search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix resume handle for _samr_EnumDomainGroups
[Samba.git] / source / lib / netapi / joindomain.c
blob66f7cfb13ff8ee7fbc1cd88051eab1d0fbd318a3
1 /*
2 * Unix SMB/CIFS implementation.
3 * NetApi Join Support
4 * Copyright (C) Guenther Deschner 2007-2008
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21
22 #include "librpc/gen_ndr/libnetapi.h"
23 #include "lib/netapi/netapi.h"
24 #include "lib/netapi/netapi_private.h"
25 #include "lib/netapi/libnetapi.h"
26 #include "libnet/libnet.h"
27
28 /****************************************************************
29 ****************************************************************/
30
31 WERROR NetJoinDomain_l(struct libnetapi_ctx *mem_ctx,
32 struct NetJoinDomain *r)
33 {
34 struct libnet_JoinCtx *j = NULL;
35 WERROR werr;
36
37 if (!r->in.domain) {
38 return WERR_INVALID_PARAM;
39 }
40
41 werr = libnet_init_JoinCtx(mem_ctx, &j);
42 W_ERROR_NOT_OK_RETURN(werr);
43
44 j->in.domain_name = talloc_strdup(mem_ctx, r->in.domain);
45 W_ERROR_HAVE_NO_MEMORY(j->in.domain_name);
46
47 if (r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) {
48 NTSTATUS status;
49 struct netr_DsRGetDCNameInfo *info = NULL;
50 const char *dc = NULL;
51 uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
52 DS_WRITABLE_REQUIRED |
53 DS_RETURN_DNS_NAME;
54 status = dsgetdcname(mem_ctx, NULL, r->in.domain,
55 NULL, NULL, flags, &info);
56 if (!NT_STATUS_IS_OK(status)) {
57 libnetapi_set_error_string(mem_ctx,
58 "%s", get_friendly_nt_error_msg(status));
59 return ntstatus_to_werror(status);
60 }
61
62 dc = strip_hostname(info->dc_unc);
63 j->in.dc_name = talloc_strdup(mem_ctx, dc);
64 W_ERROR_HAVE_NO_MEMORY(j->in.dc_name);
65 }
66
67 if (r->in.account_ou) {
68 j->in.account_ou = talloc_strdup(mem_ctx, r->in.account_ou);
69 W_ERROR_HAVE_NO_MEMORY(j->in.account_ou);
70 }
71
72 if (r->in.account) {
73 j->in.admin_account = talloc_strdup(mem_ctx, r->in.account);
74 W_ERROR_HAVE_NO_MEMORY(j->in.admin_account);
75 }
76
77 if (r->in.password) {
78 j->in.admin_password = talloc_strdup(mem_ctx, r->in.password);
79 W_ERROR_HAVE_NO_MEMORY(j->in.admin_password);
80 }
81
82 j->in.join_flags = r->in.join_flags;
83 j->in.modify_config = true;
84 j->in.debug = true;
85
86 werr = libnet_Join(mem_ctx, j);
87 if (!W_ERROR_IS_OK(werr) && j->out.error_string) {
88 libnetapi_set_error_string(mem_ctx, "%s", j->out.error_string);
89 }
90 TALLOC_FREE(j);
91
92 return werr;
93 }
94
95 /****************************************************************
96 ****************************************************************/
97
98 WERROR NetJoinDomain_r(struct libnetapi_ctx *ctx,
99 struct NetJoinDomain *r)
100 {
101 struct cli_state *cli = NULL;
102 struct rpc_pipe_client *pipe_cli = NULL;
103 struct wkssvc_PasswordBuffer *encrypted_password = NULL;
104 NTSTATUS status;
105 WERROR werr;
106 unsigned int old_timeout = 0;
107
108 werr = libnetapi_open_ipc_connection(ctx, r->in.server, &cli);
109 if (!W_ERROR_IS_OK(werr)) {
110 goto done;
