Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com)
Copyright (C) 2004 Guenther Deschner (gd@samba.org)
Copyright (C) 2005 Jeremy Allison (jra@samba.org)
+ Copyright (C) 2006 Jelmer Vernooij (jelmer@samba.org)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
+ along with this program. If not, see <http://www.gnu.org/licenses/>. */
#include "includes.h"
#include "utils/net.h"
* @return The Domain SID of the remote machine.
**/
-static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx, char **domain_name)
+NTSTATUS net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx,
+ DOM_SID **domain_sid, char **domain_name)
{
struct rpc_pipe_client *lsa_pipe;
- DOM_SID *domain_sid;
POLICY_HND pol;
NTSTATUS result = NT_STATUS_OK;
uint32 info_class = 5;
lsa_pipe = cli_rpc_pipe_open_noauth(cli, PI_LSARPC, &result);
if (!lsa_pipe) {
- fprintf(stderr, "could not initialise lsa pipe\n");
- goto error;
+ d_fprintf(stderr, "Could not initialise lsa pipe\n");
+ return result;
}
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, False,
SEC_RIGHTS_MAXIMUM_ALLOWED,
&pol);
if (!NT_STATUS_IS_OK(result)) {
- goto error;
+ d_fprintf(stderr, "open_policy failed: %s\n",
+ nt_errstr(result));
+ return result;
}
- result = rpccli_lsa_query_info_policy(lsa_pipe, mem_ctx, &pol, info_class,
- domain_name, &domain_sid);
+ result = rpccli_lsa_query_info_policy(lsa_pipe, mem_ctx, &pol,
+ info_class, domain_name,
+ domain_sid);
if (!NT_STATUS_IS_OK(result)) {
- error:
- fprintf(stderr, "could not obtain sid for domain %s\n", cli->domain);
-
- if (!NT_STATUS_IS_OK(result)) {
- fprintf(stderr, "error: %s\n", nt_errstr(result));
- }
-
- exit(1);
+ d_fprintf(stderr, "lsaquery failed: %s\n",
+ nt_errstr(result));
+ return result;
}
- if (lsa_pipe) {
- rpccli_lsa_close(lsa_pipe, mem_ctx, &pol);
- cli_rpc_pipe_close(lsa_pipe);
- }
+ rpccli_lsa_Close(lsa_pipe, mem_ctx, &pol);
+ cli_rpc_pipe_close(lsa_pipe);
- return domain_sid;
+ return NT_STATUS_OK;
}
/**
/* make use of cli_state handed over as an argument, if possible */
if (!cli_arg) {
- cli = net_make_ipc_connection(conn_flags);
+ nt_status = net_make_ipc_connection(conn_flags, &cli);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(1, ("failed to make ipc connection: %s\n",
+ nt_errstr(nt_status)));
+ return -1;
+ }
} else {
cli = cli_arg;
}
return -1;
}
- domain_sid = net_get_remote_domain_sid(cli, mem_ctx, &domain_name);
+ nt_status = net_get_remote_domain_sid(cli, mem_ctx, &domain_sid,
+ &domain_name);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ cli_shutdown(cli);
+ return -1;
+ }
if (!(conn_flags & NET_FLAGS_NO_PIPE)) {
if (lp_client_schannel() && (pipe_idx == PI_NETLOGON)) {
int rc = net_rpc_perform_oldjoin(argc, argv);
if (rc) {
- d_printf("Failed to join domain\n");
+ d_fprintf(stderr, "Failed to join domain\n");
}
return rc;
int net_rpc_join(int argc, const char **argv)
{
+ if (lp_server_role() == ROLE_STANDALONE) {
+ d_printf("cannot join as standalone machine\n");
+ return -1;
+ }
+
+ if (strlen(global_myname()) > 15) {
+ d_printf("Our netbios name can be at most 15 chars long, "
+ "\"%s\" is %u chars long\n",
+ global_myname(), (unsigned int)strlen(global_myname()));
+ return -1;
+ }
+
if ((net_rpc_perform_oldjoin(argc, argv) == 0))
return 0;
* @return Normal NTSTATUS return.
**/
-static NTSTATUS rpc_info_internals(const DOM_SID *domain_sid,
+NTSTATUS rpc_info_internals(const DOM_SID *domain_sid,
const char *domain_name,
struct cli_state *cli,
struct rpc_pipe_client *pipe_hnd,
result = rpccli_samr_connect(pipe_hnd, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
&connect_pol);
if (!NT_STATUS_IS_OK(result)) {
+ d_fprintf(stderr, "Could not connect to SAM: %s\n", nt_errstr(result));
goto done;
}
MAXIMUM_ALLOWED_ACCESS,
domain_sid, &domain_pol);
if (!NT_STATUS_IS_OK(result)) {
+ d_fprintf(stderr, "Could not open domain: %s\n", nt_errstr(result));
goto done;
}
TALLOC_CTX *ctx = talloc_init("rpc_info_internals");
d_printf("Domain Name: %s\n", unistr2_tdup(ctx, &ctr.info.inf2.uni_domain));
d_printf("Domain SID: %s\n", sid_str);
- d_printf("Sequence number: %u\n", ctr.info.inf2.seq_num.low);
+ d_printf("Sequence number: %llu\n", (unsigned long long)ctr.info.inf2.seq_num);
d_printf("Num users: %u\n", ctr.info.inf2.num_domain_usrs);
d_printf("Num domain groups: %u\n", ctr.info.inf2.num_domain_grps);
d_printf("Num local groups: %u\n", ctr.info.inf2.num_local_grps);
int net_rpc_info(int argc, const char **argv)
{
- return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
+ return run_rpc_command(NULL, PI_SAMR, NET_FLAGS_PDC,
rpc_info_internals,
argc, argv);
}
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *acct_name;
- uint16 acb_info;
+ uint32 acb_info;
uint32 unknown, user_rid;
- if (argc != 1) {
+ if (argc < 1) {
d_printf("User must be specified\n");
rpc_user_usage(argc, argv);
return NT_STATUS_OK;
goto done;
}
+ if (argc == 2) {
+
+ uint32 *user_rids, num_rids, *name_types;
+ uint32 flags = 0x000003e8; /* Unknown */
+ SAM_USERINFO_CTR ctr;
+ SAM_USER_INFO_24 p24;
+ uchar pwbuf[516];
+
+ result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol,
+ flags, 1, &acct_name,
+ &num_rids, &user_rids,
+ &name_types);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ user_rids[0], &user_pol);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ /* Set password on account */
+
+ ZERO_STRUCT(ctr);
+ ZERO_STRUCT(p24);
+
+ encode_pw_buffer(pwbuf, argv[1], STR_UNICODE);
+
+ init_sam_user_info24(&p24, (char *)pwbuf,24);
+
+ ctr.switch_value = 24;
+ ctr.info.id24 = &p24;
+
+ result = rpccli_samr_set_userinfo(pipe_hnd, mem_ctx, &user_pol, 24,
+ &cli->user_session_key, &ctr);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ d_fprintf(stderr, "Failed to set password for user %s - %s\n",
+ acct_name, nt_errstr(result));
+
+ result = rpccli_samr_delete_dom_user(pipe_hnd, mem_ctx, &user_pol);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ d_fprintf(stderr, "Failed to delete user %s - %s\n",
+ acct_name, nt_errstr(result));
+ return result;
+ }
+ }
+
+ }
done:
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Failed to add user %s - %s\n", acct_name,
+ d_fprintf(stderr, "Failed to add user %s - %s\n", acct_name,
nt_errstr(result));
} else {
d_printf("Added user %s\n", acct_name);
/* Display results */
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Failed to delete user account - %s\n", nt_errstr(result));
+ d_fprintf(stderr, "Failed to delete user account - %s\n", nt_errstr(result));
} else {
d_printf("Deleted user account\n");
}
goto done;
}
- names = TALLOC_ARRAY(mem_ctx, const char *, num_names);
+ if ((names = TALLOC_ARRAY(mem_ctx, const char *, num_names)) == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
names[0] = old_name;
result = rpccli_samr_lookup_names(pipe_hnd, mem_ctx, &domain_pol,
flags, num_names, names,
done:
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Failed to rename user from %s to %s - %s\n", old_name, new_name,
+ d_fprintf(stderr, "Failed to rename user from %s to %s - %s\n", old_name, new_name,
nt_errstr(result));
} else {
d_printf("Renamed user from %s to %s\n", old_name, new_name);
/* Look up rids */
if (num_rids) {
- rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids);
+ if ((rids = TALLOC_ARRAY(mem_ctx, uint32, num_rids)) == NULL) {
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
for (i = 0; i < num_rids; i++)
rids[i] = user_gids[i].g_rid;
loop_count++;
for (i = 0; i < num_entries; i++) {
- unistr2_to_ascii(user, &(&ctr.sam.info1->str[i])->uni_acct_name, sizeof(user)-1);
+ unistr2_to_ascii(user, &(&ctr.sam.info1->str[i])->uni_acct_name, sizeof(user));
if (opt_long_list_entries)
- unistr2_to_ascii(desc, &(&ctr.sam.info1->str[i])->uni_acct_desc, sizeof(desc)-1);
+ unistr2_to_ascii(desc, &(&ctr.sam.info1->str[i])->uni_acct_desc, sizeof(desc));
if (opt_long_list_entries)
printf("%-21.21s %s\n", user, desc);
return net_run_function(argc, argv, func, rpc_user_usage);
}
+static NTSTATUS rpc_sh_user_list(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ return rpc_user_list_internals(ctx->domain_sid, ctx->domain_name,
+ ctx->cli, pipe_hnd, mem_ctx,
+ argc, argv);
+}
+
+static NTSTATUS rpc_sh_user_info(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ return rpc_user_info_internals(ctx->domain_sid, ctx->domain_name,
+ ctx->cli, pipe_hnd, mem_ctx,
+ argc, argv);
+}
+
+static NTSTATUS rpc_sh_handle_user(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv,
+ NTSTATUS (*fn)(
+ TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ const POLICY_HND *user_hnd,
+ int argc, const char **argv))
+
+{
+ POLICY_HND connect_pol, domain_pol, user_pol;
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ DOM_SID sid;
+ uint32 rid;
+ enum lsa_SidType type;
+
+ if (argc == 0) {
+ d_fprintf(stderr, "usage: %s <username>\n", ctx->whoami);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ ZERO_STRUCT(connect_pol);
+ ZERO_STRUCT(domain_pol);
+ ZERO_STRUCT(user_pol);
+
+ result = net_rpc_lookup_name(mem_ctx, pipe_hnd->cli, argv[0],
+ NULL, NULL, &sid, &type);
+ if (!NT_STATUS_IS_OK(result)) {
+ d_fprintf(stderr, "Could not lookup %s: %s\n", argv[0],
+ nt_errstr(result));
+ goto done;
+ }
+
+ if (type != SID_NAME_USER) {
+ d_fprintf(stderr, "%s is a %s, not a user\n", argv[0],
+ sid_type_lookup(type));
+ result = NT_STATUS_NO_SUCH_USER;
+ goto done;
+ }
+
+ if (!sid_peek_check_rid(ctx->domain_sid, &sid, &rid)) {
+ d_fprintf(stderr, "%s is not in our domain\n", argv[0]);
+ result = NT_STATUS_NO_SUCH_USER;
+ goto done;
+ }
+
+ result = rpccli_samr_connect(pipe_hnd, mem_ctx,
+ MAXIMUM_ALLOWED_ACCESS, &connect_pol);
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ result = rpccli_samr_open_domain(pipe_hnd, mem_ctx, &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ ctx->domain_sid, &domain_pol);
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ result = rpccli_samr_open_user(pipe_hnd, mem_ctx, &domain_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ rid, &user_pol);
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ result = fn(mem_ctx, ctx, pipe_hnd, &user_pol, argc-1, argv+1);
+
+ done:
+ if (is_valid_policy_hnd(&user_pol)) {
+ rpccli_samr_close(pipe_hnd, mem_ctx, &user_pol);
+ }
+ if (is_valid_policy_hnd(&domain_pol)) {
+ rpccli_samr_close(pipe_hnd, mem_ctx, &domain_pol);
+ }
+ if (is_valid_policy_hnd(&connect_pol)) {
+ rpccli_samr_close(pipe_hnd, mem_ctx, &connect_pol);
+ }
+ return result;
+}
+
+static NTSTATUS rpc_sh_user_show_internals(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ const POLICY_HND *user_hnd,
+ int argc, const char **argv)
+{
+ NTSTATUS result;
+ SAM_USERINFO_CTR *ctr;
+ SAM_USER_INFO_21 *info;
+
+ if (argc != 0) {
+ d_fprintf(stderr, "usage: %s show <username>\n", ctx->whoami);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ result = rpccli_samr_query_userinfo(pipe_hnd, mem_ctx, user_hnd,
+ 21, &ctr);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+
+ info = ctr->info.id21;
+
+ d_printf("user rid: %d, group rid: %d\n", info->user_rid,
+ info->group_rid);
+
+ return result;
+}
+
+static NTSTATUS rpc_sh_user_show(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ return rpc_sh_handle_user(mem_ctx, ctx, pipe_hnd, argc, argv,
+ rpc_sh_user_show_internals);
+}
+
+#define FETCHSTR(name, rec) \
+do { if (strequal(ctx->thiscmd, name)) { \
+ oldval = rpcstr_pull_unistr2_talloc(mem_ctx, &usr->uni_##rec); } \
+} while (0);
+
+#define SETSTR(name, rec, flag) \
+do { if (strequal(ctx->thiscmd, name)) { \
+ init_unistr2(&usr->uni_##rec, argv[0], UNI_STR_TERMINATE); \
+ init_uni_hdr(&usr->hdr_##rec, &usr->uni_##rec); \
+ usr->fields_present |= ACCT_##flag; } \
+} while (0);
+
+static NTSTATUS rpc_sh_user_str_edit_internals(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ const POLICY_HND *user_hnd,
+ int argc, const char **argv)
+{
+ NTSTATUS result;
+ SAM_USERINFO_CTR *ctr;
+ SAM_USER_INFO_21 *usr;
+ const char *username;
+ const char *oldval = "";
+
+ if (argc > 1) {
+ d_fprintf(stderr, "usage: %s <username> [new value|NULL]\n",
+ ctx->whoami);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ result = rpccli_samr_query_userinfo(pipe_hnd, mem_ctx, user_hnd,
