 goto done;
  52         }
  53
  54         if (!domain_name) {
  55                 werr = WERR_INVALID_PARAM;
  56                 goto done;
  57         }
  58
  59         status = cli_full_connection(&cli, NULL, server_name,
  60                                      NULL, 0,
  61                                      "IPC$", "IPC",
  62                                      opt_user_name, opt_workgroup,
  63                                      opt_password, 0, Undefined, NULL);
  64
  65         if (!NT_STATUS_IS_OK(status)) {
  66                 werr = ntstatus_to_werror(status);
  67                 goto done;
  68         }
  69
  70         old_timeout = cli_set_timeout(cli, 60000);
  71
  72         pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_WKSSVC,
  73                                             &status);
  74         if (!pipe_cli) {
  75                 werr = ntstatus_to_werror(status);
  76                 goto done;
  77         };
  78
  79         if (password) {
  80                 encode_wkssvc_join_password_buffer(mem_ctx,
  81                                                    password,
  82                                                    &cli->user_session_key,
  83                                                    &encrypted_password);
  84         }
  85
  86         old_timeout = cli_set_timeout(cli, 60000);
  87
  88         status = rpccli_wkssvc_NetrJoinDomain2(pipe_cli, mem_ctx,
  89                                                server_name, domain_name,
  90                                                account_ou, Account,
  91                                                &encrypted_password,
  92                                                join_flags, &werr);
  93         if (!NT_STATUS_IS_OK(status)) {
  94                 werr = ntstatus_to_werror(status);
  95                 goto done;
  96         }
  97
  98  done:
  99         if (cli) {
 100                 cli_set_timeout(cli, old_timeout);
 101                 cli_shutdown(cli);
 102         }
 103         TALLOC_FREE(mem_ctx);
 104
 105         return werr;
 106 }
 107
 108 WERROR NetUnjoinDomain(const char *server_name,
 109                        const char *account,
 110                        const char *password,
 111                        uint32_t unjoin_flags)
 112 {
 113         TALLOC_CTX *mem_ctx = NULL;
 114         struct cli_state *cli = NULL;
 115         struct rpc_pipe_client *pipe_cli = NULL;
 116         struct wkssvc_PasswordBuffer encrypted_password;
 117         NTSTATUS status;
 118         WERROR werr;
 119         unsigned int old_timeout = 0;
 120
 121         ZERO_STRUCT(encrypted_password);
 122
 123         mem_ctx = talloc_init("NetUnjoinDomain");
 124         if (!mem_ctx) {
 125                 werr = WERR_NOMEM;
 126                 goto done;
 127         }
 128
 129         if (!server_name || is_myname_or_ipaddr(server_name)) {
 130                 werr = WERR_NOT_SUPPORTED;
 131                 goto done;
 132         }
 133
 134         status = cli_full_connection(&cli, NULL, server_name,
 135                                      NULL, 0,
 136                                      "IPC$", "IPC",
 137                                      opt_user_name, opt_workgroup,
 138                                      opt_password, 0, Undefined, NULL);
 139
 140         if (!NT_STATUS_IS_OK(status)) {
 141                 werr = ntstatus_to_werror(status);
 142                 goto done;
 143         }
 144
 145         old_timeout = cli_set_timeout(cli, 60000);
 146
 147         pipe_cli = cli_rpc_pipe_open_noauth(cli, PI_WKSSVC,
 148                                             &status);
 149         if (!pipe_cli) {
 150                 werr = ntstatus_to_werror(status);
 151                 goto done;
 152         };
 153
 154         if (password) {
 155                 encode_wkssvc_join_password_buffer(mem_ctx,
 156                                                    password,
 157                                                    &cli->user_session_key,
 158                                                    &encrypted_password);
 159         }
 160
 161         old_timeout = cli_set_timeout(cli, 60000);
 162
 163         status = rpccli_wkssvc_NetrUnjoinDomain2(pipe_cli, mem_ctx,
 164                                                  server_name,
 165                                                  account,
 166                                                  &encrypted_password,
 167                                                  unjoin_flags,
 168                                                  &werr);
 169         if (!NT_STATUS_IS_OK(status)) {
 170                 werr = ntstatus_to_werror(status);
 171                 goto done;
 172         }
 173
 174  done:
 175         if (cli) {
 176                 cli_set_timeout(cli, old_timeout);
 177                 cli_shutdown(cli);
 178         }
 179         TALLOC_FREE(mem_ctx);
 180
 181         return werr;
 182 }