2 Unix SMB/CIFS implementation.
4 Copyright (C) Stefan Metzmacher 2006
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
22 #include "libnet/libnet.h"
23 #include "libcli/composite/composite.h"
24 #include "libcli/cldap/cldap.h"
25 #include "lib/ldb/include/ldb.h"
26 #include "lib/ldb/include/ldb_errors.h"
27 #include "lib/db_wrap.h"
28 #include "dsdb/samdb/samdb.h"
29 #include "dsdb/common/flags.h"
30 #include "librpc/gen_ndr/ndr_drsuapi_c.h"
31 #include "libcli/security/security.h"
33 struct libnet_BecomeDC_state {
34 struct composite_context *creq;
36 struct libnet_context *libnet;
38 struct dom_sid zero_sid;
41 struct cldap_socket *sock;
42 struct cldap_netlogon io;
43 struct nbt_cldap_netlogon_5 netlogon5;
46 struct becomeDC_ldap {
47 struct ldb_context *ldb;
48 const struct ldb_message *rootdse;
51 struct becomeDC_drsuapi {
52 struct libnet_BecomeDC_state *s;
53 struct dcerpc_binding *binding;
54 struct dcerpc_pipe *pipe;
55 struct drsuapi_DsBind bind_r;
56 struct GUID bind_guid;
57 struct drsuapi_DsBindInfoCtr bind_info_ctr;
58 struct drsuapi_DsBindInfo28 local_info28;
59 struct drsuapi_DsBindInfo28 remote_info28;
60 struct policy_handle bind_handle;
61 } drsuapi1, drsuapi2, drsuapi3;
66 const char *netbios_name;
67 const struct dom_sid *sid;
77 const char *root_dn_str;
78 const char *config_dn_str;
79 const char *schema_dn_str;
88 const char *netbios_name;
89 const char *site_name;
90 const char *server_dn_str;
91 const char *ntds_dn_str;
96 const char *netbios_name;
100 const char *site_name;
101 struct GUID site_guid;
102 const char *computer_dn_str;
103 const char *server_dn_str;
104 const char *ntds_dn_str;
105 struct GUID ntds_guid;
106 struct GUID invocation_id;
107 uint32_t user_account_control;
111 uint32_t domain_behavior_version;
112 uint32_t config_behavior_version;
113 uint32_t schema_object_version;
114 uint32_t w2k3_update_revision;
117 struct becomeDC_fsmo {
118 const char *dns_name;
119 const char *server_dn_str;
120 const char *ntds_dn_str;
121 struct GUID ntds_guid;
122 } infrastructure_fsmo;
124 struct becomeDC_fsmo rid_manager_fsmo;
127 static void becomeDC_connect_ldap1(struct libnet_BecomeDC_state *s);
129 static void becomeDC_recv_cldap(struct cldap_request *req)
131 struct libnet_BecomeDC_state *s = talloc_get_type(req->async.private,
132 struct libnet_BecomeDC_state);
133 struct composite_context *c = s->creq;
135 c->status = cldap_netlogon_recv(req, s, &s->cldap.io);
136 if (!composite_is_ok(c)) return;
138 s->cldap.netlogon5 = s->cldap.io.out.netlogon.logon5;
140 s->domain.dns_name = s->cldap.netlogon5.dns_domain;
141 s->domain.netbios_name = s->cldap.netlogon5.domain;
142 s->domain.guid = s->cldap.netlogon5.domain_uuid;
144 s->forest.dns_name = s->cldap.netlogon5.forest;
146 s->source_dsa.dns_name = s->cldap.netlogon5.pdc_dns_name;
147 s->source_dsa.netbios_name = s->cldap.netlogon5.pdc_name;
148 s->source_dsa.site_name = s->cldap.netlogon5.server_site;
150 s->dest_dsa.site_name = s->cldap.netlogon5.client_site;
152 becomeDC_connect_ldap1(s);
155 static void becomeDC_send_cldap(struct libnet_BecomeDC_state *s)
157 struct composite_context *c = s->creq;
158 struct cldap_request *req;
160 s->cldap.io.in.dest_address = s->source_dsa.address;
161 s->cldap.io.in.realm = s->domain.dns_name;
162 s->cldap.io.in.host = s->dest_dsa.netbios_name;
163 s->cldap.io.in.user = NULL;
164 s->cldap.io.in.domain_guid = NULL;
165 s->cldap.io.in.domain_sid = NULL;
166 s->cldap.io.in.acct_control = -1;
167 s->cldap.io.in.version = 6;
169 s->cldap.sock = cldap_socket_init(s, s->libnet->event_ctx);
170 if (composite_nomem(s->cldap.sock, c)) return;
172 req = cldap_netlogon_send(s->cldap.sock, &s->cldap.io);
173 if (composite_nomem(req, c)) return;
174 req->async.fn = becomeDC_recv_cldap;
175 req->async.private = s;
178 static NTSTATUS becomeDC_ldap_connect(struct libnet_BecomeDC_state *s, struct becomeDC_ldap *ldap)
182 url = talloc_asprintf(s, "ldap://%s/", s->source_dsa.dns_name);
183 NT_STATUS_HAVE_NO_MEMORY(url);
185 ldap->ldb = ldb_wrap_connect(s, url,
190 if (ldap->ldb == NULL) {
191 return NT_STATUS_UNEXPECTED_NETWORK_ERROR;
197 static NTSTATUS becomeDC_ldap1_rootdse(struct libnet_BecomeDC_state *s)
200 struct ldb_result *r;
201 struct ldb_dn *basedn;
202 static const char *attrs[] = {
207 basedn = ldb_dn_new(s, s->ldap1.ldb, NULL);
208 NT_STATUS_HAVE_NO_MEMORY(basedn);
210 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
211 "(objectClass=*)", attrs, &r);
213 if (ret != LDB_SUCCESS) {
214 return NT_STATUS_LDAP(ret);
215 } else if (r->count != 1) {
217 return NT_STATUS_INVALID_NETWORK_RESPONSE;
221 s->ldap1.rootdse = r->msgs[0];
223 s->domain.dn_str = ldb_msg_find_attr_as_string(s->ldap1.rootdse, "defaultNamingContext", NULL);
224 if (!s->domain.dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
226 s->forest.root_dn_str = ldb_msg_find_attr_as_string(s->ldap1.rootdse, "rootDomainNamingContext", NULL);
227 if (!s->forest.root_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
228 s->forest.config_dn_str = ldb_msg_find_attr_as_string(s->ldap1.rootdse, "configurationNamingContext", NULL);
229 if (!s->forest.config_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
230 s->forest.schema_dn_str = ldb_msg_find_attr_as_string(s->ldap1.rootdse, "schemaNamingContext", NULL);
231 if (!s->forest.schema_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