+ 21, &ctr);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+
+ usr = ctr->info.id21;
+
+ username = rpcstr_pull_unistr2_talloc(mem_ctx, &usr->uni_user_name);
+
+ FETCHSTR("fullname", full_name);
+ FETCHSTR("homedir", home_dir);
+ FETCHSTR("homedrive", dir_drive);
+ FETCHSTR("logonscript", logon_script);
+ FETCHSTR("profilepath", profile_path);
+ FETCHSTR("description", acct_desc);
+
+ if (argc == 0) {
+ d_printf("%s's %s: [%s]\n", username, ctx->thiscmd, oldval);
+ goto done;
+ }
+
+ ZERO_STRUCTP(usr);
+
+ if (strcmp(argv[0], "NULL") == 0) {
+ argv[0] = "";
+ }
+
+ SETSTR("fullname", full_name, FULL_NAME);
+ SETSTR("homedir", home_dir, HOME_DIR);
+ SETSTR("homedrive", dir_drive, HOME_DRIVE);
+ SETSTR("logonscript", logon_script, LOGON_SCRIPT);
+ SETSTR("profilepath", profile_path, PROFILE);
+ SETSTR("description", acct_desc, DESCRIPTION);
+
+ result = rpccli_samr_set_userinfo2(
+ pipe_hnd, mem_ctx, user_hnd, 21,
+ &pipe_hnd->cli->user_session_key, ctr);
+
+ d_printf("Set %s's %s from [%s] to [%s]\n", username,
+ ctx->thiscmd, oldval, argv[0]);
+
+ done:
+
+ return result;
+}
+
+#define HANDLEFLG(name, rec) \
+do { if (strequal(ctx->thiscmd, name)) { \
+ oldval = (oldflags & ACB_##rec) ? "yes" : "no"; \
+ if (newval) { \
+ newflags = oldflags | ACB_##rec; \
+ } else { \
+ newflags = oldflags & ~ACB_##rec; \
+ } } } while (0);
+
+static NTSTATUS rpc_sh_user_str_edit(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ return rpc_sh_handle_user(mem_ctx, ctx, pipe_hnd, argc, argv,
+ rpc_sh_user_str_edit_internals);
+}
+
+static NTSTATUS rpc_sh_user_flag_edit_internals(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ const POLICY_HND *user_hnd,
+ int argc, const char **argv)
+{
+ NTSTATUS result;
+ SAM_USERINFO_CTR *ctr;
+ SAM_USER_INFO_21 *usr;
+ const char *username;
+ const char *oldval = "unknown";
+ uint32 oldflags, newflags;
+ BOOL newval;
+
+ if ((argc > 1) ||
+ ((argc == 1) && !strequal(argv[0], "yes") &&
+ !strequal(argv[0], "no"))) {
+ d_fprintf(stderr, "usage: %s <username> [yes|no]\n",
+ ctx->whoami);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ newval = strequal(argv[0], "yes");
+
+ result = rpccli_samr_query_userinfo(pipe_hnd, mem_ctx, user_hnd,
+ 21, &ctr);
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
+ }
+
+ usr = ctr->info.id21;
+
+ username = rpcstr_pull_unistr2_talloc(mem_ctx, &usr->uni_user_name);
+ oldflags = usr->acb_info;
+ newflags = usr->acb_info;
+
+ HANDLEFLG("disabled", DISABLED);
+ HANDLEFLG("pwnotreq", PWNOTREQ);
+ HANDLEFLG("autolock", AUTOLOCK);
+ HANDLEFLG("pwnoexp", PWNOEXP);
+
+ if (argc == 0) {
+ d_printf("%s's %s flag: %s\n", username, ctx->thiscmd, oldval);
+ goto done;
+ }
+
+ ZERO_STRUCTP(usr);
+
+ usr->acb_info = newflags;
+ usr->fields_present = ACCT_FLAGS;
+
+ result = rpccli_samr_set_userinfo2(
+ pipe_hnd, mem_ctx, user_hnd, 21,
+ &pipe_hnd->cli->user_session_key, ctr);
+
+ if (NT_STATUS_IS_OK(result)) {
+ d_printf("Set %s's %s flag from [%s] to [%s]\n", username,
+ ctx->thiscmd, oldval, argv[0]);
+ }
+
+ done:
+
+ return result;
+}
+
+static NTSTATUS rpc_sh_user_flag_edit(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ return rpc_sh_handle_user(mem_ctx, ctx, pipe_hnd, argc, argv,
+ rpc_sh_user_flag_edit_internals);
+}
+
+struct rpc_sh_cmd *net_rpc_user_edit_cmds(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx)
+{
+ static struct rpc_sh_cmd cmds[] = {
+
+ { "fullname", NULL, PI_SAMR, rpc_sh_user_str_edit,
+ "Show/Set a user's full name" },
+
+ { "homedir", NULL, PI_SAMR, rpc_sh_user_str_edit,
+ "Show/Set a user's home directory" },
+
+ { "homedrive", NULL, PI_SAMR, rpc_sh_user_str_edit,
+ "Show/Set a user's home drive" },
+
+ { "logonscript", NULL, PI_SAMR, rpc_sh_user_str_edit,
+ "Show/Set a user's logon script" },
+
+ { "profilepath", NULL, PI_SAMR, rpc_sh_user_str_edit,
+ "Show/Set a user's profile path" },
+
+ { "description", NULL, PI_SAMR, rpc_sh_user_str_edit,
+ "Show/Set a user's description" },
+
+ { "disabled", NULL, PI_SAMR, rpc_sh_user_flag_edit,
+ "Show/Set whether a user is disabled" },
+
+ { "autolock", NULL, PI_SAMR, rpc_sh_user_flag_edit,
+ "Show/Set whether a user locked out" },
+
+ { "pwnotreq", NULL, PI_SAMR, rpc_sh_user_flag_edit,
+ "Show/Set whether a user does not need a password" },
+
+ { "pwnoexp", NULL, PI_SAMR, rpc_sh_user_flag_edit,
+ "Show/Set whether a user's password does not expire" },
+
+ { NULL, NULL, 0, NULL, NULL }
+ };
+
+ return cmds;
+}
+
+struct rpc_sh_cmd *net_rpc_user_cmds(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx)
+{
+ static struct rpc_sh_cmd cmds[] = {
+
+ { "list", NULL, PI_SAMR, rpc_sh_user_list,
+ "List available users" },
+
+ { "info", NULL, PI_SAMR, rpc_sh_user_info,
+ "List the domain groups a user is member of" },
+
+ { "show", NULL, PI_SAMR, rpc_sh_user_show,
+ "Show info about a user" },
+
+ { "edit", net_rpc_user_edit_cmds, 0, NULL,
+ "Show/Modify a user's fields" },
+
+ { NULL, NULL, 0, NULL, NULL }
+ };
+
+ return cmds;
+}
+
/****************************************************************************/
/**
&connect_pol);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Request samr_connect failed\n");
+ d_fprintf(stderr, "Request samr_connect failed\n");
goto done;
}
domain_sid, &domain_pol);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Request open_domain failed\n");
+ d_fprintf(stderr, "Request open_domain failed\n");
goto done;
}
&name_types);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Lookup of '%s' failed\n",argv[0]);
+ d_fprintf(stderr, "Lookup of '%s' failed\n",argv[0]);
goto done;
}
MAXIMUM_ALLOWED_ACCESS,
group_rids[0], &group_pol);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Request open_group failed");
+ d_fprintf(stderr, "Request open_group failed");
goto done;
}
&group_attrs);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Unable to query group members of %s",argv[0]);
+ d_fprintf(stderr, "Unable to query group members of %s",argv[0]);
goto done;
}
