2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2001 Steve French (sfrench@us.ibm.com)
5 Copyright (C) 2001 Jim McDonough (jmcd@us.ibm.com)
6 Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
7 Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org)
8 Copyright (C) 2008 Kai Blin (kai@samba.org)
10 Originally written by Steve and Jim. Largely rewritten by tridge in
13 Reworked again by abartlet in December 2001
15 Another overhaul, moving functionality into plug-ins loaded on demand by Kai
18 This program is free software; you can redistribute it and/or modify
19 it under the terms of the GNU General Public License as published by
20 the Free Software Foundation; either version 3 of the License, or
21 (at your option) any later version.
23 This program is distributed in the hope that it will be useful,
24 but WITHOUT ANY WARRANTY; without even the implied warranty of
25 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
26 GNU General Public License for more details.
28 You should have received a copy of the GNU General Public License
29 along with this program. If not, see <http://www.gnu.org/licenses/>. */
31 /*****************************************************/
33 /* Distributed SMB/CIFS Server Management Utility */
35 /* The intent was to make the syntax similar */
36 /* to the NET utility (first developed in DOS */
37 /* with additional interesting & useful functions */
38 /* added in later SMB server network operating */
41 /*****************************************************/
44 #include "popt_common_cmdline.h"
45 #include "utils/net.h"
47 #include "lib/netapi/netapi.h"
48 #include "../libcli/security/security.h"
51 #include "cmdline_contexts.h"
52 #include "lib/gencache.h"
53 #include "auth/credentials/credentials.h"
54 #include "source3/utils/passwd_proto.h"
56 #ifdef WITH_FAKE_KASERVER
57 #include "utils/net_afs.h"
60 /***********************************************************************/
61 /* end of internationalization section */
62 /***********************************************************************/
64 enum netr_SchannelType
get_sec_channel_type(const char *param
)
66 if (!(param
&& *param
)) {
67 return get_default_sec_channel();
69 if (strequal(param
, "PDC")) {
71 } else if (strequal(param
, "BDC")) {
73 } else if (strequal(param
, "MEMBER")) {
74 return SEC_CHAN_WKSTA
;
76 } else if (strequal(param
, "DOMAIN")) {
77 return SEC_CHAN_DOMAIN
;
80 return get_default_sec_channel();
85 static int net_changetrustpw(struct net_context
*c
, int argc
, const char **argv
)
87 if (net_ads_check_our_domain(c
) == 0)
88 return net_ads_changetrustpw(c
, argc
, argv
);
90 return net_rpc_changetrustpw(c
, argc
, argv
);
93 static void set_line_buffering(FILE *f
)
95 setvbuf(f
, NULL
, _IOLBF
, 0);
98 static int net_primarytrust_dumpinfo(struct net_context
*c
, int argc
,
101 int role
= lp_server_role();
102 const char *domain
= lp_workgroup();
103 struct secrets_domain_info1
*info
= NULL
;
104 bool include_secrets
= c
->opt_force
;
108 if (role
>= ROLE_ACTIVE_DIRECTORY_DC
) {
109 d_printf(_("net primarytrust dumpinfo is only supported "
110 "on a DOMAIN_MEMBER for now.\n"));
115 set_line_buffering(stdin
);
116 set_line_buffering(stdout
);
117 set_line_buffering(stderr
);
120 status
= secrets_fetch_or_upgrade_domain_info(domain
,
123 if (!NT_STATUS_IS_OK(status
)) {
125 _("Unable to fetch the information for domain[%s] "
126 "in the secrets database.\n"),
131 str
= secrets_domain_info_string(info
, info
, domain
, include_secrets
);
133 d_fprintf(stderr
, "secrets_domain_info_string() failed.\n");
139 d_printf(_("The password values are only included using "
148 * Entrypoint for 'net primarytrust' code.
150 * @param argc Standard argc.
151 * @param argv Standard argv without initial components.
153 * @return Integer status (0 means success).
