search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
sync'ing up for 3.0alpha20 release
[Samba.git] / source / utils / net_rpc.c
blob8b8278b053e616b162cd95fd667f3ced8b3ac9ae
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org)
5 Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com)
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
20
21 #include "includes.h"
22 #include "../utils/net.h"
23
24 extern pstring global_myname;
25
26 /**
27 * @file net_rpc.c
28 *
29 * @brief RPC based subcommands for the 'net' utility.
30 *
31 * This file should contain much of the functionality that used to
32 * be found in rpcclient, execpt that the commands should change
33 * less often, and the fucntionality should be sane (the user is not
34 * expected to know a rid/sid before they conduct an operation etc.)
35 *
36 * @todo Perhaps eventually these should be split out into a number
37 * of files, as this could get quite big.
38 **/
39
40
41 /* A function of this type is passed to the 'run_rpc_command' wrapper */
42 typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, struct cli_state *, TALLOC_CTX *, int, const char **);
43
44 /**
45 * Many of the RPC functions need the domain sid. This function gets
46 * it at the start of every run
47 *
48 * @param cli A cli_state already connected to the remote machine
49 *
50 * @return The Domain SID of the remote machine.
51 **/
52
53 static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli)
54 {
55 DOM_SID *domain_sid;
56 POLICY_HND pol;
57 NTSTATUS result = NT_STATUS_OK;
58 uint32 info_class = 5;
59 fstring domain_name;
60 TALLOC_CTX *mem_ctx;
61
62 if (!(domain_sid = malloc(sizeof(DOM_SID)))){
63 DEBUG(0,("net_get_remote_domain_sid: malloc returned NULL!\n"));
64 goto error;
65 }
66
67 if (!(mem_ctx=talloc_init()))
68 {
69 DEBUG(0,("net_get_remote_domain_sid: talloc_init returned NULL!\n"));
70 goto error;
71 }
72
73
74 if (!cli_nt_session_open (cli, PIPE_LSARPC)) {
75 fprintf(stderr, "could not initialise lsa pipe\n");
76 goto error;
77 }
78
79 result = cli_lsa_open_policy(cli, mem_ctx, True,
80 SEC_RIGHTS_MAXIMUM_ALLOWED,
81 &pol);
82 if (!NT_STATUS_IS_OK(result)) {
83 goto error;
84 }
85
86 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class,
87 domain_name, domain_sid);
88 if (!NT_STATUS_IS_OK(result)) {
89 goto error;
90 }
91
92 cli_lsa_close(cli, mem_ctx, &pol);
93 cli_nt_session_close(cli);
94 talloc_destroy(mem_ctx);
95
96 return domain_sid;
97
98 error:
99 fprintf(stderr, "could not obtain sid for domain %s\n", cli->domain);
100
101 if (!NT_STATUS_IS_OK(result)) {
102 fprintf(stderr, "error: %s\n", nt_errstr(result));
103 }
104
105 exit(1);
106 }
107
108 /**
109 * Run a single RPC command, from start to finish.
110 *
111 * @param pipe_name the pipe to connect to (usually a PIPE_ constant)
112 * @param conn_flag a NET_FLAG_ combination. Passed to
113 * net_make_ipc_connection.