group_rids[i], &user_pol);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Unable to open group member %d\n",group_rids[i]);
+ d_fprintf(stderr, "Unable to open group member %d\n",group_rids[i]);
goto done;
}
21, &user_ctr);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Unable to lookup userinfo for group member %d\n",group_rids[i]);
+ d_fprintf(stderr, "Unable to lookup userinfo for group member %d\n",group_rids[i]);
goto done;
}
if (user_ctr->info.id21->group_rid == group_rid) {
unistr2_to_ascii(temp, &(user_ctr->info.id21)->uni_user_name,
- sizeof(temp)-1);
+ sizeof(temp));
if (opt_verbose)
d_printf("Group is primary group of %s\n",temp);
group_is_primary = True;
}
if (group_is_primary) {
- d_printf("Unable to delete group because some of it's "
- "members have it as primary group\n");
+ d_fprintf(stderr, "Unable to delete group because some "
+ "of it's members have it as primary group\n");
result = NT_STATUS_MEMBERS_PRIMARY_GROUP;
goto done;
}
group_rids[0], &group_pol);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Request open_alias failed\n");
+ d_fprintf(stderr, "Request open_alias failed\n");
goto done;
}
result = rpccli_samr_delete_dom_alias(pipe_hnd, mem_ctx, &group_pol);
break;
default:
- d_printf("%s is of type %s. This command is only for deleting local or global groups\n",
+ d_fprintf(stderr, "%s is of type %s. This command is only for deleting local or global groups\n",
argv[0],sid_type_lookup(name_types[0]));
result = NT_STATUS_UNSUCCESSFUL;
goto done;
if (opt_verbose)
d_printf("Deleted %s '%s'\n",sid_type_lookup(name_types[0]),argv[0]);
} else {
- d_printf("Deleting of %s failed: %s\n",argv[0],
+ d_fprintf(stderr, "Deleting of %s failed: %s\n",argv[0],
get_friendly_nt_error_msg(result));
}
if (NT_STATUS_IS_OK(result))
DEBUG(5, ("add group succeeded\n"));
else
- d_printf("add group failed: %s\n", nt_errstr(result));
+ d_fprintf(stderr, "add group failed: %s\n", nt_errstr(result));
return result;
}
if (NT_STATUS_IS_OK(result))
DEBUG(5, ("add alias succeeded\n"));
else
- d_printf("add alias failed: %s\n", nt_errstr(result));
+ d_fprintf(stderr, "add alias failed: %s\n", nt_errstr(result));
return result;
}
TALLOC_CTX *mem_ctx,
const char *name,
DOM_SID *sid,
- enum SID_NAME_USE *type)
+ enum lsa_SidType *type)
{
DOM_SID *sids = NULL;
- uint32 *types = NULL;
+ enum lsa_SidType *types = NULL;
struct rpc_pipe_client *pipe_hnd;
POLICY_HND lsa_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
}
result = rpccli_lsa_lookup_names(pipe_hnd, mem_ctx, &lsa_pol, 1,
- &name, &sids, &types);
+ &name, NULL, 1, &sids, &types);
if (NT_STATUS_IS_OK(result)) {
sid_copy(sid, &sids[0]);
*type = types[0];
}
- rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol);
+ rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
done:
if (pipe_hnd) {
&num_rids, &rids, &rid_types);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not lookup up group member %s\n", member);
+ d_fprintf(stderr, "Could not lookup up group member %s\n", member);
goto done;
}
POLICY_HND alias_pol;
DOM_SID member_sid;
- enum SID_NAME_USE member_type;
+ enum lsa_SidType member_type;
DOM_SID sid;
&member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not lookup up group member %s\n", member);
+ d_fprintf(stderr, "Could not lookup up group member %s\n", member);
return result;
}
const char **argv)
{
DOM_SID group_sid;
- enum SID_NAME_USE group_type;
+ enum lsa_SidType group_type;
if (argc != 2) {
d_printf("Usage: 'net rpc group addmem <group> <member>\n");
if (!NT_STATUS_IS_OK(get_sid_from_name(cli, mem_ctx, argv[0],
&group_sid, &group_type))) {
- d_printf("Could not lookup group name %s\n", argv[0]);
+ d_fprintf(stderr, "Could not lookup group name %s\n", argv[0]);
return NT_STATUS_UNSUCCESSFUL;
}
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not add %s to %s: %s\n",
+ d_fprintf(stderr, "Could not add %s to %s: %s\n",
argv[1], argv[0], nt_errstr(result));
}
return result;
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not add %s to %s: %s\n",
+ d_fprintf(stderr, "Could not add %s to %s: %s\n",
argv[1], argv[0], nt_errstr(result));
}
return result;
}
- d_printf("Can only add members to global or local groups which "
- "%s is not\n", argv[0]);
+ d_fprintf(stderr, "Can only add members to global or local groups "
+ "which %s is not\n", argv[0]);
return NT_STATUS_UNSUCCESSFUL;
}
&num_rids, &rids, &rid_types);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not lookup up group member %s\n", member);
+ d_fprintf(stderr, "Could not lookup up group member %s\n", member);
goto done;
}
POLICY_HND alias_pol;
DOM_SID member_sid;
- enum SID_NAME_USE member_type;
+ enum lsa_SidType member_type;
DOM_SID sid;
&member_sid, &member_type);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not lookup up group member %s\n", member);
+ d_fprintf(stderr, "Could not lookup up group member %s\n", member);
return result;
}
const char **argv)
{
DOM_SID group_sid;
- enum SID_NAME_USE group_type;
+ enum lsa_SidType group_type;
if (argc != 2) {
d_printf("Usage: 'net rpc group delmem <group> <member>\n");
if (!NT_STATUS_IS_OK(get_sid_from_name(cli, mem_ctx, argv[0],
&group_sid, &group_type))) {
- d_printf("Could not lookup group name %s\n", argv[0]);
+ d_fprintf(stderr, "Could not lookup group name %s\n", argv[0]);
return NT_STATUS_UNSUCCESSFUL;
}
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not del %s from %s: %s\n",
+ d_fprintf(stderr, "Could not del %s from %s: %s\n",
argv[1], argv[0], nt_errstr(result));
}
return result;
&group_sid, argv[1]);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Could not del %s from %s: %s\n",
+ d_fprintf(stderr, "Could not del %s from %s: %s\n",
argv[1], argv[0], nt_errstr(result));
}
return result;
}
- d_printf("Can only delete members from global or local groups which "
- "%s is not\n", argv[0]);
+ d_fprintf(stderr, "Can only delete members from global or local groups "
+ "which %s is not\n", argv[0]);
return NT_STATUS_UNSUCCESSFUL;
}
fstring group, desc;
- unistr2_to_ascii(group, &(&ctr.sam.info3->str[i])->uni_grp_name, sizeof(group)-1);