156 static int net_primarytrust(struct net_context
*c
, int argc
, const char **argv
)
158 struct functable func
[] = {
160 .funcname
= "dumpinfo",
161 .fn
= net_primarytrust_dumpinfo
,
162 .valid_transports
= NET_TRANSPORT_LOCAL
,
163 .description
= N_("Dump the details of the "
164 "workstation trust"),
165 .usage
= N_(" net [options] primarytrust "
167 " Dump the details of the "
168 "workstation trust in "
170 " Requires the -f flag to "
171 "include the password values."),
178 return net_run_function(c
, argc
, argv
, "net primarytrust", func
);
181 static int net_changesecretpw(struct net_context
*c
, int argc
,
185 int role
= lp_server_role();
187 if (role
!= ROLE_DOMAIN_MEMBER
) {
188 d_printf(_("Machine account password change only supported on a DOMAIN_MEMBER.\n"
189 "Do NOT use this function unless you know what it does!\n"
190 "This function will change the ADS Domain member "
191 "machine account password in the secrets.tdb file!\n"));
196 struct secrets_domain_info1
*info
= NULL
;
197 struct secrets_domain_info1_change
*prev
= NULL
;
199 struct timeval tv
= timeval_current();
200 NTTIME now
= timeval_to_nttime(&tv
);
203 set_line_buffering(stdin
);
204 set_line_buffering(stdout
);
205 set_line_buffering(stderr
);
208 trust_pw
= get_pass(_("Enter machine password: "), c
->opt_stdin
);
209 if (trust_pw
== NULL
) {
211 _("Error in reading machine password\n"));
215 status
= secrets_prepare_password_change(lp_workgroup(),
220 if (!NT_STATUS_IS_OK(status
)) {
222 _("Unable to write the machine account password in the secrets database"));
227 _("Pending machine account password change found - aborting."));
228 status
= secrets_failed_password_change("localhost",
229 NT_STATUS_REQUEST_NOT_ACCEPTED
,
230 NT_STATUS_NOT_COMMITTED
,
232 if (!NT_STATUS_IS_OK(status
)) {
234 _("Failed to abort machine account password change"));
238 status
= secrets_finish_password_change("localhost", now
, info
);
239 if (!NT_STATUS_IS_OK(status
)) {
241 _("Unable to write the machine account password in the secrets database"));
245 d_printf(_("Modified trust account password in secrets database\n"));
248 d_printf(_("Machine account password change requires the -f flag.\n"
249 "Do NOT use this function unless you know what it does!\n"
250 "This function will change the ADS Domain member "
251 "machine account password in the secrets.tdb file!\n"));
258 * @brief Set the authorised user for winbindd access in secrets.tdb
260 static int net_setauthuser(struct net_context
*c
, int argc
, const char **argv
)
262 const char *password
= NULL
;
264 if (!secrets_init()) {
265 d_fprintf(stderr
, _("Failed to open secrets.tdb.\n"));
269 /* Delete the settings. */
271 if (strncmp(argv
[0], "delete", 6) != 0) {
272 d_fprintf(stderr
,_("Usage:\n"));
274 _(" net setauthuser -U user[%%password] \n"
275 " Set the auth user account to user"
276 "password. Prompt for password if not "
279 _(" net setauthuser delete\n"
280 " Delete the auth user setting.\n"));
283 secrets_delete_entry(SECRETS_AUTH_USER
);
284 secrets_delete_entry(SECRETS_AUTH_DOMAIN
);
285 secrets_delete_entry(SECRETS_AUTH_PASSWORD
);
289 if (!c
->opt_user_specified
) {
290 d_fprintf(stderr
, _("Usage:\n"));
292 _(" net setauthuser -U user[%%password]\n"
293 " Set the auth user account to user"
294 "password. Prompt for password if not "
297 _(" net setauthuser delete\n"
298 " Delete the auth user setting.\n"));
302 password
= net_prompt_pass(c
, _("the auth user"));
303 if (password
== NULL
) {
304 d_fprintf(stderr
,_("Failed to get the auth users password.\n"));
308 if (!secrets_store(SECRETS_AUTH_USER
, c
->opt_user_name
,
309 strlen(c
->opt_user_name
) + 1)) {
310 d_fprintf(stderr
