Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com)
Copyright (C) 2004 Guenther Deschner (gd@samba.org)
Copyright (C) 2005 Jeremy Allison (jra@samba.org)
+ Copyright (C) 2006 Jelmer Vernooij (jelmer@samba.org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
#include "includes.h"
#include "utils/net.h"
static int net_mode_share;
+static bool sync_files(struct copy_clistate *cp_clistate, const char *mask);
/**
* @file net_rpc.c
return result;
}
- rpccli_lsa_close(lsa_pipe, mem_ctx, &pol);
+ rpccli_lsa_Close(lsa_pipe, mem_ctx, &pol);
cli_rpc_pipe_close(lsa_pipe);
return NT_STATUS_OK;
/* make use of cli_state handed over as an argument, if possible */
if (!cli_arg) {
- cli = net_make_ipc_connection(conn_flags);
+ nt_status = net_make_ipc_connection(conn_flags, &cli);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(1, ("failed to make ipc connection: %s\n",
+ nt_errstr(nt_status)));
+ return -1;
+ }
} else {
cli = cli_arg;
}
int net_rpc_join(int argc, const char **argv)
{
- if ((lp_server_role() != ROLE_DOMAIN_MEMBER) &&
- (lp_server_role() != ROLE_DOMAIN_BDC)) {
- d_printf("can only join as domain member or as BDC\n");
+ if (lp_server_role() == ROLE_STANDALONE) {
+ d_printf("cannot join as standalone machine\n");
+ return -1;
+ }
+
+ if (strlen(global_myname()) > 15) {
+ d_printf("Our netbios name can be at most 15 chars long, "
+ "\"%s\" is %u chars long\n",
+ global_myname(), (unsigned int)strlen(global_myname()));
return -1;
}
SAM_UNK_CTR ctr;
fstring sid_str;
- sid_to_string(sid_str, domain_sid);
+ sid_to_fstring(sid_str, domain_sid);
/* Get sam policy handle */
result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
2, &ctr);
if (NT_STATUS_IS_OK(result)) {
TALLOC_CTX *ctx = talloc_init("rpc_info_internals");
- d_printf("Domain Name: %s\n", unistr2_tdup(ctx, &ctr.info.inf2.uni_domain));
+ d_printf("Domain Name: %s\n", unistr2_to_ascii_talloc(ctx, &ctr.info.inf2.uni_domain));
d_printf("Domain SID: %s\n", sid_str);
- d_printf("Sequence number: %u\n", ctr.info.inf2.seq_num.low);
+ d_printf("Sequence number: %llu\n", (unsigned long long)ctr.info.inf2.seq_num);
d_printf("Num users: %u\n", ctr.info.inf2.num_domain_usrs);
d_printf("Num domain groups: %u\n", ctr.info.inf2.num_domain_grps);
d_printf("Num local groups: %u\n", ctr.info.inf2.num_local_grps);
{
fstring sid_str;
- sid_to_string(sid_str, domain_sid);
+ sid_to_fstring(sid_str, domain_sid);
d_printf("Storing SID %s for Domain %s in secrets.tdb\n",
sid_str, domain_name);
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
uint32 acb_info;
- uint32 unknown, user_rid;
+ uint32 access_mask, user_rid;
- if (argc != 1) {
+ if (argc < 1) {
d_printf("User must be specified\n");
rpc_user_usage(argc, argv);
return NT_STATUS_OK;
/* Create domain user */
acb_info = ACB_NORMAL;
- unknown = 0xe005000b; /* No idea what this is - a permission mask? */
+ access_mask = 0xe005000b;
result = rpccli_samr_create_dom_user(pipe_hnd, mem_ctx, &domain_pol,
- acct_name, acb_info, unknown,
+ acct_name, acb_info, access_mask,
&user_pol, &user_rid);
if (!NT_STATUS_IS_OK(result)) {
goto done;
}
+ if (argc == 2) {
+
+ uint32 *user_rids, num_rids, *name_types;
+ uint32 flags = 0x000003e8; /* Unknown */
+ SAM_USERINFO_CTR ctr;
+ SAM_USER_INFO_24 p24;
+ uchar pwbuf[516];
+
+ result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol,
+ flags, 1, &acct_name,
+ &num_rids, &user_rids,
+ &name_types);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ user_rids[0], &user_pol);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ /* Set password on account */
+
+ ZERO_STRUCT(ctr);
+ ZERO_STRUCT(p24);
+
+ encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
+
+ init_sam_user_info24(&p24, (char *)pwbuf,24);