- unistr2_to_ascii(desc, &(&ctr.sam.info3->str[i])->uni_grp_desc, sizeof(desc)-1);
+ unistr2_to_ascii(group, &(&ctr.sam.info3->str[i])->uni_grp_name, sizeof(group));
+ unistr2_to_ascii(desc, &(&ctr.sam.info3->str[i])->uni_grp_desc, sizeof(desc));
if (opt_long_list_entries)
printf("%-21.21s %-50.50s\n",
DOM_SID *alias_sids;
char **domains;
char **names;
- uint32 *types;
+ enum lsa_SidType *types;
int i;
result = rpccli_samr_open_alias(pipe_hnd, mem_ctx, domain_pol,
&num_members, &alias_sids);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Couldn't list alias members\n");
+ d_fprintf(stderr, "Couldn't list alias members\n");
return result;
}
lsa_pipe = cli_rpc_pipe_open_noauth(pipe_hnd->cli, PI_LSARPC, &result);
if (!lsa_pipe) {
- d_printf("Couldn't open LSA pipe. Error was %s\n",
+ d_fprintf(stderr, "Couldn't open LSA pipe. Error was %s\n",
nt_errstr(result) );
return result;
}
SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Couldn't open LSA policy handle\n");
+ d_fprintf(stderr, "Couldn't open LSA policy handle\n");
cli_rpc_pipe_close(lsa_pipe);
return result;
}
if (!NT_STATUS_IS_OK(result) &&
!NT_STATUS_EQUAL(result, STATUS_SOME_UNMAPPED)) {
- d_printf("Couldn't lookup SIDs\n");
+ d_fprintf(stderr, "Couldn't lookup SIDs\n");
cli_rpc_pipe_close(lsa_pipe);
return result;
}
&sid_Builtin, &domain_pol);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Couldn't find group %s\n", argv[0]);
+ d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
return result;
}
&rids, &rid_types);
if (!NT_STATUS_IS_OK(result)) {
- d_printf("Couldn't find group %s\n", argv[0]);
+ d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
return result;
}
}
if (num_rids != 1) {
- d_printf("Couldn't find group %s\n", argv[0]);
+ d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
return result;
}
1, argv, &num_rids, &rids, &rid_types);
if (num_rids != 1) {
- d_printf("Couldn't find group %s\n", argv[0]);
+ d_fprintf(stderr, "Couldn't find group %s\n", argv[0]);
return result;
}
if (rid_types[0] != SID_NAME_DOM_GRP) {
- d_printf("Can only rename domain groups\n");
+ d_fprintf(stderr, "Can only rename domain groups\n");
return NT_STATUS_UNSUCCESSFUL;
}
const char **argv)
{
WERROR result;
- char *sharename=talloc_strdup(mem_ctx, argv[0]);
+ char *sharename;
char *path;
uint32 type = STYPE_DISKTREE; /* only allow disk shares to be added */
uint32 num_users=0, perms=0;
char *password=NULL; /* don't allow a share password */
uint32 level = 2;
+ if ((sharename = talloc_strdup(mem_ctx, argv[0])) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
path = strchr(sharename, '=');
if (!path)
return NT_STATUS_UNSUCCESSFUL;
opt_comment, perms, opt_maxusers,
num_users, path, password,
level, NULL);
- return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+ return werror_to_ntstatus(result);
}
static int rpc_share_add(int argc, const char **argv)
if (opt_long_list_entries) {
d_printf("%-12s %-8.8s %-50s\n",
- netname, share_type[info1->info_1.type], remark);
+ netname, share_type[info1->info_1.type & ~(STYPE_TEMPORARY|STYPE_HIDDEN)], remark);
} else {
d_printf("%s\n", netname);
}
SRV_SHARE_INFO_1 *info1;
ctr->share.info1 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_1, 1);
+ if (ctr->share.info1 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info1 = ctr->share.info1;
memset(ctr->share.info1, 0, sizeof(SRV_SHARE_INFO_1));
SRV_SHARE_INFO_2 *info2;
ctr->share.info2 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_2, 1);
+ if (ctr->share.info2 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info2 = ctr->share.info2;
memset(ctr->share.info2, 0, sizeof(SRV_SHARE_INFO_2));
SRV_SHARE_INFO_502 *info502;
ctr->share.info502 = TALLOC_ARRAY(mem_ctx, SRV_SHARE_INFO_502, 1);
+ if (ctr->share.info502 == NULL) {
+ result = WERR_NOMEM;
+ goto done;
+ }
info502 = ctr->share.info502;
memset(ctr->share.info502, 0, sizeof(SRV_SHARE_INFO_502));
False);
break;
default:
- d_printf("Unsupported mode %d\n", net_mode_share);
+ d_fprintf(stderr, "Unsupported mode %d\n", net_mode_share);
return;
}
True);
break;
default:
- d_printf("Unsupported file mode %d\n", net_mode_share);
+ d_fprintf(stderr, "Unsupported file mode %d\n", net_mode_share);
return;
}
**/
BOOL sync_files(struct copy_clistate *cp_clistate, pstring mask)
{
+ struct cli_state *targetcli;
+ pstring targetpath;
DEBUG(3,("calling cli_list with mask: %s\n", mask));
- if (cli_list(cp_clistate->cli_share_src, mask, cp_clistate->attribute, copy_fn, cp_clistate) == -1) {
- d_printf("listing %s failed with error: %s\n",
+ if ( !cli_resolve_path( "", cp_clistate->cli_share_src, mask, &targetcli, targetpath ) ) {
+ d_fprintf(stderr, "cli_resolve_path %s failed with error: %s\n",
mask, cli_errstr(cp_clistate->cli_share_src));
return False;
}
+ if (cli_list(targetcli, targetpath, cp_clistate->attribute, copy_fn, cp_clistate) == -1) {
+ d_fprintf(stderr, "listing %s failed with error: %s\n",
+ mask, cli_errstr(targetcli));
+ return False;
+ }
+
return True;
}
False);
break;
default:
- d_printf("Unsupported mode %d\n", net_mode_share);
+ d_fprintf(stderr, "Unsupported mode %d\n", net_mode_share);
break;
}
printf("syncing");
break;
default:
- d_printf("Unsupported mode %d\n", net_mode_share);
+ d_fprintf(stderr, "Unsupported mode %d\n", net_mode_share);
break;
}
printf(" [%s] files and directories %s ACLs, %s DOS Attributes %s\n",
}
if (!copy_top_level_perms(&cp_clistate, netname)) {
- d_printf("Could not handle the top level directory permissions for the share: %s\n", netname);
+ d_fprintf(stderr, "Could not handle the top level directory permissions for the share: %s\n", netname);
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
if (!sync_files(&cp_clistate, mask)) {
- d_printf("could not handle files for share: %s\n", netname);
+ d_fprintf(stderr, "could not handle files for share: %s\n", netname);
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
}
for (i=0; i<num_server_aliases; i++) {
char **names;
char **domains;
- uint32 *types;
+ enum lsa_SidType *types;
int j;
struct full_alias *alias = &server_aliases[i];