233 s->source_dsa.server_dn_str = ldb_msg_find_attr_as_string(s->ldap1.rootdse, "serverName", NULL);
234 if (!s->source_dsa.server_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
235 s->source_dsa.ntds_dn_str = ldb_msg_find_attr_as_string(s->ldap1.rootdse, "dsServiceName", NULL);
236 if (!s->source_dsa.ntds_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
241 static NTSTATUS becomeDC_ldap1_config_behavior_version(struct libnet_BecomeDC_state *s)
244 struct ldb_result *r;
245 struct ldb_dn *basedn;
246 static const char *attrs[] = {
247 "msDs-Behavior-Version",
251 basedn = ldb_dn_new(s, s->ldap1.ldb, s->forest.config_dn_str);
252 NT_STATUS_HAVE_NO_MEMORY(basedn);
254 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_ONELEVEL,
255 "(cn=Partitions)", attrs, &r);
257 if (ret != LDB_SUCCESS) {
258 return NT_STATUS_LDAP(ret);
259 } else if (r->count != 1) {
261 return NT_STATUS_INVALID_NETWORK_RESPONSE;
264 s->ads_options.config_behavior_version = ldb_msg_find_attr_as_uint(r->msgs[0], "msDs-Behavior-Version", 0);
270 static NTSTATUS becomeDC_ldap1_domain_behavior_version(struct libnet_BecomeDC_state *s)
273 struct ldb_result *r;
274 struct ldb_dn *basedn;
275 static const char *attrs[] = {
276 "msDs-Behavior-Version",
280 basedn = ldb_dn_new(s, s->ldap1.ldb, s->domain.dn_str);
281 NT_STATUS_HAVE_NO_MEMORY(basedn);
283 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
284 "(objectClass=*)", attrs, &r);
286 if (ret != LDB_SUCCESS) {
287 return NT_STATUS_LDAP(ret);
288 } else if (r->count != 1) {
290 return NT_STATUS_INVALID_NETWORK_RESPONSE;
293 s->ads_options.domain_behavior_version = ldb_msg_find_attr_as_uint(r->msgs[0], "msDs-Behavior-Version", 0);
299 static NTSTATUS becomeDC_ldap1_schema_object_version(struct libnet_BecomeDC_state *s)
302 struct ldb_result *r;
303 struct ldb_dn *basedn;
304 static const char *attrs[] = {
309 basedn = ldb_dn_new(s, s->ldap1.ldb, s->forest.schema_dn_str);
310 NT_STATUS_HAVE_NO_MEMORY(basedn);
312 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
313 "(objectClass=*)", attrs, &r);
315 if (ret != LDB_SUCCESS) {
316 return NT_STATUS_LDAP(ret);
317 } else if (r->count != 1) {
319 return NT_STATUS_INVALID_NETWORK_RESPONSE;
322 s->ads_options.schema_object_version = ldb_msg_find_attr_as_uint(r->msgs[0], "objectVersion", 0);
328 static NTSTATUS becomeDC_ldap1_w2k3_update_revision(struct libnet_BecomeDC_state *s)
331 struct ldb_result *r;
332 struct ldb_dn *basedn;
333 static const char *attrs[] = {
338 basedn = ldb_dn_new_fmt(s, s->ldap1.ldb, "CN=Windows2003Update,CN=DomainUpdates,CN=System,%s",
340 NT_STATUS_HAVE_NO_MEMORY(basedn);
342 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
343 "(objectClass=*)", attrs, &r);
345 if (ret != LDB_SUCCESS) {
346 return NT_STATUS_LDAP(ret);
347 } else if (r->count != 1) {
349 return NT_STATUS_INVALID_NETWORK_RESPONSE;
352 s->ads_options.w2k3_update_revision = ldb_msg_find_attr_as_uint(r->msgs[0], "revision", 0);
358 static NTSTATUS becomeDC_ldap1_infrastructure_fsmo(struct libnet_BecomeDC_state *s)
361 struct ldb_result *r;
362 struct ldb_dn *basedn;
363 struct ldb_dn *ntds_dn;
364 struct ldb_dn *server_dn;
365 static const char *_1_1_attrs[] = {
369 static const char *fsmo_attrs[] = {
373 static const char *dns_attrs[] = {
377 static const char *guid_attrs[] = {
382 basedn = ldb_dn_new_fmt(s, s->ldap1.ldb, "<WKGUID=2fbac1870ade11d297c400c04fd8d5cd,%s>",
384 NT_STATUS_HAVE_NO_MEMORY(basedn);
386 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
387 "(objectClass=*)", _1_1_attrs, &r);
389 if (ret != LDB_SUCCESS) {
390 return NT_STATUS_LDAP(ret);
391 } else if (r->count != 1) {
393 return NT_STATUS_INVALID_NETWORK_RESPONSE;
396 basedn = talloc_steal(s, r->msgs[0]->dn);
399 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
400 "(objectClass=*)", fsmo_attrs, &r);
402 if (ret != LDB_SUCCESS) {
403 return NT_STATUS_LDAP(ret);
404 } else if (r->count != 1) {
406 return NT_STATUS_INVALID_NETWORK_RESPONSE;
409 s->infrastructure_fsmo.ntds_dn_str = samdb_result_string(r->msgs[0], "fSMORoleOwner", NULL);
410 if (!s->infrastructure_fsmo.ntds_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
411 talloc_steal(s, s->infrastructure_fsmo.ntds_dn_str);
415 ntds_dn = ldb_dn_new(s, s->ldap1.ldb, s->infrastructure_fsmo.ntds_dn_str);
416 NT_STATUS_HAVE_NO_MEMORY(ntds_dn);
418 server_dn = ldb_dn_get_parent(s, ntds_dn);
419 NT_STATUS_HAVE_NO_MEMORY(server_dn);
421 s->infrastructure_fsmo.server_dn_str = ldb_dn_alloc_linearized(s, server_dn);
422 NT_STATUS_HAVE_NO_MEMORY(s->infrastructure_fsmo.server_dn_str);
424 ret = ldb_search(s->ldap1.ldb, server_dn, LDB_SCOPE_BASE,
425 "(objectClass=*)", dns_attrs, &r);
426 if (ret != LDB_SUCCESS) {
427 return NT_STATUS_LDAP(ret);
428 } else if (r->count != 1) {
430 return NT_STATUS_INVALID_NETWORK_RESPONSE;
433 s->infrastructure_fsmo.dns_name = samdb_result_string(r->msgs[0], "dnsHostName", NULL);
434 if (!s->infrastructure_fsmo.dns_name) return NT_STATUS_INVALID_NETWORK_RESPONSE;
435 talloc_steal(s, s->infrastructure_fsmo.dns_name);
439 ret = ldb_search(s->ldap1.ldb, ntds_dn, LDB_SCOPE_BASE,
440 "(objectClass=*)", guid_attrs, &r);
441 if (ret != LDB_SUCCESS) {
442 return NT_STATUS_LDAP(ret);
443 } else if (r->count != 1) {
445 return NT_STATUS_INVALID_NETWORK_RESPONSE;
448 s->infrastructure_fsmo.ntds_guid = samdb_result_guid(r->msgs[0], "objectGUID");
455 static NTSTATUS becomeDC_ldap1_rid_manager_fsmo(struct libnet_BecomeDC_state *s)