+
+ ctr.switch_value = 24;
+ ctr.info.id24 = &p24;
+
+ result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24,
+ &cli->user_session_key, &ctr);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ d_fprintf(stderr, "Failed to set password for user %s - %s\n",
+ acct_name, nt_errstr(result));
+
+ result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ d_fprintf(stderr, "Failed to delete user %s - %s\n",
+ acct_name, nt_errstr(result));
+ return result;
+ }
+ }
+
+ }
done:
if (!NT_STATUS_IS_OK(result)) {
d_fprintf(stderr, "Failed to add user %s - %s\n", acct_name,
goto done;
}
- names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
+ if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
names[0] = old_name;
result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol,
flags, num_names, names,
/* Look up rids */
if (num_rids) {
- rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids);
+ if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
for (i = 0; i < num_rids; i++)
rids[i] = user_gids[i].g_rid;
loop_count++;
for (i = 0; i < num_entries; i++) {
- unistr2_to_ascii(user, &(&ctr.sam.info1->str[i])->uni_acct_name, sizeof(user)-1);
+ unistr2_to_ascii(user, &(&ctr.sam.info1->str[i])->uni_acct_name, sizeof(user));
if (opt_long_list_entries)
- unistr2_to_ascii(desc, &(&ctr.sam.info1->str[i])->uni_acct_desc, sizeof(desc)-1);
+ unistr2_to_ascii(desc, &(&ctr.sam.info1->str[i])->uni_acct_desc, sizeof(desc));
if (opt_long_list_entries)
printf("%-21.21s %s\n", user, desc);
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
DOM_SID sid;
uint32 rid;
- enum SID_NAME_USE type;
+ enum lsa_SidType type;
if (argc == 0) {
d_fprintf(stderr, "usage: %s <username>\n", ctx->whoami);
#define SETSTR(name, rec, flag) \
do { if (strequal(ctx->thiscmd, name)) { \
- init_unistr2(&usr->uni_##rec, argv[0], STR_TERMINATE); \
+ init_unistr2(&usr->uni_##rec, argv[0], UNI_STR_TERMINATE); \
init_uni_hdr(&usr->hdr_##rec, &usr->uni_##rec); \
usr->fields_present |= ACCT_##flag; } \
} while (0);
const char *username;
const char *oldval = "unknown";
uint32 oldflags, newflags;
- BOOL newval;
+ bool newval;
if ((argc > 1) ||
((argc == 1) && !strequal(argv[0], "yes") &&
};
return cmds;
-};
+}
/****************************************************************************/
const char **argv)
{
POLICY_HND connect_pol, domain_pol, group_pol, user_pol;
- BOOL group_is_primary = False;
+ bool group_is_primary = False;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 *group_rids, num_rids, *name_types, num_members,
if (user_ctr->info.id21->group_rid == group_rid) {
unistr2_to_ascii(temp, &(user_ctr->info.id21)->uni_user_name,
- sizeof(temp)-1);
+ sizeof(temp));
if (opt_verbose)
d_printf("Group is primary group of %s\n",temp);
group_is_primary = True;
TALLOC_CTX *mem_ctx,
const char *name,
DOM_SID *sid,
- enum SID_NAME_USE *type)
+ enum lsa_SidType *type)
{
DOM_SID *sids = NULL;
- uint32 *types = NULL;
+ enum lsa_SidType *types = NULL;
struct rpc_pipe_client *pipe_hnd;
POLICY_HND lsa_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
}
result = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &lsa_pol, 1,
- &name, NULL, &sids, &types);
+ &name, NULL, 1, &sids, &types);
if (NT_STATUS_IS_OK(result)) {
sid_copy(sid, &sids[0]);
*type = types[0];
}
- rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol);
+ rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
done:
if (pipe_hnd) {
POLICY_HND alias_pol;
DOM_SID member_sid;
- enum SID_NAME_USE member_type;
+ enum lsa_SidType member_type;
DOM_SID sid;
const char **argv)
{
DOM_SID group_sid;
- enum SID_NAME_USE group_type;
+ enum lsa_SidType group_type;
if (argc != 2) {