DEBUG(1, ("\n"));
}
- rpccli_lsa_close(pipe_hnd, mem_ctx, &lsa_pol);
+ rpccli_lsa_Close(pipe_hnd, mem_ctx, &lsa_pol);
return NT_STATUS_OK;
}
{
token->num_sids = 4;
- token->user_sids = SMB_MALLOC_ARRAY(DOM_SID, 4);
+ if (!(token->user_sids = SMB_MALLOC_ARRAY(DOM_SID, 4))) {
+ d_fprintf(stderr, "malloc failed\n");
+ token->num_sids = 0;
+ return;
+ }
token->user_sids[0] = *user_sid;
sid_copy(&token->user_sids[1], &global_sid_World);
return;
token->user_sids = SMB_REALLOC_ARRAY(token->user_sids, DOM_SID, token->num_sids+1);
+ if (!token->user_sids) {
+ return;
+ }
sid_copy(&token->user_sids[token->num_sids], sid);
}
for (i = 0; i < response.data.num_entries; i++) {
- gid_t gid = ((gid_t *)response.extra_data)[i];
+ gid_t gid = ((gid_t *)response.extra_data.data)[i];
DOM_SID sid;
struct winbindd_request sidrequest;
add_sid_to_token(token, &sid);
}
- SAFE_FREE(response.extra_data);
+ SAFE_FREE(response.extra_data.data);
return True;
}
if (lp_winbind_use_default_domain() &&
(opt_target_workgroup == NULL)) {
- d_printf("winbind use default domain = yes set, please "
- "specify a workgroup\n");
+ d_fprintf(stderr, "winbind use default domain = yes set, "
+ "please specify a workgroup\n");
return False;
}
/* Look through extra data */
- if (!response.extra_data)
+ if (!response.extra_data.data)
return False;
- extra_data = (const char *)response.extra_data;
+ extra_data = (const char *)response.extra_data.data;
*num_tokens = 0;
while(next_token(&extra_data, name, ",", sizeof(fstring))) {
return False;
}
- extra_data = (const char *)response.extra_data;
+ extra_data = (const char *)response.extra_data.data;
i=0;
while(next_token(&extra_data, name, ",", sizeof(fstring))) {
i+=1;
}
- SAFE_FREE(response.extra_data);
+ SAFE_FREE(response.extra_data.data);
*user_tokens = result;
share_list->num_shares += 1;
share_list->shares = SMB_REALLOC_ARRAY(share_list->shares, char *, share_list->num_shares);
+ if (!share_list->shares) {
+ share_list->num_shares = 0;
+ return;
+ }
share_list->shares[share_list->num_shares-1] = SMB_STRDUP(name);
}
return net_run_function(argc, argv, func, rpc_share_usage);
}
+static NTSTATUS rpc_sh_share_list(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ return rpc_share_list_internals(ctx->domain_sid, ctx->domain_name,
+ ctx->cli, pipe_hnd, mem_ctx,
+ argc, argv);
+}
+
+static NTSTATUS rpc_sh_share_add(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ WERROR result;
+
+ if ((argc < 2) || (argc > 3)) {
+ d_fprintf(stderr, "usage: %s <share> <path> [comment]\n",
+ ctx->whoami);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ result = rpccli_srvsvc_net_share_add(
+ pipe_hnd, mem_ctx, argv[0], STYPE_DISKTREE,
+ (argc == 3) ? argv[2] : "",
+ 0, 0, 0, argv[1], NULL, 2, NULL);
+
+ return werror_to_ntstatus(result);
+}
+
+static NTSTATUS rpc_sh_share_delete(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ WERROR result;
+
+ if (argc != 1) {
+ d_fprintf(stderr, "usage: %s <share>\n", ctx->whoami);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ result = rpccli_srvsvc_net_share_del(pipe_hnd, mem_ctx, argv[0]);
+ return werror_to_ntstatus(result);
+}
+
+static NTSTATUS rpc_sh_share_info(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx,
+ struct rpc_pipe_client *pipe_hnd,
+ int argc, const char **argv)
+{
+ SRV_SHARE_INFO info;
+ SRV_SHARE_INFO_2 *info2 = &info.share.info2;
+ WERROR result;
+
+ if (argc != 1) {
+ d_fprintf(stderr, "usage: %s <share>\n", ctx->whoami);
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ result = rpccli_srvsvc_net_share_get_info(
+ pipe_hnd, mem_ctx, argv[0], 2, &info);
+ if (!W_ERROR_IS_OK(result)) {
+ goto done;
+ }
+
+ d_printf("Name: %s\n",
+ rpcstr_pull_unistr2_talloc(mem_ctx,
+ &info2->info_2_str.uni_netname));
+ d_printf("Comment: %s\n",
+ rpcstr_pull_unistr2_talloc(mem_ctx,
+ &info2->info_2_str.uni_remark));
+
+ d_printf("Path: %s\n",
+ rpcstr_pull_unistr2_talloc(mem_ctx,
+ &info2->info_2_str.uni_path));
+ d_printf("Password: %s\n",
+ rpcstr_pull_unistr2_talloc(mem_ctx,
+ &info2->info_2_str.uni_passwd));
+
+ done:
+ return werror_to_ntstatus(result);
+}
+
+struct rpc_sh_cmd *net_rpc_share_cmds(TALLOC_CTX *mem_ctx,
+ struct rpc_sh_ctx *ctx)
+{
+ static struct rpc_sh_cmd cmds[] = {
+
+ { "list", NULL, PI_SRVSVC, rpc_sh_share_list,
+ "List available shares" },
+
+ { "add", NULL, PI_SRVSVC, rpc_sh_share_add,
+ "Add a share" },
+
+ { "delete", NULL, PI_SRVSVC, rpc_sh_share_delete,
+ "Delete a share" },
+
+ { "info", NULL, PI_SRVSVC, rpc_sh_share_info,
+ "Get information about a share" },
+
+ { NULL, NULL, 0, NULL, NULL }
+ };
+
+ return cmds;
+}
+
/****************************************************************************/
static int rpc_file_usage(int argc, const char **argv)
int argc,
const char **argv)
{
- WERROR result;
- result = rpccli_srvsvc_net_file_close(pipe_hnd, mem_ctx, atoi(argv[0]));
- return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+ return rpccli_srvsvc_NetFileClose(pipe_hnd, mem_ctx,
+ pipe_hnd->cli->desthost,
+ atoi(argv[0]));
}
/**
* @param str3 strings for FILE_INFO_3
**/
-static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3)
+static void display_file_info_3( FILE_INFO_3 *info3 )
{
fstring user = "", path = "";
- rpcstr_pull_unistr2_fstring(user, &str3->uni_user_name);
- rpcstr_pull_unistr2_fstring(path, &str3->uni_path_name);
+ rpcstr_pull_unistr2_fstring(user, info3->user);
+ rpcstr_pull_unistr2_fstring(path, info3->path);
d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
info3->id, user, info3->perms, info3->num_locks, path);
"\nFileId Opened by Perms Locks Path"\
"\n------ --------- ----- ----- ---- \n");
for (i = 0; i < ctr.num_entries; i++)
- display_file_info_3(&ctr.file.info3[i].info_3,
- &ctr.file.info3[i].info_3_str);
+ display_file_info_3(&ctr.file.info3[i]);
done:
return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- result = rpccli_shutdown_abort(pipe_hnd, mem_ctx);
+ result = rpccli_initshutdown_Abort(pipe_hnd, mem_ctx, NULL);
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown successfully aborted\n");