, _("error storing auth user name\n"));
314 if (!secrets_store(SECRETS_AUTH_DOMAIN
, c
->opt_workgroup
,
315 strlen(c
->opt_workgroup
) + 1)) {
316 d_fprintf(stderr
, _("error storing auth user domain\n"));
320 if (!secrets_store(SECRETS_AUTH_PASSWORD
, password
,
321 strlen(password
) + 1)) {
322 d_fprintf(stderr
, _("error storing auth user password\n"));
330 * @brief Get the auth user settings
332 static int net_getauthuser(struct net_context
*c
, int argc
, const char **argv
)
334 char *user
, *domain
, *password
;
336 /* Lift data from secrets file */
338 secrets_fetch_ipc_userpass(&user
, &domain
, &password
);
340 if ((!user
|| !*user
) && (!domain
|| !*domain
) &&
341 (!password
|| !*password
)){
346 d_printf(_("No authorised user configured\n"));
350 /* Pretty print authorised user info */
352 d_printf("%s%s%s%s%s\n", domain
? domain
: "",
353 domain
? lp_winbind_separator(): "", user
,
354 password
? "%" : "", password
? password
: "");
363 Retrieve our local SID or the SID for the specified name
365 static int net_getlocalsid(struct net_context
*c
, int argc
, const char **argv
)
369 struct dom_sid_buf sid_str
;
375 name
= lp_netbios_name();
378 if(!initialize_password_db(false, NULL
)) {
379 d_fprintf(stderr
, _("WARNING: Could not open passdb\n"));
383 /* first check to see if we can even access secrets, so we don't
384 panic when we can't. */
386 if (!secrets_init()) {
388 _("Unable to open secrets.tdb. Can't fetch domain "
389 "SID for name: %s\n"), name
);
393 /* Generate one, if it doesn't exist */
394 get_global_sam_sid();
396 if (!secrets_fetch_domain_sid(name
, &sid
)) {
397 DEBUG(0, ("Can't fetch domain SID for name: %s\n", name
));
400 d_printf(_("SID for domain %s is: %s\n"),
402 dom_sid_str_buf(&sid
, &sid_str
));
406 static int net_setlocalsid(struct net_context
*c
, int argc
, const char **argv
)
411 || (strncmp(argv
[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
412 || (!string_to_sid(&sid
, argv
[0]))
413 || (sid
.num_auths
!= 4)) {
414 d_printf(_("Usage:"));
415 d_printf(" net setlocalsid S-1-5-21-x-y-z\n");
419 if (!secrets_store_domain_sid(lp_netbios_name(), &sid
)) {
420 DEBUG(0,("Can't store domain SID as a pdc/bdc.\n"));
427 static int net_setdomainsid(struct net_context
*c
, int argc
, const char **argv
)
432 || (strncmp(argv
[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
433 || (!string_to_sid(&sid
, argv
[0]))
434 || (sid
.num_auths
!= 4)) {
435 d_printf(_("Usage:"));
436 d_printf(" net setdomainsid S-1-5-21-x-y-z\n");
440 if (!secrets_store_domain_sid(lp_workgroup(), &sid
)) {
441 DEBUG(0,("Can't store domain SID.\n"));
448 static int net_getdomainsid(struct net_context
*c
, int argc
, const char **argv
)
450 struct dom_sid domain_sid
;
451 struct dom_sid_buf sid_str
;
454 d_printf(_("Usage:"));
455 d_printf(" net getdomainsid\n");
459 if(!initialize_password_db(false, NULL
)) {
460 d_fprintf(stderr
, _("WARNING: Could not open passdb\n"));
464 /* first check to see if we can even access secrets, so we don't
465 panic when we can't. */
467 if (!secrets_init()) {
468 d_fprintf(stderr
, _("Unable to open secrets.tdb. Can't fetch "
469 "domain SID for name: %s\n"),
470 get_global_sam_name());
474 /* Generate one, if it doesn't exist */
475 get_global_sam_sid();
478 if (!secrets_fetch_domain_sid(lp_netbios_name(), &domain_sid
)) {
479 d_fprintf(stderr
, _("Could not fetch local SID\n"));
482 d_printf(_("SID for local machine %s is: %s\n"),
484 dom_sid_str_buf(&domain_sid
, &sid_str
));
486 if (!secrets_fetch_domain_sid(c
->opt_workgroup
, &domain_sid
)) {
487 d_fprintf(stderr
, _("Could not fetch domain SID\n"));
491 d_printf(_("SID for domain %s is: %s\n"),
493 dom_sid_str_buf(&domain_sid
, &sid_str