458 struct ldb_result *r;
459 struct ldb_dn *basedn;
460 const char *reference_dn_str;
461 struct ldb_dn *ntds_dn;
462 struct ldb_dn *server_dn;
463 static const char *rid_attrs[] = {
464 "rIDManagerReference",
467 static const char *fsmo_attrs[] = {
471 static const char *dns_attrs[] = {
475 static const char *guid_attrs[] = {
480 basedn = ldb_dn_new(s, s->ldap1.ldb, s->domain.dn_str);
481 NT_STATUS_HAVE_NO_MEMORY(basedn);
483 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
484 "(objectClass=*)", rid_attrs, &r);
486 if (ret != LDB_SUCCESS) {
487 return NT_STATUS_LDAP(ret);
488 } else if (r->count != 1) {
490 return NT_STATUS_INVALID_NETWORK_RESPONSE;
493 reference_dn_str = samdb_result_string(r->msgs[0], "rIDManagerReference", NULL);
494 if (!reference_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
496 basedn = ldb_dn_new(s, s->ldap1.ldb, reference_dn_str);
497 NT_STATUS_HAVE_NO_MEMORY(basedn);
501 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
502 "(objectClass=*)", fsmo_attrs, &r);
504 if (ret != LDB_SUCCESS) {
505 return NT_STATUS_LDAP(ret);
506 } else if (r->count != 1) {
508 return NT_STATUS_INVALID_NETWORK_RESPONSE;
511 s->rid_manager_fsmo.ntds_dn_str = samdb_result_string(r->msgs[0], "fSMORoleOwner", NULL);
512 if (!s->rid_manager_fsmo.ntds_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
513 talloc_steal(s, s->rid_manager_fsmo.ntds_dn_str);
517 ntds_dn = ldb_dn_new(s, s->ldap1.ldb, s->rid_manager_fsmo.ntds_dn_str);
518 NT_STATUS_HAVE_NO_MEMORY(ntds_dn);
520 server_dn = ldb_dn_get_parent(s, ntds_dn);
521 NT_STATUS_HAVE_NO_MEMORY(server_dn);
523 s->rid_manager_fsmo.server_dn_str = ldb_dn_alloc_linearized(s, server_dn);
524 NT_STATUS_HAVE_NO_MEMORY(s->rid_manager_fsmo.server_dn_str);
526 ret = ldb_search(s->ldap1.ldb, server_dn, LDB_SCOPE_BASE,
527 "(objectClass=*)", dns_attrs, &r);
528 if (ret != LDB_SUCCESS) {
529 return NT_STATUS_LDAP(ret);
530 } else if (r->count != 1) {
532 return NT_STATUS_INVALID_NETWORK_RESPONSE;
535 s->rid_manager_fsmo.dns_name = samdb_result_string(r->msgs[0], "dnsHostName", NULL);
536 if (!s->rid_manager_fsmo.dns_name) return NT_STATUS_INVALID_NETWORK_RESPONSE;
537 talloc_steal(s, s->rid_manager_fsmo.dns_name);
541 ret = ldb_search(s->ldap1.ldb, ntds_dn, LDB_SCOPE_BASE,
542 "(objectClass=*)", guid_attrs, &r);
543 if (ret != LDB_SUCCESS) {
544 return NT_STATUS_LDAP(ret);
545 } else if (r->count != 1) {
547 return NT_STATUS_INVALID_NETWORK_RESPONSE;
550 s->rid_manager_fsmo.ntds_guid = samdb_result_guid(r->msgs[0], "objectGUID");
557 static NTSTATUS becomeDC_ldap1_site_object(struct libnet_BecomeDC_state *s)
560 struct ldb_result *r;
561 struct ldb_dn *basedn;
563 basedn = ldb_dn_new_fmt(s, s->ldap1.ldb, "CN=%s,CN=Sites,%s",
564 s->dest_dsa.site_name,
565 s->forest.config_dn_str);
566 NT_STATUS_HAVE_NO_MEMORY(basedn);
568 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
569 "(objectClass=*)", NULL, &r);
571 if (ret != LDB_SUCCESS) {
572 return NT_STATUS_LDAP(ret);
573 } else if (r->count != 1) {
575 return NT_STATUS_INVALID_NETWORK_RESPONSE;
578 s->dest_dsa.site_guid = samdb_result_guid(r->msgs[0], "objectGUID");
584 static NTSTATUS becomeDC_ldap1_computer_object(struct libnet_BecomeDC_state *s)
587 struct ldb_result *r;
588 struct ldb_dn *basedn;
590 static const char *attrs[] = {
592 "userAccountControl",
596 basedn = ldb_dn_new(s, s->ldap1.ldb, s->domain.dn_str);
597 NT_STATUS_HAVE_NO_MEMORY(basedn);
599 filter = talloc_asprintf(basedn, "(&(|(objectClass=user)(objectClass=computer))(sAMAccountName=%s$))",
600 s->dest_dsa.netbios_name);
601 NT_STATUS_HAVE_NO_MEMORY(filter);
603 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_SUBTREE,
606 if (ret != LDB_SUCCESS) {
607 return NT_STATUS_LDAP(ret);
608 } else if (r->count != 1) {
610 return NT_STATUS_INVALID_NETWORK_RESPONSE;
613 s->dest_dsa.computer_dn_str = samdb_result_string(r->msgs[0], "distinguishedName", NULL);
614 if (!s->dest_dsa.computer_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
615 talloc_steal(s, s->dest_dsa.computer_dn_str);
617 s->dest_dsa.user_account_control = samdb_result_uint(r->msgs[0], "userAccountControl", 0);
623 static NTSTATUS becomeDC_ldap1_server_object_1(struct libnet_BecomeDC_state *s)
626 struct ldb_result *r;
627 struct ldb_dn *basedn;
628 const char *server_reference_dn_str;
629 struct ldb_dn *server_reference_dn;
630 struct ldb_dn *computer_dn;
632 basedn = ldb_dn_new_fmt(s, s->ldap1.ldb, "CN=%s,CN=Servers,CN=%s,CN=Sites,%s",
633 s->dest_dsa.netbios_name,
634 s->dest_dsa.site_name,
635 s->forest.config_dn_str);
636 NT_STATUS_HAVE_NO_MEMORY(basedn);
638 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
639 "(objectClass=*)", NULL, &r);
641 if (ret == LDB_ERR_NO_SUCH_OBJECT) {
642 /* if the object doesn't exist, we'll create it later */
644 } else if (ret != LDB_SUCCESS) {
645 return NT_STATUS_LDAP(ret);
646 } else if (r->count != 1) {
648 return NT_STATUS_INVALID_NETWORK_RESPONSE;
651 server_reference_dn_str = samdb_result_string(r->msgs[0], "serverReference", NULL);
652 if (server_reference_dn_str) {
653 server_reference_dn = ldb_dn_new(r, s->ldap1.ldb, server_reference_dn_str);
654 NT_STATUS_HAVE_NO_MEMORY(server_reference_dn);
656 computer_dn = ldb_dn_new(r, s->ldap1.ldb, s->dest_dsa.computer_dn_str);
657 NT_STATUS_HAVE_NO_MEMORY(computer_dn);
660 * if the server object belongs to another DC in another domain in the forest,
661 * we should not touch this object!