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
- result = werror_to_ntstatus(rpccli_reg_abort_shutdown(pipe_hnd, mem_ctx));
+ result = rpccli_winreg_AbortSystemShutdown(pipe_hnd, mem_ctx, NULL);
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown successfully aborted\n");
static int rpc_shutdown_abort(int argc, const char **argv)
{
- int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0,
+ int rc = run_rpc_command(NULL, PI_INITSHUTDOWN, 0,
rpc_shutdown_abort_internals,
argc, argv);
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
+ struct initshutdown_String msg_string;
+ struct initshutdown_String_sub s;
if (opt_comment) {
msg = opt_comment;
timeout = opt_timeout;
}
+ s.name = msg;
+ msg_string.name = &s;
+
/* create an entry */
- result = rpccli_shutdown_init(pipe_hnd, mem_ctx, msg, timeout, opt_reboot,
- opt_force);
+ result = rpccli_initshutdown_Init(pipe_hnd, mem_ctx, NULL,
+ &msg_string, timeout, opt_force, opt_reboot);
if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
int argc,
const char **argv)
{
- WERROR result;
const char *msg = "This machine will be shutdown shortly";
uint32 timeout = 20;
-#if 0
- poptContext pc;
- int rc;
-
- struct poptOption long_options[] = {
- {"message", 'm', POPT_ARG_STRING, &msg},
- {"timeout", 't', POPT_ARG_INT, &timeout},
- {"reboot", 'r', POPT_ARG_NONE, &reboot},
- {"force", 'f', POPT_ARG_NONE, &force},
- { 0, 0, 0, 0}
- };
-
- pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
- POPT_CONTEXT_KEEP_FIRST);
+ struct initshutdown_String msg_string;
+ struct initshutdown_String_sub s;
+ NTSTATUS result;
- rc = poptGetNextOpt(pc);
-
- if (rc < -1) {
- /* an error occurred during option processing */
- DEBUG(0, ("%s: %s\n",
- poptBadOption(pc, POPT_BADOPTION_NOALIAS),
- poptStrerror(rc)));
- return NT_STATUS_INVALID_PARAMETER;
- }
-#endif
if (opt_comment) {
msg = opt_comment;
}
+ s.name = msg;
+ msg_string.name = &s;
+
if (opt_timeout) {
timeout = opt_timeout;
}
/* create an entry */
- result = rpccli_reg_shutdown(pipe_hnd, mem_ctx, msg, timeout, opt_reboot, opt_force);
+ result = rpccli_winreg_InitiateSystemShutdown(pipe_hnd, mem_ctx, NULL,
+ &msg_string, timeout, opt_force, opt_reboot);
- if (W_ERROR_IS_OK(result)) {
+ if (NT_STATUS_IS_OK(result)) {
d_printf("\nShutdown of remote machine succeeded\n");
} else {
- d_printf("\nShutdown of remote machine failed\n");
- if (W_ERROR_EQUAL(result,WERR_MACHINE_LOCKED))
- d_printf("\nMachine locked, use -f switch to force\n");
+ d_fprintf(stderr, "\nShutdown of remote machine failed\n");
+ if ( W_ERROR_EQUAL(ntstatus_to_werror(result),WERR_MACHINE_LOCKED) )
+ d_fprintf(stderr, "\nMachine locked, use -f switch to force\n");
else
- d_printf("\nresult was: %s\n", dos_errstr(result));
+ d_fprintf(stderr, "\nresult was: %s\n", nt_errstr(result));
}
- return werror_to_ntstatus(result);
+ return result;
}
/**
static int rpc_shutdown(int argc, const char **argv)
{
- int rc = run_rpc_command(NULL, PI_SHUTDOWN, 0,
+ int rc = run_rpc_command(NULL, PI_INITSHUTDOWN, 0,
rpc_init_shutdown_internals,
argc, argv);
POLICY_HND connect_pol, domain_pol, user_pol;
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
char *acct_name;
- uint16 acb_info;
+ uint32 acb_info;
uint32 unknown, user_rid;
if (argc != 2) {
strupper_m(acct_name);
- names = TALLOC_ARRAY(mem_ctx, const char *, 1);
+ if ((names = TALLOC_ARRAY(mem_ctx, const char *, 1)) == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
names[0] = acct_name;
TALLOC_CTX *mem_ctx;
NTSTATUS nt_status;
DOM_SID *domain_sid;
- smb_ucs2_t *uni_domain_name;
char* domain_name;
char* domain_name_pol;
nt_errstr(nt_status)));
return -1;
}
+
+ /* store who we connected to */
+
+ saf_store( domain_name, pdc_name );
/*
* Connect to \\server\ipc$ again (this time anonymously)
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't connect to domain %s controller. Error was %s.\n",
domain_name, nt_errstr(nt_status)));
+ return -1;
}
/*
if (!cli_get_pdc_name(cli, domain_name, (char*)pdc_name)) {
DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\
for domain %s\n", domain_name));
+ cli_shutdown(cli);
+ return -1;
}
if (!(mem_ctx = talloc_init("establishing trust relationship to "
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) ));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
- return -1;
- }
-
- if (push_ucs2_talloc(mem_ctx, &uni_domain_name, domain_name_pol) == (size_t)-1) {
- DEBUG(0, ("Could not convert domain name %s to unicode\n",
- domain_name_pol));
- cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
* Store the password in secrets db
*/
- if (!secrets_store_trusted_domain_password(domain_name,
- uni_domain_name,
- strlen_w(uni_domain_name)+1,
- opt_password,
- *domain_sid)) {
+ if (!pdb_set_trusteddom_pw(domain_name, opt_password, domain_sid)) {
DEBUG(0, ("Storing password for trusted domain failed.\n"));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
* Close the pipes and clean up
*/
- nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
static int rpc_trustdom_revoke(int argc, const char **argv)
{
char* domain_name;
+ int rc = -1;
if (argc < 1) return -1;
strupper_m(domain_name);
/* delete password of the trust */
- if (!trusted_domain_password_delete(domain_name)) {
+ if (!pdb_del_trusteddom_pw(domain_name)) {
DEBUG(0, ("Failed to revoke relationship to the trusted domain %s\n",
domain_name));
- return -1;
+ goto done;
};
- return 0;
+ rc = 0;
+done:
+ SAFE_FREE(domain_name);
+ return rc;
}
/**
LSA_TRUSTED_DOMAIN_INFO *info;
char *cleartextpwd = NULL;
DATA_BLOB data;
- smb_ucs2_t *uni_dom_name;
nt_status = rpccli_lsa_query_trusted_domain_info_by_sid(pipe_hnd, mem_ctx, pol, 4, &dom_sid, &info);
goto done;
}
- if (push_ucs2_talloc(mem_ctx, &uni_dom_name, trusted_dom_name) == (size_t)-1) {
- DEBUG(0, ("Could not convert domain name %s to unicode\n",
- trusted_dom_name));
- nt_status = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
- if (!secrets_store_trusted_domain_password(trusted_dom_name,
- uni_dom_name,
- strlen_w(uni_dom_name)+1,
- cleartextpwd,
- dom_sid)) {