111 }
112
113 werr = libnetapi_open_pipe(ctx, cli, PI_WKSSVC, &pipe_cli);
114 if (!W_ERROR_IS_OK(werr)) {
115 goto done;
116 }
117
118 if (r->in.password) {
119 encode_wkssvc_join_password_buffer(ctx,
120 r->in.password,
121 &cli->user_session_key,
122 &encrypted_password);
123 }
124
125 old_timeout = cli_set_timeout(cli, 600000);
126
127 status = rpccli_wkssvc_NetrJoinDomain2(pipe_cli, ctx,
128 r->in.server,
129 r->in.domain,
130 r->in.account_ou,
131 r->in.account,
132 encrypted_password,
133 r->in.join_flags,
134 &werr);
135 if (!NT_STATUS_IS_OK(status)) {
136 werr = ntstatus_to_werror(status);
137 goto done;
138 }
139
140 done:
141 if (cli) {
142 if (old_timeout) {
143 cli_set_timeout(cli, old_timeout);
144 }
145 }
146
147 return werr;
148 }
149 /****************************************************************
150 ****************************************************************/
151
152 WERROR NetUnjoinDomain_l(struct libnetapi_ctx *mem_ctx,
153 struct NetUnjoinDomain *r)
154 {
155 struct libnet_UnjoinCtx *u = NULL;
156 struct dom_sid domain_sid;
157 const char *domain = NULL;
158 WERROR werr;
159
160 if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
161 return WERR_SETUP_NOT_JOINED;
162 }
163
164 werr = libnet_init_UnjoinCtx(mem_ctx, &u);
165 W_ERROR_NOT_OK_RETURN(werr);
166
167 if (lp_realm()) {
168 domain = lp_realm();
169 } else {
170 domain = lp_workgroup();
171 }
172
173 if (r->in.server_name) {
174 u->in.dc_name = talloc_strdup(mem_ctx, r->in.server_name);
175 W_ERROR_HAVE_NO_MEMORY(u->in.dc_name);
176 } else {
177 NTSTATUS status;
178 struct netr_DsRGetDCNameInfo *info = NULL;
179 const char *dc = NULL;
180 uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
181 DS_WRITABLE_REQUIRED |
182 DS_RETURN_DNS_NAME;
183 status = dsgetdcname(mem_ctx, NULL, domain,
184 NULL, NULL, flags, &info);
185 if (!NT_STATUS_IS_OK(status)) {
186 libnetapi_set_error_string(mem_ctx,
187 "failed to find DC for domain %s: %s",
188 domain,
189 get_friendly_nt_error_msg(status));
190 return ntstatus_to_werror(status);
191 }
192
193 dc = strip_hostname(info->dc_unc);
194 u->in.dc_name = talloc_strdup(mem_ctx, dc);
195 W_ERROR_HAVE_NO_MEMORY(u->in.dc_name);
196
197 u->in.domain_name = domain;
198 }
199
200 if (r->in.account) {
201 u->in.admin_account = talloc_strdup(mem_ctx, r->in.account);
202 W_ERROR_HAVE_NO_MEMORY(u->in.admin_account);
203 }
204
205 if (r->in.password) {
206 u->in.admin_password = talloc_strdup(mem_ctx, r->in.password);
207 W_ERROR_HAVE_NO_MEMORY(u->in.admin_password);
208 }
209
210 u->in.domain_name = domain;
211 u->in.unjoin_flags = r->in.unjoin_flags;
212 u->in.modify_config = true;
213 u->in.debug = true;
214
215 u->in.domain_sid = &domain_sid;
216
217 werr = libnet_Unjoin(mem_ctx, u);
218 if (!W_ERROR_IS_OK(werr) && u->out.error_string) {
219 libnetapi_set_error_string(mem_ctx, "%s", u->out.error_string);
220 }
221 TALLOC_FREE(u);
222
223 return werr;
224 }
225
226 /****************************************************************