d_printf("Usage: 'net rpc group addmem <group> <member>\n");
POLICY_HND alias_pol;
DOM_SID member_sid;
- enum SID_NAME_USE member_type;
+ enum lsa_SidType member_type;
DOM_SID sid;
const char **argv)
{
DOM_SID group_sid;
- enum SID_NAME_USE group_type;
+ enum lsa_SidType group_type;
if (argc != 2) {
d_printf("Usage: 'net rpc group delmem <group> <member>\n");
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 start_idx=0, max_entries=250, num_entries, i, loop_count = 0;
struct acct_info *groups;
- BOOL global = False;
- BOOL local = False;
- BOOL builtin = False;
+ bool global = False;
+ bool local = False;
+ bool builtin = False;
if (argc == 0) {
global = True;
fstring group, desc;
- unistr2_to_ascii(group, &(&ctr.sam.info3->str[i])->uni_grp_name, sizeof(group)-1);
- unistr2_to_ascii(desc, &(&ctr.sam.info3->str[i])->uni_grp_desc, sizeof(desc)-1);
+ unistr2_to_ascii(group, &(&ctr.sam.info3->str[i])->uni_grp_name, sizeof(group));
+ unistr2_to_ascii(desc, &(&ctr.sam.info3->str[i])->uni_grp_desc, sizeof(desc));
if (opt_long_list_entries)
printf("%-21.21s %-50.50s\n",
&ctr))) &&
(NT_STATUS_IS_OK(rpccli_samr_close(pipe_hnd, mem_ctx,
&alias_pol)))) {
- description = unistr2_tdup(mem_ctx,
+ description = unistr2_to_ascii_talloc(mem_ctx,
ctr.alias.info3.description.string);
}
}
&ctr))) &&
(NT_STATUS_IS_OK(rpccli_samr_close(pipe_hnd, mem_ctx,
&alias_pol)))) {
- description = unistr2_tdup(mem_ctx,
+ description = unistr2_to_ascii_talloc(mem_ctx,
ctr.alias.info3.description.string);
}
}
int i;
fstring sid_str;
- sid_to_string(sid_str, domain_sid);
+ sid_to_fstring(sid_str, domain_sid);
result = rpccli_samr_open_group(pipe_hnd, mem_ctx, domain_pol,
MAXIMUM_ALLOWED_ACCESS,
DOM_SID *alias_sids;
char **domains;
char **names;
- uint32 *types;
+ enum lsa_SidType *types;
int i;
result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, domain_pol,
for (i = 0; i < num_members; i++) {
fstring sid_str;
- sid_to_string(sid_str, &alias_sids[i]);
+ sid_to_fstring(sid_str, &alias_sids[i]);
if (opt_long_list_entries) {
printf("%s %s\\%s %d\n", sid_str,
const char **argv)
{
WERROR result;
- char *sharename=talloc_strdup(mem_ctx, argv[0]);
+ char *sharename;
char *path;
uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
uint32 num_users=0, perms=0;
char *password=NULL; /* don't allow a share password */
uint32 level = 2;
+ if ((sharename = talloc_strdup(mem_ctx, argv[0])) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
path = strchr(sharename, '=');
if (!path)
return NT_STATUS_UNSUCCESSFUL;
if (opt_long_list_entries) {
d_printf("%-12s %-8.8s %-50s\n",
- netname, share_type[info1->info_1.type], remark);
+ netname, share_type[info1->info_1.type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)], remark);
} else {
d_printf("%s\n", netname);
}
SRV_SHARE_INFO_1 *info1;
ctr->share.info1 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_1, 1);
+ if (ctr->share.info1 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info1 = ctr->share.info1;
memset(ctr->share.info1, 0, sizeof(SRV_SHARE_INFO_1));
/* Duplicate strings */
- s = unistr2_tdup(mem_ctx, &info.share.info1.info_1_str.uni_netname);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info1.info_1_str.uni_netname);
if (s)
init_unistr2(&info1->info_1_str.uni_netname, s, UNI_STR_TERMINATE);
- s = unistr2_tdup(mem_ctx, &info.share.info1.info_1_str.uni_remark);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info1.info_1_str.uni_remark);
if (s)
init_unistr2(&info1->info_1_str.uni_remark, s, UNI_STR_TERMINATE);
}
SRV_SHARE_INFO_2 *info2;
ctr->share.info2 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_2, 1);
+ if (ctr->share.info2 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info2 = ctr->share.info2;