+ if (!pdb_set_trusteddom_pw(trusted_dom_name, cleartextpwd, &dom_sid)) {
DEBUG(0, ("Storing password for trusted domain failed.\n"));
nt_status = NT_STATUS_UNSUCCESSFUL;
goto done;
};
/* open \PIPE\lsarpc and open policy handle */
- if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) {
- DEBUG(0, ("Couldn't connect to domain controller\n"));
+ nt_status = net_make_ipc_connection(NET_FLAGS_PDC, &cli);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Couldn't connect to domain controller: %s\n",
+ nt_errstr(nt_status)));
+ talloc_destroy(mem_ctx);
return -1;
};
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
nt_errstr(nt_status) ));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
domain_sids[i], trusted_dom_names[i]);
if (!NT_STATUS_IS_OK(nt_status)) {
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
};
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close this connection before doing next one */
- nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
};
/* open \PIPE\lsarpc and open policy handle */
- if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) {
- DEBUG(0, ("Couldn't connect to domain controller\n"));
+ nt_status = net_make_ipc_connection(NET_FLAGS_PDC, &cli);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(0, ("Couldn't connect to domain controller: %s\n",
+ nt_errstr(nt_status)));
+ talloc_destroy(mem_ctx);
return -1;
};
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n",
nt_errstr(nt_status) ));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
}
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
} while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
/* close this connection before doing next one */
- nt_status = rpccli_lsa_close(pipe_hnd, mem_ctx, &connect_hnd);
+ nt_status = rpccli_lsa_Close(pipe_hnd, mem_ctx, &connect_hnd);
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &nt_status);
if (!pipe_hnd) {
DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(0, ("Couldn't open domain object. Error was %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
if (NT_STATUS_IS_ERR(nt_status)) {
DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n",
nt_errstr(nt_status)));
+ cli_shutdown(cli);
+ talloc_destroy(mem_ctx);
return -1;
};
d_printf("%s%s", trusting_dom_names[i], padding);
/* connect to remote domain controller */
- remote_cli = net_make_ipc_connection(NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS);
- if (remote_cli) {
+ nt_status = net_make_ipc_connection(
+ NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS,
+ &remote_cli);
+ if (NT_STATUS_IS_OK(nt_status)) {
/* query for domain's sid */
if (run_rpc_command(remote_cli, PI_LSARPC, 0, rpc_query_domain_sid, argc, argv))
- d_printf("couldn't get domain's sid\n");
+ d_fprintf(stderr, "couldn't get domain's sid\n");
cli_shutdown(remote_cli);
} else {
- d_printf("domain controller is not responding\n");
+ d_fprintf(stderr, "domain controller is not "
+ "responding: %s\n",
+ nt_errstr(nt_status));
};
};
*/
BOOL net_rpc_check(unsigned flags)
{
- struct cli_state cli;
+ struct cli_state *cli;
BOOL ret = False;
struct in_addr server_ip;
char *server_name = NULL;
+ NTSTATUS status;
/* flags (i.e. server type) may depend on command */
- if (!net_find_server(flags, &server_ip, &server_name))
+ if (!net_find_server(NULL, flags, &server_ip, &server_name))
return False;
- ZERO_STRUCT(cli);
- if (cli_initialise(&cli) == False)
+ if ((cli = cli_initialise()) == NULL) {
return False;
+ }
- if (!cli_connect(&cli, server_name, &server_ip))
+ status = cli_connect(cli, server_name, &server_ip);
+ if (!NT_STATUS_IS_OK(status))
goto done;
if (!attempt_netbios_session_request(&cli, global_myname(),
server_name, &server_ip))
goto done;
- if (!cli_negprot(&cli))
+ if (!cli_negprot(cli))
goto done;
- if (cli.protocol < PROTOCOL_NT1)
+ if (cli->protocol < PROTOCOL_NT1)
goto done;
ret = True;
done:
- cli_shutdown(&cli);
+ cli_shutdown(cli);
return ret;
}
{
d_printf(" net rpc info \t\t\tshow basic info about a domain \n");
d_printf(" net rpc join \t\t\tto join a domain \n");
- d_printf(" net rpc oldjoin \t\t\tto join a domain created in server manager\n");
+ d_printf(" net rpc oldjoin \t\tto join a domain created in server manager\n");
d_printf(" net rpc testjoin \t\ttests that a join is valid\n");
d_printf(" net rpc user \t\t\tto add, delete and list users\n");
d_printf(" net rpc password <username> [<password>] -Uadmin_username%%admin_pass\n");
d_printf(" net rpc changetrustpw \tto change the trust account password\n");
d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n");
d_printf(" net rpc vampire \t\tsyncronise an NT PDC's users and groups into the local passdb\n");
- d_printf(" net rpc samdump \t\tdiplay an NT PDC's users, groups and other data\n");
+ d_printf(" net rpc samdump \t\tdisplay an NT PDC's users, groups and other data\n");
d_printf(" net rpc trustdom \t\tto create trusting domain's account or establish trust\n");
d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n");
d_printf(" net rpc shutdown \t\tto shutdown a remote server\n");
d_printf(" net rpc rights\t\tto manage privileges assigned to SIDs\n");
d_printf(" net rpc registry\t\tto manage registry hives\n");
d_printf(" net rpc service\t\tto start, stop and query services\n");
+ d_printf(" net rpc audit\t\t\tto modify global auditing settings\n");
+ d_printf(" net rpc shell\t\t\tto open an interactive shell for remote server/account management\n");
d_printf("\n");
d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */
d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n");
return (net_run_function(argc, argv, func, rpc_user_usage));
}
-
/**
* 'net rpc' entrypoint.
* @param argc Standard main() style argc
int net_rpc(int argc, const char **argv)
{
struct functable func[] = {
+ {"audit", net_rpc_audit},
{"info", net_rpc_info},
{"join", net_rpc_join},
{"oldjoin", net_rpc_oldjoin},
{"rights", net_rpc_rights},
{"service", net_rpc_service},
{"registry", net_rpc_registry},
+ {"shell", net_rpc_shell},
{"help", net_rpc_help},
{NULL, NULL}
};