227 ****************************************************************/
228
229 WERROR NetUnjoinDomain_r(struct libnetapi_ctx *ctx,
230 struct NetUnjoinDomain *r)
231 {
232 struct cli_state *cli = NULL;
233 struct rpc_pipe_client *pipe_cli = NULL;
234 struct wkssvc_PasswordBuffer *encrypted_password = NULL;
235 NTSTATUS status;
236 WERROR werr;
237 unsigned int old_timeout = 0;
238
239 werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
240 if (!W_ERROR_IS_OK(werr)) {
241 goto done;
242 }
243
244 werr = libnetapi_open_pipe(ctx, cli, PI_WKSSVC, &pipe_cli);
245 if (!W_ERROR_IS_OK(werr)) {
246 goto done;
247 }
248
249 if (r->in.password) {
250 encode_wkssvc_join_password_buffer(ctx,
251 r->in.password,
252 &cli->user_session_key,
253 &encrypted_password);
254 }
255
256 old_timeout = cli_set_timeout(cli, 60000);
257
258 status = rpccli_wkssvc_NetrUnjoinDomain2(pipe_cli, ctx,
259 r->in.server_name,
260 r->in.account,
261 encrypted_password,
262 r->in.unjoin_flags,
263 &werr);
264 if (!NT_STATUS_IS_OK(status)) {
265 werr = ntstatus_to_werror(status);
266 goto done;
267 }
268
269 done:
270 if (cli) {
271 if (old_timeout) {
272 cli_set_timeout(cli, old_timeout);
273 }
274 }
275
276 return werr;
277 }
278
279 /****************************************************************
280 ****************************************************************/
281
282 WERROR NetGetJoinInformation_r(struct libnetapi_ctx *ctx,
283 struct NetGetJoinInformation *r)
284 {
285 struct cli_state *cli = NULL;
286 struct rpc_pipe_client *pipe_cli = NULL;
287 NTSTATUS status;
288 WERROR werr;
289 const char *buffer = NULL;
290
291 werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
292 if (!W_ERROR_IS_OK(werr)) {
293 goto done;
294 }
295
296 werr = libnetapi_open_pipe(ctx, cli, PI_WKSSVC, &pipe_cli);
297 if (!W_ERROR_IS_OK(werr)) {
298 goto done;
299 }
300
301 status = rpccli_wkssvc_NetrGetJoinInformation(pipe_cli, ctx,
302 r->in.server_name,
303 &buffer,
304 (enum wkssvc_NetJoinStatus *)r->out.name_type,
305 &werr);
306 if (!NT_STATUS_IS_OK(status)) {
307 werr = ntstatus_to_werror(status);
308 goto done;
309 }
310
311 *r->out.name_buffer = talloc_strdup(ctx, buffer);
312 W_ERROR_HAVE_NO_MEMORY(*r->out.name_buffer);
313
314 done:
315 return werr;
316 }
317
318 /****************************************************************
319 ****************************************************************/
320
321 WERROR NetGetJoinInformation_l(struct libnetapi_ctx *ctx,
322 struct NetGetJoinInformation *r)
323 {
324 if ((lp_security() == SEC_ADS) && lp_realm()) {
325 *r->out.name_buffer = talloc_strdup(ctx, lp_realm());
326 } else {
327 *r->out.name_buffer = talloc_strdup(ctx, lp_workgroup());
328 }
329 if (!*r->out.name_buffer) {
330 return WERR_NOMEM;
331 }
332
333 switch (lp_server_role()) {
334 case ROLE_DOMAIN_MEMBER:
335 case ROLE_DOMAIN_PDC:
336 case ROLE_DOMAIN_BDC:
337 *r->out.name_type = NetSetupDomainName;
338 break;
339 case ROLE_STANDALONE:
340 default:
341 *r->out.name_type = NetSetupWorkgroupName;
342 break;
343 }
344