));
498 static bool search_maxrid(struct pdb_search
*search
, const char *type
,
501 struct samr_displayentry
*entries
;
502 uint32_t i
, num_entries
;
504 if (search
== NULL
) {
505 d_fprintf(stderr
, _("get_maxrid: Could not search %s\n"), type
);
509 num_entries
= pdb_search_entries(search
, 0, 0xffffffff, &entries
);
510 for (i
=0; i
<num_entries
; i
++)
511 *max_rid
= MAX(*max_rid
, entries
[i
].rid
);
516 static uint32_t get_maxrid(void)
518 uint32_t max_rid
= 0;
520 if (!search_maxrid(pdb_search_users(talloc_tos(), 0), "users", &max_rid
))
523 if (!search_maxrid(pdb_search_groups(talloc_tos()), "groups", &max_rid
))
526 if (!search_maxrid(pdb_search_aliases(talloc_tos(),
527 get_global_sam_sid()),
528 "aliases", &max_rid
))
534 static int net_maxrid(struct net_context
*c
, int argc
, const char **argv
)
539 d_fprintf(stderr
, "%s net maxrid\n", _("Usage:"));
543 if ((rid
= get_maxrid()) == 0) {
544 d_fprintf(stderr
, _("can't get current maximum rid\n"));
548 d_printf(_("Currently used maximum rid: %d\n"), rid
);
553 /* main function table */
554 static struct functable net_func
[] = {
559 N_("Run functions using RPC transport"),
560 N_(" Use 'net help rpc' to get more extensive information "
561 "about 'net rpc' commands.")
567 N_("Run functions using RAP transport"),
568 N_(" Use 'net help rap' to get more extensive information "
569 "about 'net rap' commands.")
575 N_("Run functions using ADS transport"),
576 N_(" Use 'net help ads' to get more extensive information "
577 "about 'net ads' commands.")
580 /* eventually these should auto-choose the transport ... */
584 NET_TRANSPORT_RPC
| NET_TRANSPORT_RAP
,
585 N_("Functions on remote opened files"),
586 N_(" Use 'net help file' to get more information about 'net "
592 NET_TRANSPORT_RPC
| NET_TRANSPORT_RAP
,
593 N_("Functions on shares"),
594 N_(" Use 'net help share' to get more information about 'net "
601 N_("Manage sessions"),
602 N_(" Use 'net help session' to get more information about "
603 "'net session' commands.")
609 N_("List servers in workgroup"),
610 N_(" Use 'net help server' to get more information about 'net "
617 N_("List domains/workgroups on network"),
618 N_(" Use 'net help domain' to get more information about 'net "
625 N_("Modify printer queue"),
626 N_(" Use 'net help printq' to get more information about 'net "
632 NET_TRANSPORT_ADS
| NET_TRANSPORT_RPC
| NET_TRANSPORT_RAP
,
634 N_(" Use 'net help user' to get more information about 'net "
640 NET_TRANSPORT_ADS
| NET_TRANSPORT_RPC
| NET_TRANSPORT_RAP
,
642 N_(" Use 'net help group' to get more information about 'net "
649 N_("Manage group mappings"),
650 N_(" Use 'net help groupmap' to get more information about "
651 "'net groupmap' commands.")
657 N_("Functions on the SAM database"),
658 N_(" Use 'net help sam' to get more information about 'net "
665 N_("Validate username and password"),
666 N_(" Use 'net help validate' to get more information about "
667 "'net validate' commands.")
673 N_("Modify group memberships"),
674 N_(" Use 'net help groupmember' to get more information about "
675 "'net groupmember' commands.")
680 N_("Execute remote command on a remote OS/2 server"),
681 N_(" Use 'net help admin' to get more information about 'net "
687 N_("List/modify running services"),
688 N_(" Use 'net help service' to get more information about "
689 "'net service' commands.")
695 N_("Change user password on target server"),
696 N_(" Use 'net help password' to get more information about "
697 "'net password' commands.")
703 N_("Run functions related to the primary workstation trust."),
704 N_(" Use 'net help primarytrust' to get more extensive information "
705 "about 'net primarytrust' commands.")