663 if (ldb_dn_compare(computer_dn, server_reference_dn) != 0) {
665 return NT_STATUS_OBJECT_NAME_COLLISION;
669 /* if the server object is already for the dest_dsa, then we don't need to create it */
670 s->dest_dsa.server_dn_str = samdb_result_string(r->msgs[0], "distinguishedName", NULL);
671 if (!s->dest_dsa.server_dn_str) return NT_STATUS_INVALID_NETWORK_RESPONSE;
672 talloc_steal(s, s->dest_dsa.server_dn_str);
678 static NTSTATUS becomeDC_ldap1_server_object_2(struct libnet_BecomeDC_state *s)
681 struct ldb_result *r;
682 struct ldb_dn *basedn;
683 const char *server_reference_bl_dn_str;
684 static const char *attrs[] = {
689 /* if the server_dn_str has a valid value, we skip this lookup */
690 if (s->dest_dsa.server_dn_str) return NT_STATUS_OK;
692 basedn = ldb_dn_new(s, s->ldap1.ldb, s->dest_dsa.computer_dn_str);
693 NT_STATUS_HAVE_NO_MEMORY(basedn);
695 ret = ldb_search(s->ldap1.ldb, basedn, LDB_SCOPE_BASE,
696 "(objectClass=*)", attrs, &r);
698 if (ret != LDB_SUCCESS) {
699 return NT_STATUS_LDAP(ret);
700 } else if (r->count != 1) {
702 return NT_STATUS_INVALID_NETWORK_RESPONSE;
705 server_reference_bl_dn_str = samdb_result_string(r->msgs[0], "serverReferenceBL", NULL);
706 if (!server_reference_bl_dn_str) {
707 /* if no back link is present, we're done for this function */
712 /* if the server object is already for the dest_dsa, then we don't need to create it */
713 s->dest_dsa.server_dn_str = samdb_result_string(r->msgs[0], "serverReferenceBL", NULL);
714 if (s->dest_dsa.server_dn_str) {
715 /* if a back link is present, we know that the server object is present */
716 talloc_steal(s, s->dest_dsa.server_dn_str);
723 static NTSTATUS becomeDC_ldap1_server_object_add(struct libnet_BecomeDC_state *s)
726 struct ldb_message *msg;
729 /* if the server_dn_str has a valid value, we skip this lookup */
730 if (s->dest_dsa.server_dn_str) return NT_STATUS_OK;
732 msg = ldb_msg_new(s);
733 NT_STATUS_HAVE_NO_MEMORY(msg);
735 msg->dn = ldb_dn_new_fmt(msg, s->ldap1.ldb, "CN=%s,CN=Servers,CN=%s,CN=Sites,%s",
736 s->dest_dsa.netbios_name,
737 s->dest_dsa.site_name,
738 s->forest.config_dn_str);
739 NT_STATUS_HAVE_NO_MEMORY(msg->dn);
741 ret = ldb_msg_add_string(msg, "objectClass", "server");
744 return NT_STATUS_NO_MEMORY;
746 ret = ldb_msg_add_string(msg, "systemFlags", "50000000");
749 return NT_STATUS_NO_MEMORY;
751 ret = ldb_msg_add_string(msg, "serverReference", s->dest_dsa.computer_dn_str);
754 return NT_STATUS_NO_MEMORY;
757 server_dn_str = ldb_dn_alloc_linearized(s, msg->dn);
758 NT_STATUS_HAVE_NO_MEMORY(server_dn_str);
760 ret = ldb_add(s->ldap1.ldb, msg);
762 if (ret != LDB_SUCCESS) {
763 talloc_free(server_dn_str);
764 return NT_STATUS_LDAP(ret);
767 s->dest_dsa.server_dn_str = server_dn_str;
772 static NTSTATUS becomeDC_ldap1_server_object_modify(struct libnet_BecomeDC_state *s)
775 struct ldb_message *msg;
778 /* make a 'modify' msg, and only for serverReference */
779 msg = ldb_msg_new(s);
780 NT_STATUS_HAVE_NO_MEMORY(msg);
781 msg->dn = ldb_dn_new(msg, s->ldap1.ldb, s->dest_dsa.server_dn_str);
782 NT_STATUS_HAVE_NO_MEMORY(msg->dn);
784 ret = ldb_msg_add_string(msg, "serverReference", s->dest_dsa.computer_dn_str);
787 return NT_STATUS_NO_MEMORY;
790 /* mark all the message elements (should be just one)
791 as LDB_FLAG_MOD_ADD */
792 for (i=0;i<msg->num_elements;i++) {
793 msg->elements[i].flags = LDB_FLAG_MOD_ADD;
796 ret = ldb_modify(s->ldap1.ldb, msg);
797 if (ret == LDB_SUCCESS) {
800 } else if (ret == LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
801 /* retry with LDB_FLAG_MOD_REPLACE */
804 return NT_STATUS_LDAP(ret);
807 /* mark all the message elements (should be just one)
808 as LDB_FLAG_MOD_REPLACE */
809 for (i=0;i<msg->num_elements;i++) {
810 msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
813 ret = ldb_modify(s->ldap1.ldb, msg);
815 if (ret != LDB_SUCCESS) {
816 return NT_STATUS_LDAP(ret);
822 static void becomeDC_drsuapi_connect_send(struct libnet_BecomeDC_state *s,
823 struct becomeDC_drsuapi *drsuapi,
824 void (*recv_fn)(struct composite_context *req));
825 static void becomeDC_drsuapi1_connect_recv(struct composite_context *req);
826 static void becomeDC_connect_ldap2(struct libnet_BecomeDC_state *s);
828 static void becomeDC_connect_ldap1(struct libnet_BecomeDC_state *s)
830 struct composite_context *c = s->creq;
832 c->status = becomeDC_ldap_connect(s, &s->ldap1);
833 if (!composite_is_ok(c)) return;
835 c->status = becomeDC_ldap1_rootdse(s);
836 if (!composite_is_ok(c)) return;
838 c->status = becomeDC_ldap1_config_behavior_version(s);
839 if (!composite_is_ok(c)) return;
841 c->status = becomeDC_ldap1_domain_behavior_version(s);
842 if (!composite_is_ok(c)) return;
844 c->status = becomeDC_ldap1_schema_object_version(s);
845 if (!composite_is_ok(c)) return;
847 c->status = becomeDC_ldap1_w2k3_update_revision(s);
848 if (!composite_is_ok(c)) return;
850 c->status = becomeDC_ldap1_infrastructure_fsmo(s);
851 if (!composite_is_ok(c)) return;
853 c->status = becomeDC_ldap1_rid_manager_fsmo(s);
854 if (!composite_is_ok(c)) return;
856 c->status = becomeDC_ldap1_site_object(s);
857 if (!composite_is_ok(c)) return;
859 c->status = becomeDC_ldap1_computer_object(s);
860 if (!composite_is_ok(c)) return;
862 c->status = becomeDC_ldap1_server_object_1(s);
863 if (!composite_is_ok(c)) return;
865 c->status = becomeDC_ldap1_server_object_2(s);
866 if (!composite_is_ok(c)) return;
868 c->status = becomeDC_ldap1_server_object_add(s);
869 if (!composite_is_ok(c)) return;
871 c->status = becomeDC_ldap1_server_object_modify(s);
872 if (!composite_is_ok(c)) return;
874 becomeDC_drsuapi_connect_send(s, &s->drsuapi1, becomeDC_drsuapi1_connect_recv);
877 static void becomeDC_drsuapi_connect_send(struct libnet_BecomeDC_state *s,
878 struct becomeDC_drsuapi *drsuapi,
879 void (*recv_fn)(struct composite_context *req))
881 struct composite_context *c = s->creq;
882 struct composite_context *creq;