345 return WERR_OK;
346 }
347
348 /****************************************************************
349 ****************************************************************/
350
351 WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx,
352 struct NetGetJoinableOUs *r)
353 {
354 #ifdef WITH_ADS
355 NTSTATUS status;
356 ADS_STATUS ads_status;
357 ADS_STRUCT *ads = NULL;
358 struct netr_DsRGetDCNameInfo *info = NULL;
359 const char *dc = NULL;
360 uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED |
361 DS_RETURN_DNS_NAME;
362
363 status = dsgetdcname(ctx, NULL, r->in.domain,
364 NULL, NULL, flags, &info);
365 if (!NT_STATUS_IS_OK(status)) {
366 libnetapi_set_error_string(ctx, "%s",
367 get_friendly_nt_error_msg(status));
368 return ntstatus_to_werror(status);
369 }
370
371 dc = strip_hostname(info->dc_unc);
372
373 ads = ads_init(r->in.domain, r->in.domain, dc);
374 if (!ads) {
375 return WERR_GENERAL_FAILURE;
376 }
377
378 SAFE_FREE(ads->auth.user_name);
379 if (r->in.account) {
380 ads->auth.user_name = SMB_STRDUP(r->in.account);
381 } else if (ctx->username) {
382 ads->auth.user_name = SMB_STRDUP(ctx->username);
383 }
384
385 SAFE_FREE(ads->auth.password);
386 if (r->in.password) {
387 ads->auth.password = SMB_STRDUP(r->in.password);
388 } else if (ctx->password) {
389 ads->auth.password = SMB_STRDUP(ctx->password);
390 }
391
392 ads_status = ads_connect(ads);
393 if (!ADS_ERR_OK(ads_status)) {
394 ads_destroy(&ads);
395 return WERR_DEFAULT_JOIN_REQUIRED;
396 }
397
398 ads_status = ads_get_joinable_ous(ads, ctx,
399 (char ***)r->out.ous,
400 (size_t *)r->out.ou_count);
401 if (!ADS_ERR_OK(ads_status)) {
402 ads_destroy(&ads);
403 return WERR_DEFAULT_JOIN_REQUIRED;
404 }
405
406 ads_destroy(&ads);
407 return WERR_OK;
408 #else
409 return WERR_NOT_SUPPORTED;
410 #endif
411 }
412
413 /****************************************************************
414 ****************************************************************/
415
416 WERROR NetGetJoinableOUs_r(struct libnetapi_ctx *ctx,
417 struct NetGetJoinableOUs *r)
418 {
419 struct cli_state *cli = NULL;
420 struct rpc_pipe_client *pipe_cli = NULL;
421 struct wkssvc_PasswordBuffer *encrypted_password = NULL;
422 NTSTATUS status;
423 WERROR werr;
424
425 werr = libnetapi_open_ipc_connection(ctx, r->in.server_name, &cli);
426 if (!W_ERROR_IS_OK(werr)) {
427 goto done;
428 }
429
430 werr = libnetapi_open_pipe(ctx, cli, PI_WKSSVC, &pipe_cli);
431 if (!W_ERROR_IS_OK(werr)) {
432 goto done;
433 }
434
435 if (r->in.password) {
436 encode_wkssvc_join_password_buffer(ctx,
437 r->in.password,
438 &cli->user_session_key,
439 &encrypted_password);
440 }
441
442 status = rpccli_wkssvc_NetrGetJoinableOus2(pipe_cli, ctx,
443 r->in.server_name,
444 r->in.domain,
445 r->in.account,
446 encrypted_password,
447 r->out.ou_count,
448 r->out.ous,
449 &werr);
450 if (!NT_STATUS_IS_OK(status)) {
451 werr = ntstatus_to_werror(status);
452 goto done;
453 }
454
455 done:
456 if (cli) {
457 cli_shutdown(cli);
458 }
459
460 return werr;
461 }
Samba GIT mirror