memset(ctr->share.info2, 0, sizeof(SRV_SHARE_INFO_2));
/* Duplicate strings */
- s = unistr2_tdup(mem_ctx, &info.share.info2.info_2_str.uni_netname);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_netname);
if (s)
init_unistr2(&info2->info_2_str.uni_netname, s, UNI_STR_TERMINATE);
- s = unistr2_tdup(mem_ctx, &info.share.info2.info_2_str.uni_remark);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_remark);
if (s)
init_unistr2(&info2->info_2_str.uni_remark, s, UNI_STR_TERMINATE);
- s = unistr2_tdup(mem_ctx, &info.share.info2.info_2_str.uni_path);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_path);
if (s)
init_unistr2(&info2->info_2_str.uni_path, s, UNI_STR_TERMINATE);
- s = unistr2_tdup(mem_ctx, &info.share.info2.info_2_str.uni_passwd);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info2.info_2_str.uni_passwd);
if (s)
init_unistr2(&info2->info_2_str.uni_passwd, s, UNI_STR_TERMINATE);
}
SRV_SHARE_INFO_502 *info502;
ctr->share.info502 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_502, 1);
+ if (ctr->share.info502 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info502 = ctr->share.info502;
memset(ctr->share.info502, 0, sizeof(SRV_SHARE_INFO_502));
/* Duplicate strings */
- s = unistr2_tdup(mem_ctx, &info.share.info502.info_502_str.uni_netname);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_netname);
if (s)
init_unistr2(&info502->info_502_str.uni_netname, s, UNI_STR_TERMINATE);
- s = unistr2_tdup(mem_ctx, &info.share.info502.info_502_str.uni_remark);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_remark);
if (s)
init_unistr2(&info502->info_502_str.uni_remark, s, UNI_STR_TERMINATE);
- s = unistr2_tdup(mem_ctx, &info.share.info502.info_502_str.uni_path);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_path);
if (s)
init_unistr2(&info502->info_502_str.uni_path, s, UNI_STR_TERMINATE);
- s = unistr2_tdup(mem_ctx, &info.share.info502.info_502_str.uni_passwd);
+ s = unistr2_to_ascii_talloc(mem_ctx, &info.share.info502.info_502_str.uni_passwd);
if (s)
init_unistr2(&info502->info_502_str.uni_passwd, s, UNI_STR_TERMINATE);
return run_rpc_command(NULL, PI_SRVSVC, 0, rpc_share_list_internals, argc, argv);
}
-static BOOL check_share_availability(struct cli_state *cli, const char *netname)
+static bool check_share_availability(struct cli_state *cli, const char *netname)
{
if (!cli_send_tconX(cli, netname, "A:", "", 0)) {
d_printf("skipping [%s]: not a file share.\n", netname);
return True;
}
-static BOOL check_share_sanity(struct cli_state *cli, fstring netname, uint32 type)
+static bool check_share_sanity(struct cli_state *cli, fstring netname, uint32 type)
{
/* only support disk shares */
if (! ( type == STYPE_DISKTREE || type == (STYPE_DISKTREE | STYPE_HIDDEN)) ) {
*
* @return Boolean result
**/
-BOOL sync_files(struct copy_clistate *cp_clistate, pstring mask)
+static bool sync_files(struct copy_clistate *cp_clistate, const char *mask)
{
+ struct cli_state *targetcli;
+ char *targetpath = NULL;
DEBUG(3,("calling cli_list with mask: %s\n", mask));
- if (cli_list(cp_clistate->cli_share_src, mask, cp_clistate->attribute, copy_fn, cp_clistate) == -1) {
- d_fprintf(stderr, "listing %s failed with error: %s\n",
+ if ( !cli_resolve_path(talloc_tos(), "", cp_clistate->cli_share_src,
+ mask, &targetcli, &targetpath ) ) {
+ d_fprintf(stderr, "cli_resolve_path %s failed with error: %s\n",
mask, cli_errstr(cp_clistate->cli_share_src));
return False;
}
+ if (cli_list(targetcli, targetpath, cp_clistate->attribute, copy_fn, cp_clistate) == -1) {
+ d_fprintf(stderr, "listing %s failed with error: %s\n",
+ mask, cli_errstr(targetcli));
+ return False;
+ }
+
return True;
}
* Should set up ACL inheritance.
