2 Unix SMB/CIFS implementation.
5 Copyright (C) Tim Potter 2000
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "rpcclient.h"
24 static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli,
25 TALLOC_CTX *mem_ctx, int argc,
28 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
30 const char *logon_server = cli->cli->desthost;
31 enum netr_LogonControlCode function_code = NETLOGON_CONTROL_REDISCOVER;
33 union netr_CONTROL_DATA_INFORMATION data;
34 union netr_CONTROL_QUERY_INFORMATION query;
35 const char *domain = lp_workgroup();
38 fprintf(stderr, "Usage: %s <logon_server> <function_code> "
39 "<level> <domain>\n", argv[0]);
44 logon_server = argv[1];
48 function_code = atoi(argv[2]);
52 level = atoi(argv[3]);
59 switch (function_code) {
60 case NETLOGON_CONTROL_REDISCOVER:
61 case NETLOGON_CONTROL_TC_QUERY:
68 status = rpccli_netr_LogonControl2(cli, mem_ctx,
75 if (!NT_STATUS_IS_OK(status)) {
76 return ntstatus_to_werror(status);
79 if (!W_ERROR_IS_OK(werr)) {
88 static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli,
89 TALLOC_CTX *mem_ctx, int argc,
92 const char *dcname = NULL;
98 fprintf(stderr, "Usage: %s domainname\n", argv[0]);
102 /* Make sure to wait for our DC's reply */
103 old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
105 status = rpccli_netr_GetAnyDCName(cli, mem_ctx,
110 cli_set_timeout(cli->cli, old_timeout);
112 if (!NT_STATUS_IS_OK(status)) {
113 return ntstatus_to_werror(status);
116 if (!W_ERROR_IS_OK(werr)) {
120 /* Display results */
122 printf("%s\n", dcname);
127 static WERROR cmd_netlogon_getdcname(struct rpc_pipe_client *cli,
128 TALLOC_CTX *mem_ctx, int argc,
131 const char *dcname = NULL;
137 fprintf(stderr, "Usage: %s domainname\n", argv[0]);
141 /* Make sure to wait for our DC's reply */
142 old_timeout = cli_set_timeout(cli->cli, MAX(cli->cli->timeout,30000)); /* 30 seconds. */
144 status = rpccli_netr_GetDcName(cli, mem_ctx,
149 cli_set_timeout(cli->cli, old_timeout);
151 if (!NT_STATUS_IS_OK(status)) {
152 return ntstatus_to_werror(status);
155 if (!W_ERROR_IS_OK(werr)) {
159 /* Display results */
161 printf("%s\n", dcname);
166 static WERROR cmd_netlogon_dsr_getdcname(struct rpc_pipe_client *cli,
167 TALLOC_CTX *mem_ctx, int argc,
171 WERROR werr = WERR_OK;
172 uint32 flags = DS_RETURN_DNS_NAME;
173 const char *server_name = cli->cli->desthost;
174 const char *domain_name;
175 struct GUID domain_guid = GUID_zero();
176 struct GUID site_guid = GUID_zero();
177 struct netr_DsRGetDCNameInfo *info = NULL;
180 fprintf(stderr, "Usage: %s [domain_name] [domain_guid] "
181 "[site_guid] [flags]\n", argv[0]);
186 domain_name = argv[1];
189 if (!NT_STATUS_IS_OK(GUID_from_string(argv[2], &domain_guid))) {
195 if (!NT_STATUS_IS_OK(GUID_from_string(argv[3], &site_guid))) {
201 sscanf(argv[4], "%x", &flags);
203 debug_dsdcinfo_flags(1,flags);
205 result = rpccli_netr_DsRGetDCName(cli, mem_ctx,
214 if (W_ERROR_IS_OK(werr)) {
215 d_printf("DsGetDcName gave: %s\n",
216 NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
220 printf("rpccli_netlogon_dsr_getdcname returned %s\n",
226 static WERROR cmd_netlogon_dsr_getdcnameex(struct rpc_pipe_client *cli,
227 TALLOC_CTX *mem_ctx, int argc,
232 uint32_t flags = DS_RETURN_DNS_NAME;
233 const char *server_name = cli->cli->desthost;
234 const char *domain_name;
235 const char *site_name = NULL;