887 if (!drsuapi->binding) {
888 binding_str = talloc_asprintf(s, "ncacn_ip_tcp:%s[krb5,seal]", s->source_dsa.dns_name);
889 if (composite_nomem(binding_str, c)) return;
891 c->status = dcerpc_parse_binding(s, binding_str, &drsuapi->binding);
892 talloc_free(binding_str);
893 if (!composite_is_ok(c)) return;
896 creq = dcerpc_pipe_connect_b_send(s, drsuapi->binding, &dcerpc_table_drsuapi,
897 s->libnet->cred, s->libnet->event_ctx);
898 composite_continue(c, creq, recv_fn, s);
901 static void becomeDC_drsuapi_bind_send(struct libnet_BecomeDC_state *s,
902 struct becomeDC_drsuapi *drsuapi,
903 void (*recv_fn)(struct rpc_request *req));
904 static void becomeDC_drsuapi1_bind_recv(struct rpc_request *req);
906 static void becomeDC_drsuapi1_connect_recv(struct composite_context *req)
908 struct libnet_BecomeDC_state *s = talloc_get_type(req->async.private_data,
909 struct libnet_BecomeDC_state);
910 struct composite_context *c = s->creq;
912 c->status = dcerpc_pipe_connect_b_recv(req, s, &s->drsuapi1.pipe);
913 if (!composite_is_ok(c)) return;
915 becomeDC_drsuapi_bind_send(s, &s->drsuapi1, becomeDC_drsuapi1_bind_recv);
918 static void becomeDC_drsuapi_bind_send(struct libnet_BecomeDC_state *s,
919 struct becomeDC_drsuapi *drsuapi,
920 void (*recv_fn)(struct rpc_request *req))
922 struct composite_context *c = s->creq;
923 struct rpc_request *req;
924 struct drsuapi_DsBindInfo28 *bind_info28;
926 GUID_from_string(DRSUAPI_DS_BIND_GUID_W2K3, &drsuapi->bind_guid);
928 bind_info28 = &drsuapi->local_info28;
929 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_BASE;
930 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ASYNC_REPLICATION;
931 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_REMOVEAPI;
932 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_MOVEREQ_V2;
933 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHG_COMPRESS;
934 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V1;
935 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_RESTORE_USN_OPTIMIZATION;
936 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_KCC_EXECUTE;
937 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRY_V2;
938 if (s->ads_options.domain_behavior_version == 2) {
939 /* TODO: find out how this is really triggered! */
940 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_LINKED_VALUE_REPLICATION;
942 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V2;
943 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_INSTANCE_TYPE_NOT_REQ_ON_MOD;
944 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_CRYPTO_BIND;
945 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_REPL_INFO;
946 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_STRONG_ENCRYPTION;
947 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_DCINFO_V01;
948 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_TRANSITIVE_MEMBERSHIP;
949 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADD_SID_HISTORY;
950 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_POST_BETA3;
951 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_00100000;
952 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GET_MEMBERSHIPS2;
953 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V6;
954 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_NONDOMAIN_NCS;
955 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREQ_V8;
956 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V5;
957 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V6;
958 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_ADDENTRYREPLY_V3;
959 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_GETCHGREPLY_V7;
960 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_VERIFY_OBJECT;
961 #if 0 /* we don't support XPRESS compression yet */
962 bind_info28->supported_extensions |= DRSUAPI_SUPPORTED_EXTENSION_XPRESS_COMPRESS;
964 bind_info28->site_guid = s->dest_dsa.site_guid;
965 if (s->ads_options.domain_behavior_version == 2) {
966 /* TODO: find out how this is really triggered! */
967 bind_info28->u1 = 528;
969 bind_info28->u1 = 516;
971 bind_info28->repl_epoch = 0;
973 drsuapi->bind_info_ctr.length = 28;
974 drsuapi->bind_info_ctr.info.info28 = *bind_info28;
976 drsuapi->bind_r.in.bind_guid = &drsuapi->bind_guid;
977 drsuapi->bind_r.in.bind_info = &drsuapi->bind_info_ctr;
978 drsuapi->bind_r.out.bind_handle = &drsuapi->bind_handle;
980 req = dcerpc_drsuapi_DsBind_send(drsuapi->pipe, s, &drsuapi->bind_r);
981 composite_continue_rpc(c, req, recv_fn, s);
984 static WERROR becomeDC_drsuapi_bind_recv(struct libnet_BecomeDC_state *s,
985 struct becomeDC_drsuapi *drsuapi)
987 if (!W_ERROR_IS_OK(drsuapi->bind_r.out.result)) {
988 return drsuapi->bind_r.out.result;
991 ZERO_STRUCT(drsuapi->remote_info28);
992 if (drsuapi->bind_r.out.bind_info) {
993 switch (drsuapi->bind_r.out.bind_info->length) {
995 struct drsuapi_DsBindInfo24 *info24;
996 info24 = &drsuapi->bind_r.out.bind_info->info.info24;
997 drsuapi->remote_info28.supported_extensions = info24->supported_extensions;
998 drsuapi->remote_info28.site_guid = info24->site_guid;
999 drsuapi->remote_info28.u1 = info24->u1;
1000 drsuapi->remote_info28.repl_epoch = 0;
1004 drsuapi->remote_info28 = drsuapi->bind_r.out.bind_info->info.info28;
1012 static void becomeDC_drsuapi1_add_entry_send(struct libnet_BecomeDC_state *s);
1014 static void becomeDC_drsuapi1_bind_recv(struct rpc_request *req)
1016 struct libnet_BecomeDC_state *s = talloc_get_type(req->async.private,
1017 struct libnet_BecomeDC_state);
1018 struct composite_context *c = s->creq;
1021 c->status = dcerpc_ndr_request_recv(req);
1022 if (!composite_is_ok(c)) return;
1024 status = becomeDC_drsuapi_bind_recv(s, &s->drsuapi1);
1025 if (!W_ERROR_IS_OK(status)) {
1026 composite_error(c, werror_to_ntstatus(status));
1030 becomeDC_drsuapi1_add_entry_send(s);
1033 static void becomeDC_drsuapi1_add_entry_recv(struct rpc_request *req);