**/
-BOOL copy_top_level_perms(struct copy_clistate *cp_clistate,
+bool copy_top_level_perms(struct copy_clistate *cp_clistate,
const char *sharename)
{
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
uint32 i;
uint32 level = 502;
struct copy_clistate cp_clistate;
- BOOL got_src_share = False;
- BOOL got_dst_share = False;
- pstring mask = "\\*";
+ bool got_src_share = False;
+ bool got_dst_share = False;
+ const char *mask = "\\*";
char *dst = NULL;
dst = SMB_STRDUP(opt_destination?opt_destination:"127.0.0.1");
/* open share source */
nt_status = connect_to_service(&cp_clistate.cli_share_src,
- &cli->dest_ip, cli->desthost,
+ &cli->dest_ss, cli->desthost,
netname, "A:");
if (!NT_STATUS_IS_OK(nt_status))
goto done;
for (i=0; i<num_server_aliases; i++) {
char **names;
char **domains;
- uint32 *types;
+ enum lsa_SidType *types;
int j;
struct full_alias *alias = &server_aliases[i];
DEBUG(1, ("\n"));
}
- rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol);
+ rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
return NT_STATUS_OK;
}
{
token->num_sids = 4;
- token->user_sids = SMB_MALLOC_ARRAY(DOM_SID, 4);
+ if (!(token->user_sids = SMB_MALLOC_ARRAY(DOM_SID, 4))) {
+ d_fprintf(stderr, "malloc failed\n");
+ token->num_sids = 0;
+ return;
+ }
token->user_sids[0] = *user_sid;
sid_copy(&token->user_sids[1], &global_sid_World);
SAFE_FREE(token->user_sids);
}
-static BOOL is_sid_in_token(NT_USER_TOKEN *token, DOM_SID *sid)
+static bool is_sid_in_token(NT_USER_TOKEN *token, DOM_SID *sid)
{
int i;
d_printf("%s\n", token->name);
for (i=0; i<token->token.num_sids; i++) {
- d_printf(" %s\n", sid_string_static(&token->token.user_sids[i]));
+ d_printf(" %s\n", sid_string_tos(&token->token.user_sids[i]));
}
}
-static BOOL is_alias_member(DOM_SID *sid, struct full_alias *alias)
+static bool is_alias_member(DOM_SID *sid, struct full_alias *alias)
{
int i;
}
}
-static BOOL get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *token)
+static bool get_user_sids(const char *domain, const char *user, NT_USER_TOKEN *token)
{
struct winbindd_request request;
struct winbindd_response response;
* Get a list of all user tokens we want to look at
**/
-static BOOL get_user_tokens(int *num_tokens, struct user_token **user_tokens)
+static bool get_user_tokens(int *num_tokens, struct user_token **user_tokens)
{
struct winbindd_request request;
struct winbindd_response response;
const char *extra_data;
- fstring name;
+ char *name;
int i;
struct user_token *result;
+ TALLOC_CTX *frame = NULL;
if (lp_winbind_use_default_domain() &&
(opt_target_workgroup == NULL)) {
ZERO_STRUCT(request);
ZERO_STRUCT(response);
-
+
if (winbindd_request_response(WINBINDD_LIST_USERS, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
extra_data = (const char *)response.extra_data.data;
*num_tokens = 0;
- while(next_token(&extra_data, name, ",", sizeof(fstring))) {
+ frame = talloc_stackframe();
+ while(next_token_talloc(frame, &extra_data, &name, ",")) {
*num_tokens += 1;
}
if (result == NULL) {
DEBUG(1, ("Could not malloc sid array\n"));
+ TALLOC_FREE(frame);
return False;
}
extra_data = (const char *)response.extra_data.data;
i=0;
- while(next_token(&extra_data, name, ",", sizeof(fstring))) {
-
+ while(next_token_talloc(frame, &extra_data, &name, ",")) {
fstring domain, user;
char *p;
get_user_sids(domain, user, &(result[i].token));
i+=1;
}
-
+ TALLOC_FREE(frame);
SAFE_FREE(response.extra_data.data);
*user_tokens = result;
return True;
}
-static BOOL get_user_tokens_from_file(FILE *f,
+static bool get_user_tokens_from_file(FILE *f,
int *num_tokens,
struct user_token **tokens)
{
const char **argv)
{
int ret;
- BOOL r;
+ bool r;
ENUM_HND hnd;
uint32 i;
FILE *f;
};
return cmds;
-};
+}
/****************************************************************************/
int argc,
const char **argv)
{
- WERROR result;
- result = rpccli_srvsvc_net_file_close(pipe_hnd, mem_ctx, atoi(argv[0]));
- return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+ return rpccli_srvsvc_NetFileClose(pipe_hnd, mem_ctx,
+ pipe_hnd->cli->desthost,
+ atoi(argv[0]), NULL);
}
/**
* @param str3 strings for FILE_INFO_3
**/
-static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3)
+static void display_file_info_3( FILE_INFO_3 *info3 )
{
fstring user = "", path = "";
- rpcstr_pull_unistr2_fstring(user, &str3->uni_user_name);
- rpcstr_pull_unistr2_fstring(path, &str3->uni_path_name);
+ rpcstr_pull_unistr2_fstring(user, info3->user);
+ rpcstr_pull_unistr2_fstring(path, info3->path);
d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
info3->id, user, info3->perms, info3->num_locks, path);
"\nFileId Opened by Perms Locks Path"\
"\n------ --------- ----- ----- ---- \n");
for (i = 0; i < ctr.num_entries; i++)
- display_file_info_3(&ctr.file.info3[i].info_3,
- &ctr.file.info3[i].info_3_str);
+ display_file_info_3(&ctr.file.info3[i]);
done:
return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- result = rpccli_shutdown_abort(pipe_hnd, mem_ctx);
+ result = rpccli_initshutdown_Abort(pipe_hnd, mem_ctx, NULL, NULL);
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown successfully aborted\n");
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- result = werror_to_ntstatus(rpccli_reg_abort_shutdown(pipe_hnd, mem_ctx));
+ result = rpccli_winreg_AbortSystemShutdown(pipe_hnd, mem_ctx, NULL, NULL);
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown successfully aborted\n");
static int rpc_shutdown_abort(int argc, const char **argv)
{
- int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0,
+ int rc = run_rpc_command(NULL, PI_INITSHUTDOWN, 0,
rpc_shutdown_abort_internals,
argc, argv);
* @return Normal NTSTATUS return.