236 struct GUID domain_guid = GUID_zero();
237 struct netr_DsRGetDCNameInfo *info = NULL;
240 fprintf(stderr, "Usage: %s [domain_name] [domain_guid] "
241 "[site_name] [flags]\n", argv[0]);
245 domain_name = argv[1];
248 if (!NT_STATUS_IS_OK(GUID_from_string(argv[2], &domain_guid))) {
258 sscanf(argv[4], "%x", &flags);
261 debug_dsdcinfo_flags(1,flags);
263 status = rpccli_netr_DsRGetDCNameEx(cli, mem_ctx,
271 if (!NT_STATUS_IS_OK(status)) {
272 return ntstatus_to_werror(status);
275 if (!W_ERROR_IS_OK(result)) {
279 d_printf("DsRGetDCNameEx gave %s\n",
280 NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
285 static WERROR cmd_netlogon_dsr_getdcnameex2(struct rpc_pipe_client *cli,
286 TALLOC_CTX *mem_ctx, int argc,
291 uint32_t flags = DS_RETURN_DNS_NAME;
292 const char *server_name = cli->cli->desthost;
293 const char *domain_name = NULL;
294 const char *client_account = NULL;
296 const char *site_name = NULL;
297 struct GUID domain_guid = GUID_zero();
298 struct netr_DsRGetDCNameInfo *info = NULL;
301 fprintf(stderr, "Usage: %s [client_account] [acb_mask] "
302 "[domain_name] [domain_guid] [site_name] "
303 "[flags]\n", argv[0]);
308 client_account = argv[1];
312 mask = atoi(argv[2]);
316 domain_name = argv[3];
320 if (!NT_STATUS_IS_OK(GUID_from_string(argv[4], &domain_guid))) {
330 sscanf(argv[6], "%x", &flags);
333 debug_dsdcinfo_flags(1,flags);
335 status = rpccli_netr_DsRGetDCNameEx2(cli, mem_ctx,
345 if (!NT_STATUS_IS_OK(status)) {
346 return ntstatus_to_werror(status);
349 if (!W_ERROR_IS_OK(result)) {
353 d_printf("DsRGetDCNameEx2 gave %s\n",
354 NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
360 static WERROR cmd_netlogon_dsr_getsitename(struct rpc_pipe_client *cli,
361 TALLOC_CTX *mem_ctx, int argc,
366 const char *sitename = NULL;
369 fprintf(stderr, "Usage: %s computername\n", argv[0]);
373 status = rpccli_netr_DsRGetSiteName(cli, mem_ctx,
377 if (!NT_STATUS_IS_OK(status)) {
378 return ntstatus_to_werror(status);
381 if (!W_ERROR_IS_OK(werr)) {
382 printf("rpccli_netlogon_dsr_gesitename returned %s\n",
383 nt_errstr(werror_to_ntstatus(werr)));
387 printf("Computer %s is on Site: %s\n", argv[1], sitename);
392 static WERROR cmd_netlogon_logon_ctrl(struct rpc_pipe_client *cli,
393 TALLOC_CTX *mem_ctx, int argc,
396 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
398 const char *logon_server = cli->cli->desthost;
399 enum netr_LogonControlCode function_code = 1;
401 union netr_CONTROL_QUERY_INFORMATION info;
404 fprintf(stderr, "Usage: %s <logon_server> <function_code> "
405 "<level>\n", argv[0]);
410 logon_server = argv[1];
414 function_code = atoi(argv[2]);
418 level = atoi(argv[3]);
421 status = rpccli_netr_LogonControl(cli, mem_ctx,
427 if (!NT_STATUS_IS_OK(status)) {
428 return ntstatus_to_werror(status);
431 if (!W_ERROR_IS_OK(werr)) {
435 /* Display results */
440 /* Display sam synchronisation information */
442 static void display_sam_sync(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas,
443 SAM_DELTA_CTR *deltas)
448 for (i = 0; i < num_deltas; i++) {
449 switch (hdr_deltas[i].type) {
450 case SAM_DELTA_DOMAIN_INFO:
451 unistr2_to_ascii(name,
452 &deltas[i].domain_info.uni_dom_name,
454 printf("Domain: %s\n", name);
456 case SAM_DELTA_GROUP_INFO:
457 unistr2_to_ascii(name,
458 &deltas[i].group_info.uni_grp_name,