709 NET_TRANSPORT_ADS
| NET_TRANSPORT_RPC
,
710 N_("Change the trust password"),
711 N_(" Use 'net help changetrustpw' to get more information "
712 "about 'net changetrustpw'.")
717 N_("Change the secret password"),
718 N_(" net [options] changesecretpw\n"
719 " Change the ADS domain member machine account password "
721 " Do NOT use this function unless you know what it does.\n"
722 " Requires the -f flag to work.")
728 N_("Set the winbind auth user"),
729 N_(" net -U user[%%password] [-W domain] setauthuser\n"
730 " Set the auth user, password (and optionally domain\n"
731 " Will prompt for password if not given.\n"
732 " net setauthuser delete\n"
733 " Delete the existing auth user settings.")
739 N_("Get the winbind auth user settings"),
740 N_(" net getauthuser\n"
741 " Get the current winbind auth user settings.")
747 N_(" Use 'net help time' to get more information about 'net "
753 N_("Look up host names/IP addresses"),
754 N_(" Use 'net help lookup' to get more information about 'net "
760 N_("Manipulate the global lock table"),
761 N_(" Use 'net help g_lock' to get more information about "
762 "'net g_lock' commands.")
766 NET_TRANSPORT_ADS
| NET_TRANSPORT_RPC
,
767 N_("Join a domain/AD"),
768 N_(" Use 'net help join' to get more information about 'net "
774 N_("Join/unjoin (remote) machines to/from a domain/AD"),
775 N_(" Use 'net help dom' to get more information about 'net "
781 N_("Operate on the cache tdb file"),
782 N_(" Use 'net help cache' to get more information about 'net "
788 N_("Get the SID for the local domain"),
789 N_(" net getlocalsid")
794 N_("Set the SID for the local domain"),
795 N_(" net setlocalsid S-1-5-21-x-y-z")
800 N_("Set domain SID on member servers"),
801 N_(" net setdomainsid S-1-5-21-x-y-z")
806 N_("Get domain SID on member servers"),
807 N_(" net getdomainsid")
812 N_("Display the maximum RID currently used"),
818 N_("IDmap functions"),
819 N_(" Use 'net help idmap to get more information about 'net "
825 N_("Display server status"),
826 N_(" Use 'net help status' to get more information about 'net "
832 N_("Manage user-modifiable shares"),
833 N_(" Use 'net help usershare to get more information about "
834 "'net usershare' commands.")
839 N_("Display list of all users with SID"),
840 N_(" Use 'net help usersidlist' to get more information about "
841 "'net usersidlist'.")
846 N_("Manage Samba registry based configuration"),
847 N_(" Use 'net help conf' to get more information about 'net "
853 N_("Manage the Samba registry"),
854 N_(" Use 'net help registry' to get more information about "
855 "'net registry' commands.")
860 N_("Process Win32 *.evt eventlog files"),
861 N_(" Use 'net help eventlog' to get more information about "
862 "'net eventlog' commands.")
867 N_("Process tdb printer files"),
868 N_(" Use 'net help printing' to get more information about "
869 "'net printing' commands.")
875 N_("Manage the serverid tdb"),
876 N_(" Use 'net help serverid' to get more information about "
877 "'net serverid' commands.")
883 N_("notifyd client code"),
884 N_(" Use 'net help notify' to get more information about "
885 "'net notify' commands.")
891 N_("Show information from tdb records"),
892 N_(" Use 'net help tdb' to get more information about "
893 "'net tdb' commands.")
899 N_("Filesystem operation through the VFS stack"),
900 N_(" Use 'net help vfs' to get more information about "
901 "'net vfs' commands.")