**/
-static NTSTATUS rpc_init_shutdown_internals(const DOM_SID *domain_sid,
+NTSTATUS rpc_init_shutdown_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
+ struct initshutdown_String msg_string;
+ struct initshutdown_String_sub s;
if (opt_comment) {
msg = opt_comment;
timeout = opt_timeout;
}
+ s.name = msg;
+ msg_string.name = &s;
+
/* create an entry */
- result = rpccli_shutdown_init(pipe_hnd, mem_ctx, msg, timeout, opt_reboot,
- opt_force);
+ result = rpccli_initshutdown_Init(pipe_hnd, mem_ctx, NULL,
+ &msg_string, timeout, opt_force, opt_reboot, NULL);
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
* @return Normal NTSTATUS return.
**/
-static NTSTATUS rpc_reg_shutdown_internals(const DOM_SID *domain_sid,
+NTSTATUS rpc_reg_shutdown_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
int argc,
const char **argv)
{
- WERROR result;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
-#if 0
- poptContext pc;
- int rc;
-
- struct poptOption long_options[] = {
- {"message", 'm', POPT_ARG_STRING, &msg},
- {"timeout", 't', POPT_ARG_INT, &timeout},
- {"reboot", 'r', POPT_ARG_NONE, &reboot},
- {"force", 'f', POPT_ARG_NONE, &force},
- { 0, 0, 0, 0}
- };
-
- pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
- POPT_CONTEXT_KEEP_FIRST);
+ struct initshutdown_String msg_string;
+ struct initshutdown_String_sub s;
+ NTSTATUS result;
+ WERROR werr;
- rc = poptGetNextOpt(pc);
-
- if (rc < -1) {
- /* an error occurred during option processing */
- DEBUG(0, ("%s: %s\n",
- poptBadOption(pc, POPT_BADOPTION_NOALIAS),
- poptStrerror(rc)));
- return NT_STATUS_INVALID_PARAMETER;
- }
-#endif
if (opt_comment) {
msg = opt_comment;
}
+ s.name = msg;
+ msg_string.name = &s;
+
if (opt_timeout) {
timeout = opt_timeout;
}
/* create an entry */
- result = rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force);
+ result = rpccli_winreg_InitiateSystemShutdown(pipe_hnd, mem_ctx, NULL,
+ &msg_string, timeout, opt_force, opt_reboot, &werr);
- if (W_ERROR_IS_OK(result)) {
+ if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
} else {
d_fprintf(stderr, "\nShutdown of remote machine failed\n");
- if (W_ERROR_EQUAL(result,WERR_MACHINE_LOCKED))
+ if ( W_ERROR_EQUAL(werr, WERR_MACHINE_LOCKED) )
d_fprintf(stderr, "\nMachine locked, use -f switch to force\n");
else
- d_fprintf(stderr, "\nresult was: %s\n", dos_errstr(result));
+ d_fprintf(stderr, "\nresult was: %s\n", dos_errstr(werr));
}
- return werror_to_ntstatus(result);
+ return result;
}
/**
static int rpc_shutdown(int argc, const char **argv)
{
- int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0,
+ int rc = run_rpc_command(NULL, PI_INITSHUTDOWN, 0,
rpc_init_shutdown_internals,
argc, argv);
strupper_m(acct_name);
- names = TALLOC_ARRAY(mem_ctx, const char *, 1);
+ if ((names = TALLOC_ARRAY(mem_ctx, const char *, 1)) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
names[0] = acct_name;
static int rpc_trustdom_establish(int argc, const char **argv)
{
struct cli_state *cli = NULL;
- struct in_addr server_ip;
+ struct sockaddr_storage server_ss;
struct rpc_pipe_client *pipe_hnd = NULL;
POLICY_HND connect_hnd;
TALLOC_CTX *mem_ctx;
NTSTATUS nt_status;
DOM_SID *domain_sid;
-
+
char* domain_name;
char* domain_name_pol;
char* acct_name;
fstring pdc_name;
+ char *dc_name;
/*
* Connect to \\server\ipc$ as 'our domain' account with password
/* account name used at first is our domain's name with '$' */
asprintf(&acct_name, "%s$", lp_workgroup());
strupper_m(acct_name);
-
+
/*
* opt_workgroup will be used by connection functions further,
* hence it should be set to remote domain name instead of ours
if (opt_workgroup) {
opt_workgroup = smb_xstrdup(domain_name);
};
-
+
opt_user_name = acct_name;
/* find the domain controller */
- if (!net_find_pdc(&server_ip, pdc_name, domain_name)) {
+ if (!net_find_pdc(&server_ss, pdc_name, domain_name)) {
DEBUG(0, ("Couldn't find domain controller for domain %s\n", domain_name));
return -1;
}
/* connect to ipc$ as username/password */
- nt_status = connect_to_ipc(&cli, &server_ip, pdc_name);
+ nt_status = connect_to_ipc(&cli, &server_ss, pdc_name);