460 printf("Group: %s\n", name);
462 case SAM_DELTA_ACCOUNT_INFO:
463 unistr2_to_ascii(name,
464 &deltas[i].account_info.uni_acct_name,
466 printf("Account: %s\n", name);
468 case SAM_DELTA_ALIAS_INFO:
469 unistr2_to_ascii(name,
470 &deltas[i].alias_info.uni_als_name,
472 printf("Alias: %s\n", name);
474 case SAM_DELTA_ALIAS_MEM: {
475 SAM_ALIAS_MEM_INFO *alias = &deltas[i].als_mem_info;
477 for (j = 0; j < alias->num_members; j++) {
480 sid_to_fstring(sid_str, &alias->sids[j].sid);
482 printf("%s\n", sid_str);
486 case SAM_DELTA_GROUP_MEM: {
487 SAM_GROUP_MEM_INFO *group = &deltas[i].grp_mem_info;
489 for (j = 0; j < group->num_members; j++)
490 printf("rid 0x%x, attrib 0x%08x\n",
491 group->rids[j], group->attribs[j]);
494 case SAM_DELTA_MODIFIED_COUNT: {
495 SAM_DELTA_MOD_COUNT *mc = &deltas[i].mod_count;
497 printf("sam sequence update: 0x%04x\n", mc->seqnum);
501 printf("unknown delta type 0x%02x\n",
508 /* Perform sam synchronisation */
510 static NTSTATUS cmd_netlogon_sam_sync(struct rpc_pipe_client *cli,
511 TALLOC_CTX *mem_ctx, int argc,
514 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
515 uint32 database_id = 0, num_deltas;
516 SAM_DELTA_HDR *hdr_deltas;
517 SAM_DELTA_CTR *deltas;
520 fprintf(stderr, "Usage: %s [database_id]\n", argv[0]);
525 database_id = atoi(argv[1]);
527 /* Synchronise sam database */
529 result = rpccli_netlogon_sam_sync(cli, mem_ctx, database_id,
530 0, &num_deltas, &hdr_deltas, &deltas);
532 if (!NT_STATUS_IS_OK(result))
535 /* Display results */
537 display_sam_sync(num_deltas, hdr_deltas, deltas);
543 /* Perform sam delta synchronisation */
545 static NTSTATUS cmd_netlogon_sam_deltas(struct rpc_pipe_client *cli,
546 TALLOC_CTX *mem_ctx, int argc,
549 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
550 uint32 database_id, num_deltas, tmp;
551 SAM_DELTA_HDR *hdr_deltas;
552 SAM_DELTA_CTR *deltas;
556 fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]);
560 database_id = atoi(argv[1]);
563 seqnum = tmp & 0xffff;
565 result = rpccli_netlogon_sam_deltas(cli, mem_ctx, database_id,
567 &hdr_deltas, &deltas);
569 if (!NT_STATUS_IS_OK(result))
572 /* Display results */
574 display_sam_sync(num_deltas, hdr_deltas, deltas);
580 /* Log on a domain user */
582 static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli,
583 TALLOC_CTX *mem_ctx, int argc,
586 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
587 int logon_type = NET_LOGON_TYPE;
588 const char *username, *password;
590 uint32 logon_param = 0;
591 const char *workstation = NULL;
593 /* Check arguments */
595 if (argc < 3 || argc > 7) {
596 fprintf(stderr, "Usage: samlogon <username> <password> [workstation]"
597 "[logon_type (1 or 2)] [auth level (2 or 3)] [logon_parameter]\n");
605 workstation = argv[3];
608 sscanf(argv[4], "%i", &logon_type);
611 sscanf(argv[5], "%i", &auth_level);
614 sscanf(argv[6], "%x", &logon_param);
616 /* Perform the sam logon */
618 result = rpccli_netlogon_sam_logon(cli, mem_ctx, logon_param, lp_workgroup(), username, password, workstation, logon_type);
620 if (!NT_STATUS_IS_OK(result))
627 /* Change the trust account password */
629 static NTSTATUS cmd_netlogon_change_trust_pw(struct rpc_pipe_client *cli,
630 TALLOC_CTX *mem_ctx, int argc,
633 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
635 /* Check arguments */