1035 static void becomeDC_drsuapi1_add_entry_send(struct libnet_BecomeDC_state *s)
1037 struct composite_context *c = s->creq;
1038 struct rpc_request *req;
1039 struct drsuapi_DsAddEntry *r;
1040 struct drsuapi_DsReplicaObjectIdentifier *identifier;
1041 uint32_t num_attrs, i = 0;
1042 struct drsuapi_DsReplicaAttribute *attrs;
1044 /* choose a random invocationId */
1045 s->dest_dsa.invocation_id = GUID_random();
1047 r = talloc_zero(s, struct drsuapi_DsAddEntry);
1048 if (composite_nomem(r, c)) return;
1050 /* setup identifier */
1051 identifier = talloc(r, struct drsuapi_DsReplicaObjectIdentifier);
1052 if (composite_nomem(identifier, c)) return;
1053 identifier->guid = GUID_zero();
1054 identifier->sid = s->zero_sid;
1055 identifier->dn = talloc_asprintf(identifier, "CN=NTDS Settings,%s",
1056 s->dest_dsa.server_dn_str);
1057 if (composite_nomem(identifier->dn, c)) return;
1059 /* allocate attribute array */
1061 attrs = talloc_array(r, struct drsuapi_DsReplicaAttribute, num_attrs);
1062 if (composite_nomem(attrs, c)) return;
1064 /* ntSecurityDescriptor */
1066 struct drsuapi_DsAttributeValueSecurityDescriptor *vs;
1067 struct security_descriptor *v;
1068 struct dom_sid *domain_admins_sid;
1069 const char *domain_admins_sid_str;
1071 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueSecurityDescriptor, 1);
1072 if (composite_nomem(vs, c)) return;
1074 domain_admins_sid = dom_sid_add_rid(vs, s->domain.sid, DOMAIN_RID_ADMINS);
1075 if (composite_nomem(domain_admins_sid, c)) return;
1077 domain_admins_sid_str = dom_sid_string(domain_admins_sid, domain_admins_sid);
1078 if (composite_nomem(domain_admins_sid_str, c)) return;
1080 v = security_descriptor_create(vs,
1081 /* owner: domain admins */
1082 domain_admins_sid_str,
1083 /* owner group: domain admins */
1084 domain_admins_sid_str,
1085 /* authenticated users */
1086 SID_NT_AUTHENTICATED_USERS,
1087 SEC_ACE_TYPE_ACCESS_ALLOWED,
1088 SEC_STD_READ_CONTROL |
1091 SEC_ADS_LIST_OBJECT,
1094 domain_admins_sid_str,
1095 SEC_ACE_TYPE_ACCESS_ALLOWED,
1097 SEC_ADS_CREATE_CHILD |
1099 SEC_ADS_SELF_WRITE |
1101 SEC_ADS_WRITE_PROP |
1102 SEC_ADS_DELETE_TREE |
1103 SEC_ADS_LIST_OBJECT |
1104 SEC_ADS_CONTROL_ACCESS,
1108 SEC_ACE_TYPE_ACCESS_ALLOWED,
1110 SEC_ADS_CREATE_CHILD |
1111 SEC_ADS_DELETE_CHILD |
1113 SEC_ADS_SELF_WRITE |
1115 SEC_ADS_WRITE_PROP |
1116 SEC_ADS_DELETE_TREE |
1117 SEC_ADS_LIST_OBJECT |
1118 SEC_ADS_CONTROL_ACCESS,
1122 if (composite_nomem(v, c)) return;
1126 attrs[i].attid = DRSUAPI_ATTRIBUTE_ntSecurityDescriptor;
1127 attrs[i].value_ctr.security_descriptor.num_values = 1;
1128 attrs[i].value_ctr.security_descriptor.values = vs;
1133 /* objectClass: nTDSDSA */
1135 struct drsuapi_DsAttributeValueObjectClassId *vs;
1136 enum drsuapi_DsObjectClassId *v;
1138 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueObjectClassId, 1);
1139 if (composite_nomem(vs, c)) return;
1141 v = talloc_array(vs, enum drsuapi_DsObjectClassId, 1);
1142 if (composite_nomem(v, c)) return;
1144 /* value for nTDSDSA */
1147 vs[0].objectClassId = &v[0];
1149 attrs[i].attid = DRSUAPI_ATTRIBUTE_objectClass;
1150 attrs[i].value_ctr.object_class_id.num_values = 1;
1151 attrs[i].value_ctr.object_class_id.values = vs;
1156 /* objectCategory: CN=NTDS-DSA,CN=Schema,... */
1158 struct drsuapi_DsAttributeValueDNString *vs;
1159 struct drsuapi_DsReplicaObjectIdentifier3 *v;
1161 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueDNString, 1);
1162 if (composite_nomem(vs, c)) return;
1164 v = talloc_array(vs, struct drsuapi_DsReplicaObjectIdentifier3, 1);
1165 if (composite_nomem(v, c)) return;
1167 /* value for nTDSDSA */
1168 v[0].guid = GUID_zero();
1169 v[0].sid = s->zero_sid;
1170 v[0].dn = talloc_asprintf(v, "CN=NTDS-DSA,%s",
1171 s->forest.schema_dn_str);
1172 if (composite_nomem(v->dn, c)) return;
1174 vs[0].object = &v[0];
1176 attrs[i].attid = DRSUAPI_ATTRIBUTE_objectCategory;
1177 attrs[i].value_ctr.dn_string.num_values = 1;
1178 attrs[i].value_ctr.dn_string.values = vs;
1183 /* invocationId: random guid */
1185 struct drsuapi_DsAttributeValueGUID *vs;
1188 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueGUID, 1);
1189 if (composite_nomem(vs, c)) return;
1191 v = talloc_array(vs, struct GUID, 1);
1192 if (composite_nomem(v, c)) return;
1194 /* value for nTDSDSA */
1195 v[0] = s->dest_dsa.invocation_id;
1199 attrs[i].attid = DRSUAPI_ATTRIBUTE_invocationId;
1200 attrs[i].value_ctr.guid.num_values = 1;
1201 attrs[i].value_ctr.guid.values = vs;
1206 /* hasMasterNCs: ... */
1208 struct drsuapi_DsAttributeValueDNString *vs;
1209 struct drsuapi_DsReplicaObjectIdentifier3 *v;
1211 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueDNString, 3);
1212 if (composite_nomem(vs, c)) return;
1214 v = talloc_array(vs, struct drsuapi_DsReplicaObjectIdentifier3, 3);
1215 if (composite_nomem(v, c)) return;
1217 v[0].guid = GUID_zero();
1218 v[0].sid = s->zero_sid;
1219 v[0].dn = s->forest.config_dn_str;
1221 v[1].guid = GUID_zero();
1222 v[1].sid = s->zero_sid;
1223 v[1].dn = s->domain.dn_str;
1225 v[2].guid = GUID_zero();
1226 v[2].sid = s->zero_sid;
1227 v[2].dn = s->forest.schema_dn_str;
1229 vs[0].object = &v[0];
1230 vs[1].object = &v[1];
1231 vs[2].object = &v[2];
1233 attrs[i].attid = DRSUAPI_ATTRIBUTE_hasMasterNCs;
1234 attrs[i].value_ctr.dn_string.num_values = 3;
1235 attrs[i].value_ctr.dn_string.values = vs;
1240 /* msDS-hasMasterNCs: ... */
1242 struct drsuapi_DsAttributeValueDNString *vs;
1243 struct drsuapi_DsReplicaObjectIdentifier3 *v;
1245 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueDNString, 3);
1246 if (composite_nomem(vs, c)) return;
1248 v = talloc_array(vs, struct drsuapi_DsReplicaObjectIdentifier3, 3);
1249 if (composite_nomem(v, c)) return;
1251 v[0].guid = GUID_zero();
1252 v[0].sid = s->zero_sid;
1253 v[0].dn = s->forest.config_dn_str;
1255 v[1].guid = GUID_zero();
1256 v[1].sid = s->zero_sid;
1257 v[1].dn = s->domain.dn_str;
1259 v[2].guid = GUID_zero();