904 #ifdef WITH_FAKE_KASERVER
908 N_("Manage AFS tokens"),
909 N_(" Use 'net help afs' to get more information about 'net "
917 N_("Print usage information"),
918 N_(" Use 'net help help' to list usage information for 'net' "
921 {NULL
, NULL
, 0, NULL
, NULL
}
925 static void get_credentials_file(struct net_context
*c
,
928 struct cli_credentials
*cred
= cli_credentials_init(c
);
931 d_printf("ERROR: Unable to allocate memory!\n");
935 if (!cli_credentials_parse_file(cred
, file
, CRED_GUESS_FILE
)) {
939 c
->opt_user_name
= cli_credentials_get_username(cred
);
940 c
->opt_user_specified
= (c
->opt_user_name
!= NULL
);
941 c
->opt_password
= cli_credentials_get_password(cred
);
942 c
->opt_target_workgroup
= cli_credentials_get_domain(cred
);
945 /****************************************************************************
947 ****************************************************************************/
948 int main(int argc
, char **argv
)
954 const char ** argv_new
;
955 const char **argv_const
= discard_const_p(const char *, argv
);
957 TALLOC_CTX
*frame
= talloc_stackframe();
958 struct net_context
*c
= talloc_zero(frame
, struct net_context
);
960 struct poptOption long_options
[] = {
964 .argInfo
= POPT_ARG_NONE
,
968 .longName
= "workgroup",
970 .argInfo
= POPT_ARG_STRING
,
971 .arg
= &c
->opt_target_workgroup
,
976 .argInfo
= POPT_ARG_STRING
,
977 .arg
= &c
->opt_user_name
,
981 .longName
= "authentication-file",
983 .argInfo
= POPT_ARG_STRING
,
984 .arg
= &c
->opt_user_name
,
986 .descrip
= "Get the credentials from a file",
987 .argDescrip
= "FILE",
990 .longName
= "ipaddress",
992 .argInfo
= POPT_ARG_STRING
,
999 .argInfo
= POPT_ARG_INT
,
1000 .arg
= &c
->opt_port
,
1003 .longName
= "myname",
1005 .argInfo
= POPT_ARG_STRING
,
1006 .arg
= &c
->opt_requester_name
,
1009 .longName
= "server",
1011 .argInfo
= POPT_ARG_STRING
,
1012 .arg
= &c
->opt_host
,
1015 .longName
= "encrypt",
1017 .argInfo
= POPT_ARG_NONE
,
1020 .descrip
= N_("Encrypt SMB transport"),
1023 .longName
= "container",
1025 .argInfo
= POPT_ARG_STRING
,
1026 .arg
= &c
->opt_container
,
1029 .longName
= "comment",
1031 .argInfo
= POPT_ARG_STRING
,
1032 .arg
= &c
->opt_comment
,
1035 .longName
= "maxusers",
1037 .argInfo
= POPT_ARG_INT
,
1038 .arg
= &c
->opt_maxusers
,
1041 .longName
= "flags",
1043 .argInfo
= POPT_ARG_INT
,
1044 .arg
= &c
->opt_flags
,
1049 .argInfo
= POPT_ARG_NONE
,
1050 .arg
= &c
->opt_long_list_entries
,
1053 .longName
= "reboot",
1055 .argInfo
= POPT_ARG_NONE
,
1056 .arg
= &c
->opt_reboot
,
1059 .longName
= "force",
1061 .argInfo
= POPT_ARG_NONE
,
1062 .arg
= &c
->opt_force
,
1065 .longName
= "stdin",
1067 .argInfo
= POPT_ARG_NONE
,
1068 .arg
= &c
->opt_stdin
,
1071 .longName
= "timeout",
1073 .argInfo
= POPT_ARG_INT
,
1074 .arg
= &c
->opt_timeout
,
1077 .longName
= "request-timeout",
1079 .argInfo
= POPT_ARG_INT
,
1080 .arg
= &c
->opt_request_timeout
,
1083 .longName
= "machine-pass",
1085 .argInfo
= POPT_ARG_NONE
,
1086 .arg
= &c
->opt_machine_pass
,
1089 .longName
= "kerberos",
1091 .argInfo
= POPT_ARG_NONE
,