638 fprintf(stderr, "Usage: change_trust_pw");
642 /* Perform the sam logon */
644 result = trust_pw_find_change_and_store_it(cli, mem_ctx,
647 if (!NT_STATUS_IS_OK(result))
654 static WERROR cmd_netlogon_gettrustrid(struct rpc_pipe_client *cli,
655 TALLOC_CTX *mem_ctx, int argc,
658 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
659 WERROR werr = WERR_GENERAL_FAILURE;
660 const char *server_name = cli->cli->desthost;
661 const char *domain_name = lp_workgroup();
664 if (argc < 1 || argc > 3) {
665 fprintf(stderr, "Usage: %s <server_name> <domain_name>\n",
671 server_name = argv[1];
675 domain_name = argv[2];
678 status = rpccli_netr_LogonGetTrustRid(cli, mem_ctx,
683 if (!NT_STATUS_IS_OK(status)) {
687 if (W_ERROR_IS_OK(werr)) {
688 printf("Rid: %d\n", rid);
694 static WERROR cmd_netlogon_dsr_enumtrustdom(struct rpc_pipe_client *cli,
695 TALLOC_CTX *mem_ctx, int argc,
698 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
699 WERROR werr = WERR_GENERAL_FAILURE;
700 const char *server_name = cli->cli->desthost;
701 uint32_t trust_flags = NETR_TRUST_FLAG_IN_FOREST;
702 struct netr_DomainTrustList trusts;
704 if (argc < 1 || argc > 3) {
705 fprintf(stderr, "Usage: %s <server_name> <trust_flags>\n",
711 server_name = argv[1];
715 sscanf(argv[2], "%x", &trust_flags);
718 status = rpccli_netr_DsrEnumerateDomainTrusts(cli, mem_ctx,
723 if (!NT_STATUS_IS_OK(status)) {
727 if (W_ERROR_IS_OK(werr)) {
730 printf("%d domains returned\n", trusts.count);
732 for (i=0; i<trusts.count; i++ ) {
734 trusts.array[i].dns_name,
735 trusts.array[i].netbios_name);
742 static WERROR cmd_netlogon_deregisterdnsrecords(struct rpc_pipe_client *cli,
743 TALLOC_CTX *mem_ctx, int argc,
746 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
747 WERROR werr = WERR_GENERAL_FAILURE;
748 const char *server_name = cli->cli->desthost;
749 const char *domain = lp_workgroup();
750 const char *dns_host = NULL;
752 if (argc < 1 || argc > 4) {
753 fprintf(stderr, "Usage: %s <server_name> <domain_name> "
754 "<dns_host>\n", argv[0]);
759 server_name = argv[1];
770 status = rpccli_netr_DsrDeregisterDNSHostRecords(cli, mem_ctx,
777 if (!NT_STATUS_IS_OK(status)) {
781 if (W_ERROR_IS_OK(werr)) {
788 static WERROR cmd_netlogon_dsr_getforesttrustinfo(struct rpc_pipe_client *cli,
789 TALLOC_CTX *mem_ctx, int argc,
792 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
793 WERROR werr = WERR_GENERAL_FAILURE;
794 const char *server_name = cli->cli->desthost;
795 const char *trusted_domain_name = NULL;
796 struct lsa_ForestTrustInformation *info = NULL;
799 if (argc < 1 || argc > 4) {
800 fprintf(stderr, "Usage: %s <server_name> <trusted_domain_name> "
801 "<flags>\n", argv[0]);
806 server_name = argv[1];
810 trusted_domain_name = argv[2];
814 sscanf(argv[3], "%x", &flags);
817 status = rpccli_netr_DsRGetForestTrustInformation(cli, mem_ctx,
823 if (!NT_STATUS_IS_OK(status)) {
827 if (W_ERROR_IS_OK(werr)) {
834 static WERROR cmd_netlogon_enumtrusteddomains(struct rpc_pipe_client *cli,
835 TALLOC_CTX *mem_ctx, int argc,
838 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
839 WERROR werr = WERR_GENERAL_FAILURE;
840 const char *server_name = cli->cli->desthost;
841 struct netr_Blob blob;
844 if (argc < 1 || argc > 3) {
845 fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
850 server_name = argv[1];