if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
/* Is it trusting domain account for sure ? */
/* store who we connected to */
saf_store( domain_name, pdc_name );
-
+
/*
* Connect to \\server\ipc$ again (this time anonymously)
*/
-
- nt_status = connect_to_ipc_anonymous(&cli, &server_ip, (char*)pdc_name);
-
+
+ nt_status = connect_to_ipc_anonymous(&cli, &server_ss, (char*)pdc_name);
+
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't connect to domain %s controller. Error was %s.\n",
domain_name, nt_errstr(nt_status)));
+ return -1;
}
/*
* Use NetServerEnum2 to make sure we're talking to a proper server
*/
-
- if (!cli_get_pdc_name(cli, domain_name, (char*)pdc_name)) {
+
+ if (!cli_get_pdc_name(cli, domain_name, &dc_name)) {
DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\
for domain %s\n", domain_name));
+ cli_shutdown(cli);
+ return -1;
}
+ SAFE_FREE(dc_name);
if (!(mem_ctx = talloc_init("establishing trust relationship to "
"domain %s", domain_name))) {
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) ));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
* Store the password in secrets db
*/
- if (!secrets_store_trusted_domain_password(domain_name,
- opt_password,
- domain_sid)) {
+ if (!pdb_set_trusteddom_pw(domain_name, opt_password, domain_sid)) {
DEBUG(0, ("Storing password for trusted domain failed.\n"));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
* Close the pipes and clean up
*/
- nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
static int rpc_trustdom_revoke(int argc, const char **argv)
{
char* domain_name;
+ int rc = -1;
if (argc < 1) return -1;
strupper_m(domain_name);
/* delete password of the trust */
- if (!trusted_domain_password_delete(domain_name)) {
+ if (!pdb_del_trusteddom_pw(domain_name)) {
DEBUG(0, ("Failed to revoke relationship to the trusted domain %s\n",
domain_name));
- return -1;
+ goto done;
};
- return 0;
+ rc = 0;
+done:
+ SAFE_FREE(domain_name);
+ return rc;
}
/**
const char **argv)
{
fstring str_sid;
- sid_to_string(str_sid, domain_sid);
+ sid_to_fstring(str_sid, domain_sid);
d_printf("%s\n", str_sid);
return NT_STATUS_OK;
}
int pad_len, col_len = 20;
/* convert sid into ascii string */
- sid_to_string(ascii_sid, dom_sid);
+ sid_to_fstring(ascii_sid, dom_sid);
/* calculate padding space for d_printf to look nicer */
pad_len = col_len - strlen(trusted_dom_name);
goto done;
}
- if (!secrets_store_trusted_domain_password(trusted_dom_name,
- cleartextpwd,
- &dom_sid)) {
+ if (!pdb_set_trusteddom_pw(trusted_dom_name, cleartextpwd, &dom_sid)) {
DEBUG(0, ("Storing password for trusted domain failed.\n"));
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
#ifdef DEBUG_PASSWORD
- DEBUG(100,("sucessfully vampired trusted domain [%s], sid: [%s], password: [%s]\n",
- trusted_dom_name, sid_string_static(&dom_sid), cleartextpwd));
+ DEBUG(100,("sucessfully vampired trusted domain [%s], sid: [%s], "
+ "password: [%s]\n", trusted_dom_name,
+ sid_string_dbg(&dom_sid), cleartextpwd));
#endif
done:
};
/* open \PIPE\lsarpc and open policy handle */
- if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) {
- DEBUG(0, ("Couldn't connect to domain controller\n"));
+ nt_status = net_make_ipc_connection(NET_FLAGS_PDC, &cli);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Couldn't connect to domain controller: %s\n",
+ nt_errstr(nt_status)));
+ talloc_destroy(mem_ctx);
return -1;
};
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
nt_errstr(nt_status) ));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
domain_sids[i], trusted_dom_names[i]);
if (!NT_STATUS_IS_OK(nt_status)) {
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
};
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close this connection before doing next one */
- nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
};
/* open \PIPE\lsarpc and open policy handle */
- if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) {
- DEBUG(0, ("Couldn't connect to domain controller\n"));
+ nt_status = net_make_ipc_connection(NET_FLAGS_PDC, &cli);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Couldn't connect to domain controller: %s\n",