1260 v[2].sid = s->zero_sid;
1261 v[2].dn = s->forest.schema_dn_str;
1263 vs[0].object = &v[0];
1264 vs[1].object = &v[1];
1265 vs[2].object = &v[2];
1267 attrs[i].attid = DRSUAPI_ATTRIBUTE_msDS_hasMasterNCs;
1268 attrs[i].value_ctr.dn_string.num_values = 3;
1269 attrs[i].value_ctr.dn_string.values = vs;
1274 /* dMDLocation: CN=Schema,... */
1276 struct drsuapi_DsAttributeValueDNString *vs;
1277 struct drsuapi_DsReplicaObjectIdentifier3 *v;
1279 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueDNString, 1);
1280 if (composite_nomem(vs, c)) return;
1282 v = talloc_array(vs, struct drsuapi_DsReplicaObjectIdentifier3, 1);
1283 if (composite_nomem(v, c)) return;
1285 v[0].guid = GUID_zero();
1286 v[0].sid = s->zero_sid;
1287 v[0].dn = s->forest.schema_dn_str;
1289 vs[0].object = &v[0];
1291 attrs[i].attid = DRSUAPI_ATTRIBUTE_dMDLocation;
1292 attrs[i].value_ctr.dn_string.num_values = 1;
1293 attrs[i].value_ctr.dn_string.values = vs;
1298 /* msDS-HasDomainNCs: <domain_partition> */
1300 struct drsuapi_DsAttributeValueDNString *vs;
1301 struct drsuapi_DsReplicaObjectIdentifier3 *v;
1303 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueDNString, 1);
1304 if (composite_nomem(vs, c)) return;
1306 v = talloc_array(vs, struct drsuapi_DsReplicaObjectIdentifier3, 1);
1307 if (composite_nomem(v, c)) return;
1309 v[0].guid = GUID_zero();
1310 v[0].sid = s->zero_sid;
1311 v[0].dn = s->domain.dn_str;
1313 vs[0].object = &v[0];
1315 attrs[i].attid = DRSUAPI_ATTRIBUTE_msDS_HasDomainNCs;
1316 attrs[i].value_ctr.dn_string.num_values = 1;
1317 attrs[i].value_ctr.dn_string.values = vs;
1322 /* msDS-Behavior-Version */
1324 struct drsuapi_DsAttributeValueUINT32 *vs;
1327 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueUINT32, 1);
1328 if (composite_nomem(vs, c)) return;
1330 v = talloc_array(vs, uint32_t, 1);
1331 if (composite_nomem(v, c)) return;
1335 vs[0].value = &v[0];
1337 attrs[i].attid = DRSUAPI_ATTRIBUTE_msDS_Behavior_Version;
1338 attrs[i].value_ctr.uint32.num_values = 1;
1339 attrs[i].value_ctr.uint32.values = vs;
1346 struct drsuapi_DsAttributeValueUINT32 *vs;
1349 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueUINT32, 1);
1350 if (composite_nomem(vs, c)) return;
1352 v = talloc_array(vs, uint32_t, 1);
1353 if (composite_nomem(v, c)) return;
1355 v[0] = SYSTEM_FLAG_DISALLOW_MOVE_ON_DELETE;
1357 vs[0].value = &v[0];
1359 attrs[i].attid = DRSUAPI_ATTRIBUTE_systemFlags;
1360 attrs[i].value_ctr.uint32.num_values = 1;
1361 attrs[i].value_ctr.uint32.values = vs;
1366 /* serverReference: ... */
1368 struct drsuapi_DsAttributeValueDNString *vs;
1369 struct drsuapi_DsReplicaObjectIdentifier3 *v;
1371 vs = talloc_array(attrs, struct drsuapi_DsAttributeValueDNString, 1);
1372 if (composite_nomem(vs, c)) return;
1374 v = talloc_array(vs, struct drsuapi_DsReplicaObjectIdentifier3, 1);
1375 if (composite_nomem(v, c)) return;
1377 v[0].guid = GUID_zero();
1378 v[0].sid = s->zero_sid;
1379 v[0].dn = s->dest_dsa.computer_dn_str;
1381 vs[0].object = &v[0];
1383 attrs[i].attid = DRSUAPI_ATTRIBUTE_serverReference;
1384 attrs[i].value_ctr.dn_string.num_values = 1;
1385 attrs[i].value_ctr.dn_string.values = vs;
1390 /* truncate the attribute list to the attribute count we have filled in */
1393 /* setup request structure */
1394 r->in.bind_handle = &s->drsuapi1.bind_handle;
1396 r->in.req.req2.first_object.next_object = NULL;
1397 r->in.req.req2.first_object.object.identifier = identifier;
1398 r->in.req.req2.first_object.object.unknown1 = 0x00000000;
1399 r->in.req.req2.first_object.object.attribute_ctr.num_attributes = num_attrs;
1400 r->in.req.req2.first_object.object.attribute_ctr.attributes = attrs;
1402 req = dcerpc_drsuapi_DsAddEntry_send(s->drsuapi1.pipe, r, r);
1403 composite_continue_rpc(c, req, becomeDC_drsuapi1_add_entry_recv, s);
1406 static void becomeDC_drsuapi2_connect_recv(struct composite_context *req);
1408 static void becomeDC_drsuapi1_add_entry_recv(struct rpc_request *req)
1410 struct libnet_BecomeDC_state *s = talloc_get_type(req->async.private,
1411 struct libnet_BecomeDC_state);
1412 struct composite_context *c = s->creq;
1413 struct drsuapi_DsAddEntry *r = talloc_get_type(req->ndr.struct_ptr,
1414 struct drsuapi_DsAddEntry);
1416 c->status = dcerpc_ndr_request_recv(req);
1417 if (!composite_is_ok(c)) return;
1419 if (!W_ERROR_IS_OK(r->out.result)) {
1420 composite_error(c, werror_to_ntstatus(r->out.result));
1424 if (r->out.level == 3) {
1425 if (r->out.ctr.ctr3.count != 1) {
1428 if (r->out.ctr.ctr3.level != 1) {
1429 composite_error(c, NT_STATUS_INVALID_NETWORK_RESPONSE);
1433 if (!r->out.ctr.ctr3.error) {
1434 composite_error(c, NT_STATUS_INVALID_NETWORK_RESPONSE);
1438 status = r->out.ctr.ctr3.error->info1.status;
1440 if (!r->out.ctr.ctr3.error->info1.info) {
1441 composite_error(c, werror_to_ntstatus(status));
1445 /* see if we can get a more detailed error */
1446 switch (r->out.ctr.ctr3.error->info1.level) {
1448 status = r->out.ctr.ctr3.error->info1.info->error1.status;
1454 status = r->out.ctr.ctr3.error->info1.info->errorX.status;
1458 composite_error(c, werror_to_ntstatus(status));
1462 s->dest_dsa.ntds_guid = r->out.ctr.ctr3.objects[0].guid;
1463 } else if (r->out.level == 2) {
1464 if (r->out.ctr.ctr2.count != 1) {
1465 composite_error(c, werror_to_ntstatus(r->out.ctr.ctr2.error.status));
1469 s->dest_dsa.ntds_guid = r->out.ctr.ctr2.objects[0].guid;
1471 composite_error(c, NT_STATUS_INVALID_NETWORK_RESPONSE);
1475 becomeDC_drsuapi_connect_send(s, &s->drsuapi2, becomeDC_drsuapi2_connect_recv);
1478 static void becomeDC_drsuapi2_bind_recv(struct rpc_request *req);
1480 static void becomeDC_drsuapi2_connect_recv(struct composite_context *req)
1482 struct libnet_BecomeDC_state *s = talloc_get_type(req->async.private_data,
1483 struct libnet_BecomeDC_state);
1484 struct composite_context *c = s->creq;
1486 c->status = dcerpc_pipe_connect_b_recv(req, s, &s->drsuapi2.pipe);
1487 if (!composite_is_ok(c)) return;