853 status = rpccli_netr_NetrEnumerateTrustedDomains(cli, mem_ctx,
857 if (!NT_STATUS_IS_OK(status)) {
861 if (W_ERROR_IS_OK(werr)) {
863 dump_data(1, blob.data, blob.length);
869 static WERROR cmd_netlogon_enumtrusteddomainsex(struct rpc_pipe_client *cli,
870 TALLOC_CTX *mem_ctx, int argc,
873 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
874 WERROR werr = WERR_GENERAL_FAILURE;
875 const char *server_name = cli->cli->desthost;
876 struct netr_DomainTrustList list;
878 if (argc < 1 || argc > 3) {
879 fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
884 server_name = argv[1];
887 status = rpccli_netr_NetrEnumerateTrustedDomainsEx(cli, mem_ctx,
891 if (!NT_STATUS_IS_OK(status)) {
895 if (W_ERROR_IS_OK(werr)) {
903 /* List of commands exported by this module */
905 struct cmd_set netlogon_commands[] = {
909 { "logonctrl2", RPC_RTYPE_WERROR, NULL, cmd_netlogon_logon_ctrl2, PI_NETLOGON, NULL, "Logon Control 2", "" },
910 { "getanydcname", RPC_RTYPE_WERROR, NULL, cmd_netlogon_getanydcname, PI_NETLOGON, NULL, "Get trusted DC name", "" },
911 { "getdcname", RPC_RTYPE_WERROR, NULL, cmd_netlogon_getdcname, PI_NETLOGON, NULL, "Get trusted PDC name", "" },
912 { "dsr_getdcname", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getdcname, PI_NETLOGON, NULL, "Get trusted DC name", "" },
913 { "dsr_getdcnameex", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getdcnameex, PI_NETLOGON, NULL, "Get trusted DC name", "" },
914 { "dsr_getdcnameex2", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getdcnameex2, PI_NETLOGON, NULL, "Get trusted DC name", "" },
915 { "dsr_getsitename", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getsitename, PI_NETLOGON, NULL, "Get sitename", "" },
916 { "dsr_getforesttrustinfo", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_getforesttrustinfo, PI_NETLOGON, NULL, "Get Forest Trust Info", "" },
917 { "logonctrl", RPC_RTYPE_WERROR, NULL, cmd_netlogon_logon_ctrl, PI_NETLOGON, NULL, "Logon Control", "" },
918 { "samsync", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_sync, NULL, PI_NETLOGON, NULL, "Sam Synchronisation", "" },
919 { "samdeltas", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_deltas, NULL, PI_NETLOGON, NULL, "Query Sam Deltas", "" },
920 { "samlogon", RPC_RTYPE_NTSTATUS, cmd_netlogon_sam_logon, NULL, PI_NETLOGON, NULL, "Sam Logon", "" },
921 { "change_trust_pw", RPC_RTYPE_NTSTATUS, cmd_netlogon_change_trust_pw, NULL, PI_NETLOGON, NULL, "Change Trust Account Password", "" },
922 { "gettrustrid", RPC_RTYPE_WERROR, NULL, cmd_netlogon_gettrustrid, PI_NETLOGON, NULL, "Get trust rid", "" },
923 { "dsr_enumtrustdom", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_enumtrustdom, PI_NETLOGON, NULL, "Enumerate trusted domains", "" },
924 { "dsenumdomtrusts", RPC_RTYPE_WERROR, NULL, cmd_netlogon_dsr_enumtrustdom, PI_NETLOGON, NULL, "Enumerate all trusted domains in an AD forest", "" },
925 { "deregisterdnsrecords", RPC_RTYPE_WERROR, NULL, cmd_netlogon_deregisterdnsrecords, PI_NETLOGON, NULL, "Deregister DNS records", "" },
926 { "netrenumtrusteddomains", RPC_RTYPE_WERROR, NULL, cmd_netlogon_enumtrusteddomains, PI_NETLOGON, NULL, "Enumerate trusted domains", "" },
927 { "netrenumtrusteddomainsex", RPC_RTYPE_WERROR, NULL, cmd_netlogon_enumtrusteddomainsex, PI_NETLOGON, NULL, "Enumerate trusted domains", "" },