+ nt_errstr(nt_status)));
+ talloc_destroy(mem_ctx);
return -1;
};
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
nt_errstr(nt_status) ));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close this connection before doing next one */
- nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open domain object. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
d_printf("%s%s", trusting_dom_names[i], padding);
/* connect to remote domain controller */
- remote_cli = net_make_ipc_connection(NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS);
- if (remote_cli) {
+ nt_status = net_make_ipc_connection(
+ NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS,
+ &remote_cli);
+ if (NT_STATUS_IS_OK(nt_status)) {
/* query for domain's sid */
if (run_rpc_command(remote_cli, PI_LSARPC, 0, rpc_query_domain_sid, argc, argv))
d_fprintf(stderr, "couldn't get domain's sid\n");
cli_shutdown(remote_cli);
} else {
- d_fprintf(stderr, "domain controller is not responding\n");
+ d_fprintf(stderr, "domain controller is not "
+ "responding: %s\n",
+ nt_errstr(nt_status));
};
};
* Check if a server will take rpc commands
* @param flags Type of server to connect to (PDC, DMB, localhost)
* if the host is not explicitly specified
- * @return BOOL (true means rpc supported)
+ * @return bool (true means rpc supported)
*/
-BOOL net_rpc_check(unsigned flags)
+bool net_rpc_check(unsigned flags)
{
- struct cli_state cli;
- BOOL ret = False;
- struct in_addr server_ip;
+ struct cli_state *cli;
+ bool ret = False;
+ struct sockaddr_storage server_ss;
char *server_name = NULL;
+ NTSTATUS status;
/* flags (i.e. server type) may depend on command */
- if (!net_find_server(flags, &server_ip, &server_name))
+ if (!net_find_server(NULL, flags, &server_ss, &server_name))
return False;
- ZERO_STRUCT(cli);
- if (cli_initialise(&cli) == False)
+ if ((cli = cli_initialise()) == NULL) {
return False;
+ }
- if (!cli_connect(&cli, server_name, &server_ip))
+ status = cli_connect(cli, server_name, &server_ss);
+ if (!NT_STATUS_IS_OK(status))
goto done;
- if (!attempt_netbios_session_request(&cli, global_myname(),
- server_name, &server_ip))
+ if (!attempt_netbios_session_request(&cli, global_myname(),
+ server_name, &server_ss))
goto done;
- if (!cli_negprot(&cli))
+ if (!cli_negprot(cli))
goto done;
- if (cli.protocol < PROTOCOL_NT1)
+ if (cli->protocol < PROTOCOL_NT1)
goto done;
ret = True;
done:
- cli_shutdown(&cli);
+ cli_shutdown(cli);
return ret;
}
{
d_printf(" net rpc info \t\t\tshow basic info about a domain \n");
d_printf(" net rpc join \t\t\tto join a domain \n");
- d_printf(" net rpc oldjoin \t\t\tto join a domain created in server manager\n");
+ d_printf(" net rpc oldjoin \t\tto join a domain created in server manager\n");
d_printf(" net rpc testjoin \t\ttests that a join is valid\n");
d_printf(" net rpc user \t\t\tto add, delete and list users\n");
d_printf(" net rpc password <username> [<password>] -Uadmin_username%%admin_pass\n");
d_printf(" net rpc changetrustpw \tto change the trust account password\n");
d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n");
d_printf(" net rpc vampire \t\tsyncronise an NT PDC's users and groups into the local passdb\n");
- d_printf(" net rpc samdump \t\tdiplay an NT PDC's users, groups and other data\n");
+ d_printf(" net rpc samdump \t\tdisplay an NT PDC's users, groups and other data\n");
d_printf(" net rpc trustdom \t\tto create trusting domain's account or establish trust\n");
d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n");
d_printf(" net rpc shutdown \t\tto shutdown a remote server\n");
d_printf(" net rpc rights\t\tto manage privileges assigned to SIDs\n");
d_printf(" net rpc registry\t\tto manage registry hives\n");
d_printf(" net rpc service\t\tto start, stop and query services\n");
+ d_printf(" net rpc audit\t\t\tto modify global auditing settings\n");
+ d_printf(" net rpc shell\t\t\tto open an interactive shell for remote server/account management\n");
d_printf("\n");
d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */
d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n");