1092 .arg
= &c
->opt_kerberos
,
1095 .longName
= "myworkgroup",
1097 .argInfo
= POPT_ARG_STRING
,
1098 .arg
= &c
->opt_workgroup
,
1101 .longName
= "use-ccache",
1103 .argInfo
= POPT_ARG_NONE
,
1104 .arg
= &c
->opt_ccache
,
1107 .longName
= "verbose",
1109 .argInfo
= POPT_ARG_NONE
,
1110 .arg
= &c
->opt_verbose
,
1115 .argInfo
= POPT_ARG_NONE
,
1116 .arg
= &c
->opt_testmode
,
1118 /* Options for 'net groupmap set' */
1120 .longName
= "local",
1122 .argInfo
= POPT_ARG_NONE
,
1123 .arg
= &c
->opt_localgroup
,
1126 .longName
= "domain",
1128 .argInfo
= POPT_ARG_NONE
,
1129 .arg
= &c
->opt_domaingroup
,
1132 .longName
= "ntname",
1134 .argInfo
= POPT_ARG_STRING
,
1135 .arg
= &c
->opt_newntname
,
1140 .argInfo
= POPT_ARG_INT
,
1143 /* Options for 'net rpc share migrate' */
1147 .argInfo
= POPT_ARG_NONE
,
1148 .arg
= &c
->opt_acls
,
1151 .longName
= "attrs",
1153 .argInfo
= POPT_ARG_NONE
,
1154 .arg
= &c
->opt_attrs
,
1157 .longName
= "timestamps",
1159 .argInfo
= POPT_ARG_NONE
,
1160 .arg
= &c
->opt_timestamps
,
1163 .longName
= "exclude",
1165 .argInfo
= POPT_ARG_STRING
,
1166 .arg
= &c
->opt_exclude
,
1169 .longName
= "destination",
1171 .argInfo
= POPT_ARG_STRING
,
1172 .arg
= &c
->opt_destination
,
1175 .longName
= "tallocreport",
1177 .argInfo
= POPT_ARG_NONE
,
1178 .arg
= &c
->do_talloc_report
,
1180 /* Options for 'net rpc vampire (keytab)' */
1182 .longName
= "force-full-repl",
1184 .argInfo
= POPT_ARG_NONE
,
1185 .arg
= &c
->opt_force_full_repl
,
1188 .longName
= "single-obj-repl",
1190 .argInfo
= POPT_ARG_NONE
,
1191 .arg
= &c
->opt_single_obj_repl
,
1194 .longName
= "clean-old-entries",
1196 .argInfo
= POPT_ARG_NONE
,
1197 .arg
= &c
->opt_clean_old_entries
,
1199 /* Options for 'net idmap'*/
1203 .argInfo
= POPT_ARG_STRING
,
1209 .argInfo
= POPT_ARG_NONE
,
1210 .arg
= &c
->opt_lock
,
1215 .argInfo
= POPT_ARG_NONE
,
1216 .arg
= &c
->opt_auto
,
1219 .longName
= "repair",
1221 .argInfo
= POPT_ARG_NONE
,
1222 .arg
= &c
->opt_repair
,
1224 /* Options for 'net registry check'*/
1226 .longName
= "reg-version",
1228 .argInfo
= POPT_ARG_INT
,
1229 .arg
= &c
->opt_reg_version
,
1232 .longName
= "output",
1234 .argInfo
= POPT_ARG_STRING
,
1235 .arg
= &c
->opt_output
,
1240 .argInfo
= POPT_ARG_NONE
,
1241 .arg
= &c
->opt_wipe
,
1243 /* Options for 'net registry import' */
1245 .longName
= "precheck",
1247 .argInfo
= POPT_ARG_STRING
,
1248 .arg
= &c
->opt_precheck
,
1250 /* Options for 'net ads join or leave' */
1252 .longName
= "no-dns-updates",
1254 .argInfo
= POPT_ARG_NONE
,
1255 .arg
= &c
->opt_no_dns_updates
,
1258 .longName
= "keep-account",
1260 .argInfo
= POPT_ARG_NONE
,
1261 .arg
= &c
->opt_keep_account
,
1266 .argInfo
= POPT_ARG_NONE
,
1267 .arg
= &c
->opt_json
,
1269 /* Options for 'net vfs' */
1271 .longName
= "continue",
1272 .argInfo
= POPT_ARG_NONE
,
1273 .arg
= &c
->opt_continue_on_error
,
1274 .descrip
= "Continue on errors",
1277 .longName
= "recursive",
1278 .argInfo
= POPT_ARG_NONE
,
1279 .arg
= &c
->opt_recursive
,
1280 .descrip
= "Traverse directory hierarchy",
1283 .longName
= "follow-symlinks",