1489 becomeDC_drsuapi_bind_send(s, &s->drsuapi2, becomeDC_drsuapi2_bind_recv);
1492 static void becomeDC_drsuapi3_connect_recv(struct composite_context *req);
1494 static void becomeDC_drsuapi2_bind_recv(struct rpc_request *req)
1496 struct libnet_BecomeDC_state *s = talloc_get_type(req->async.private,
1497 struct libnet_BecomeDC_state);
1498 struct composite_context *c = s->creq;
1501 c->status = dcerpc_ndr_request_recv(req);
1502 if (!composite_is_ok(c)) return;
1504 status = becomeDC_drsuapi_bind_recv(s, &s->drsuapi2);
1505 if (!W_ERROR_IS_OK(status)) {
1506 composite_error(c, werror_to_ntstatus(status));
1510 /* this avoids the epmapper lookup on the 2nd connection */
1511 s->drsuapi3.binding = s->drsuapi2.binding;
1513 becomeDC_drsuapi_connect_send(s, &s->drsuapi3, becomeDC_drsuapi3_connect_recv);
1516 static void becomeDC_drsuapi3_connect_recv(struct composite_context *req)
1518 struct libnet_BecomeDC_state *s = talloc_get_type(req->async.private_data,
1519 struct libnet_BecomeDC_state);
1520 struct composite_context *c = s->creq;
1522 c->status = dcerpc_pipe_connect_b_recv(req, s, &s->drsuapi3.pipe);
1523 if (!composite_is_ok(c)) return;
1525 becomeDC_connect_ldap2(s);
1528 static NTSTATUS becomeDC_ldap2_modify_computer(struct libnet_BecomeDC_state *s)
1531 struct ldb_message *msg;
1533 uint32_t user_account_control = UF_SERVER_TRUST_ACCOUNT |
1534 UF_TRUSTED_FOR_DELEGATION;
1536 /* as the value is already as we want it to be, we're done */
1537 if (s->dest_dsa.user_account_control == user_account_control) {
1538 return NT_STATUS_OK;
1541 /* make a 'modify' msg, and only for serverReference */
1542 msg = ldb_msg_new(s);
1543 NT_STATUS_HAVE_NO_MEMORY(msg);
1544 msg->dn = ldb_dn_new(msg, s->ldap2.ldb, s->dest_dsa.computer_dn_str);
1545 NT_STATUS_HAVE_NO_MEMORY(msg->dn);
1547 ret = ldb_msg_add_fmt(msg, "userAccountControl", "%u", user_account_control);
1550 return NT_STATUS_NO_MEMORY;
1553 /* mark all the message elements (should be just one)
1554 as LDB_FLAG_MOD_REPLACE */
1555 for (i=0;i<msg->num_elements;i++) {
1556 msg->elements[i].flags = LDB_FLAG_MOD_REPLACE;
1559 ret = ldb_modify(s->ldap2.ldb, msg);
1561 if (ret != LDB_SUCCESS) {
1562 return NT_STATUS_LDAP(ret);
1565 s->dest_dsa.user_account_control = user_account_control;
1567 return NT_STATUS_OK;
1570 static NTSTATUS becomeDC_ldap2_move_computer(struct libnet_BecomeDC_state *s)
1573 struct ldb_result *r;
1574 struct ldb_dn *basedn;
1575 struct ldb_dn *old_dn;
1576 struct ldb_dn *new_dn;
1577 static const char *_1_1_attrs[] = {
1582 basedn = ldb_dn_new_fmt(s, s->ldap2.ldb, "<WKGUID=a361b2ffffd211d1aa4b00c04fd7d83a,%s>",
1584 NT_STATUS_HAVE_NO_MEMORY(basedn);
1586 ret = ldb_search(s->ldap2.ldb, basedn, LDB_SCOPE_BASE,
1587 "(objectClass=*)", _1_1_attrs, &r);
1588 talloc_free(basedn);
1589 if (ret != LDB_SUCCESS) {
1590 return NT_STATUS_LDAP(ret);
1591 } else if (r->count != 1) {
1593 return NT_STATUS_INVALID_NETWORK_RESPONSE;
1596 old_dn = ldb_dn_new(r, s->ldap2.ldb, s->dest_dsa.computer_dn_str);
1597 NT_STATUS_HAVE_NO_MEMORY(old_dn);
1599 new_dn = r->msgs[0]->dn;
1601 if (!ldb_dn_add_child_fmt(new_dn, "CN=%s", s->dest_dsa.netbios_name)) {
1603 return NT_STATUS_NO_MEMORY;
1606 if (ldb_dn_compare(old_dn, new_dn) == 0) {
1607 /* we don't need to rename if the old and new dn match */
1609 return NT_STATUS_OK;
1612 ret = ldb_rename(s->ldap2.ldb, old_dn, new_dn);
1613 if (ret != LDB_SUCCESS) {
1615 return NT_STATUS_LDAP(ret);
1618 s->dest_dsa.computer_dn_str = ldb_dn_alloc_linearized(s, new_dn);
1619 NT_STATUS_HAVE_NO_MEMORY(s->dest_dsa.computer_dn_str);
1623 return NT_STATUS_OK;
1626 static void becomeDC_connect_ldap2(struct libnet_BecomeDC_state *s)
1628 struct composite_context *c = s->creq;
1630 c->status = becomeDC_ldap_connect(s, &s->ldap2);
1631 if (!composite_is_ok(c)) return;
1633 c->status = becomeDC_ldap2_modify_computer(s);
1634 if (!composite_is_ok(c)) return;
1636 c->status = becomeDC_ldap2_move_computer(s);
1637 if (!composite_is_ok(c)) return;
1639 composite_error(c, NT_STATUS_NOT_IMPLEMENTED);
1642 struct composite_context *libnet_BecomeDC_send(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_BecomeDC *r)
1644 struct composite_context *c;
1645 struct libnet_BecomeDC_state *s;
1648 c = composite_create(mem_ctx, ctx->event_ctx);
1649 if (c == NULL) return NULL;
1651 s = talloc_zero(c, struct libnet_BecomeDC_state);
1652 if (composite_nomem(s, c)) return c;
1653 c->private_data = s;
1658 s->domain.dns_name = talloc_strdup(s, r->in.domain_dns_name);
1659 if (composite_nomem(s->domain.dns_name, c)) return c;
1660 s->domain.netbios_name = talloc_strdup(s, r->in.domain_netbios_name);
1661 if (composite_nomem(s->domain.netbios_name, c)) return c;
1662 s->domain.sid = dom_sid_dup(s, r->in.domain_sid);
1663 if (composite_nomem(s->domain.sid, c)) return c;
1665 /* Source DSA input */
1666 s->source_dsa.address = talloc_strdup(s, r->in.source_dsa_address);
1667 if (composite_nomem(s->source_dsa.address, c)) return c;
1669 /* Destination DSA input */
1670 s->dest_dsa.netbios_name= talloc_strdup(s, r->in.dest_dsa_netbios_name);
1671 if (composite_nomem(s->dest_dsa.netbios_name, c)) return c;
1673 /* Destination DSA dns_name construction */
1674 tmp_name = strlower_talloc(s, s->dest_dsa.netbios_name);
1675 if (composite_nomem(tmp_name, c)) return c;
1676 s->dest_dsa.dns_name = talloc_asprintf_append(tmp_name, ".%s",
1677 s->domain.dns_name);
1678 if (composite_nomem(s->dest_dsa.dns_name, c)) return c;
1680 becomeDC_send_cldap(s);
1684 NTSTATUS libnet_BecomeDC_recv(struct composite_context *c, TALLOC_CTX *mem_ctx, struct libnet_BecomeDC *r)
1688 status = composite_wait(c);
1690 ZERO_STRUCT(r->out);
1696 NTSTATUS libnet_BecomeDC(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct libnet_BecomeDC *r)
1699 struct composite_context *c;
1700 c = libnet_BecomeDC_send(ctx, mem_ctx, r);
1701 status = libnet_BecomeDC_recv(c, mem_ctx, r);