1284 .argInfo
= POPT_ARG_NONE
,
1285 .arg
= &c
->opt_follow_symlink
,
1286 .descrip
= "follow symlinks",
1292 zero_sockaddr(&c
->opt_dest_ip
);
1294 setup_logging(argv
[0], DEBUG_STDERR
);
1298 setlocale(LC_ALL
, "");
1299 #if defined(HAVE_BINDTEXTDOMAIN)
1300 bindtextdomain(MODULE_NAME
, get_dyn_LOCALEDIR());
1302 #if defined(HAVE_TEXTDOMAIN)
1303 textdomain(MODULE_NAME
);
1306 /* set default debug level to 0 regardless of what smb.conf sets */
1307 lp_set_cmdline("log level", "0");
1308 c
->private_data
= net_func
;
1310 pc
= poptGetContext(NULL
, argc
, argv_const
, long_options
,
1311 POPT_CONTEXT_KEEP_FIRST
);
1313 while((opt
= poptGetNextOpt(pc
)) != -1) {
1316 c
->display_usage
= true;
1319 c
->smb_encrypt
= true;
1322 if (!interpret_string_addr(&c
->opt_dest_ip
,
1323 poptGetOptArg(pc
), 0)) {
1324 d_fprintf(stderr
, _("\nInvalid ip address specified\n"));
1326 c
->opt_have_ip
= true;
1330 c
->opt_user_specified
= true;
1331 c
->opt_user_name
= talloc_strdup(c
, c
->opt_user_name
);
1332 p
= strchr(c
->opt_user_name
,'%');
1335 c
->opt_password
= p
+1;
1339 get_credentials_file(c
, c
->opt_user_name
);
1342 d_fprintf(stderr
, _("\nInvalid option %s: %s\n"),
1343 poptBadOption(pc
, 0), poptStrerror(opt
));
1344 net_help(c
, argc
, argv_const
);
1349 c
->msg_ctx
= cmdline_messaging_context(get_dyn_CONFIGFILE());
1351 if (!lp_load_global(get_dyn_CONFIGFILE())) {
1352 d_fprintf(stderr
, "Can't load %s - run testparm to debug it\n",
1353 get_dyn_CONFIGFILE());
1357 #if defined(HAVE_BIND_TEXTDOMAIN_CODESET)
1358 /* Bind our gettext results to 'unix charset'
1360 This ensures that the translations and any embedded strings are in the
1361 same charset. It won't be the one from the user's locale (we no
1362 longer auto-detect that), but it will be self-consistent.
1364 bind_textdomain_codeset(MODULE_NAME
, lp_unix_charset());
1367 argv_new
= (const char **)poptGetArgs(pc
);
1370 for (i
=0; i
<argc
; i
++) {
1371 if (argv_new
[i
] == NULL
) {
1377 if (c
->do_talloc_report
) {
1378 talloc_enable_leak_report();
1381 if (c
->opt_requester_name
) {
1382 lp_set_cmdline("netbios name", c
->opt_requester_name
);
1385 if (!c
->opt_user_name
&& getenv("LOGNAME")) {
1386 c
->opt_user_name
= getenv("LOGNAME");
1389 if (!c
->opt_workgroup
) {
1390 c
->opt_workgroup
= talloc_strdup(c
, lp_workgroup());
1393 if (!c
->opt_target_workgroup
) {
1394 c
->opt_target_workgroup
= talloc_strdup(c
, lp_workgroup());
1402 /* this makes sure that when we do things like call scripts,
1403 that it won't assert because we are not root */
1406 if (c
->opt_machine_pass
) {
1407 /* it is very useful to be able to make ads queries as the
1408 machine account for testing purposes and for domain leave */
1410 net_use_krb_machine_account(c
);
1413 if (!c
->opt_password
) {
1414 c
->opt_password
= getenv("PASSWD");
1417 popt_burn_cmdline_password(argc
, argv
);
1419 rc
= net_run_function(c
, argc_new
-1, argv_new
+1, "net", net_func
);
1421 DEBUG(2,("return code = %d\n", rc
));
1423 libnetapi_free(c
->netapi_ctx
);
1425 poptFreeContext(pc
);