114 * @param argc Standard main() style argc
115 * @param argc Standard main() style argv. Initial components are already
116 * stripped
117 * @return A shell status integer (0 for success)
118 */
119
120 static int run_rpc_command(struct cli_state *cli_arg, const char *pipe_name, int conn_flags,
121 rpc_command_fn fn,
122 int argc, const char **argv)
123 {
124 struct cli_state *cli = NULL;
125 TALLOC_CTX *mem_ctx;
126 NTSTATUS nt_status;
127 DOM_SID *domain_sid;
128
129 /* make use of cli_state handed over as an argument, if possible */
130 if (!cli_arg)
131 cli = net_make_ipc_connection(conn_flags);
132 else
133 cli = cli_arg;
134
135 if (!cli) {
136 return -1;
137 }
138
139 domain_sid = net_get_remote_domain_sid(cli);
140
141 /* Create mem_ctx */
142
143 if (!(mem_ctx = talloc_init())) {
144 DEBUG(0, ("talloc_init() failed\n"));
145 cli_shutdown(cli);
146 return -1;
147 }
148
149 if (!cli_nt_session_open(cli, pipe_name)) {
150 DEBUG(0, ("Could not initialise %s pipe\n", pipe_name));
151 }
152
153 nt_status = fn(domain_sid, cli, mem_ctx, argc, argv);
154
155 if (!NT_STATUS_IS_OK(nt_status)) {
156 DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status)));
157 } else {
158 DEBUG(5, ("rpc command function succedded\n"));
159 }
160
161
162 if (cli->nt_pipe_fnum)
163 cli_nt_session_close(cli);
164
165 /* close the connection only if it was opened here */
166 if (!cli_arg)
167 cli_shutdown(cli);
168
169 talloc_destroy(mem_ctx);
170
171 return (!NT_STATUS_IS_OK(nt_status));
172 }
173
174
175 /****************************************************************************/
176
177
178 /**
179 * Force a change of the trust acccount password.
180 *
181 * All parameters are provided by the run_rpc_command function, except for
182 * argc, argv which are passes through.
183 *
184 * @param domain_sid The domain sid aquired from the remote server
185 * @param cli A cli_state connected to the server.
186 * @param mem_ctx Talloc context, destoyed on compleation of the function.
187 * @param argc Standard main() style argc
188 * @param argc Standard main() style argv. Initial components are already
189 * stripped
190 *
191 * @return Normal NTSTATUS return.
192 **/
193
194 static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
195 int argc, const char **argv) {
196
197 return trust_pw_find_change_and_store_it(cli, mem_ctx, opt_target_workgroup);
198 }
199
200 /**
201 * Force a change of the trust acccount password.
202 *
203 * @param argc Standard main() style argc
204 * @param argc Standard main() style argv. Initial components are already
205 * stripped
206 *
207 * @return A shell status integer (0 for success)
208 **/
209
210 static int rpc_changetrustpw(int argc, const char **argv)
211 {
212 return run_rpc_command(NULL, PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_changetrustpw_internals,
213 argc, argv);
214 }
215
216
217 /****************************************************************************/
218
219
220 /**
221 * Join a domain, the old way.
222 *
223 * This uses 'machinename' as the inital password, and changes it.
224 *
225 * The password should be created with 'server manager' or eqiv first.
226 *
227 * All parameters are provided by the run_rpc_command function, except for
228 * argc, argv which are passes through.
229 *
230 * @param domain_sid The domain sid aquired from the remote server
231 * @param cli A cli_state connected to the server.
232 * @param mem_ctx Talloc context, destoyed on compleation of the function.
233 * @param argc Standard main() style argc
234 * @param argc Standard main() style argv. Initial components are already
235 * stripped
236 *
237 * @return Normal NTSTATUS return.
238 **/
239
240 static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
241 int argc, const char **argv) {
242
243 extern pstring global_myname;
244 fstring trust_passwd;
245 unsigned char orig_trust_passwd_hash[16];
246 NTSTATUS result;
247
248 fstrcpy(trust_passwd, global_myname);
249 strlower(trust_passwd);
250
251 /*
252 * Machine names can be 15 characters, but the max length on
253 * a password is 14. --jerry
254 */
255
256 trust_passwd[14] = '\0';
257
258 E_md4hash(trust_passwd, orig_trust_passwd_hash);
259
260 result = trust_pw_change_and_store_it(cli, mem_ctx, orig_trust_passwd_hash);
261
262 if (NT_STATUS_IS_OK(result))
263 printf("Joined domain %s.\n",lp_workgroup());
264
265 return result;
266 }
267
268 /**
269 * Join a domain, the old way.
270 *
271 * @param argc Standard main() style argc
272 * @param argc Standard main() style argv. Initial components are already
273 * stripped
274 *
275 * @return A shell status integer (0 for success)
276 **/
277
278 static int net_rpc_join_oldstyle(int argc, const char **argv)
279 {
280 return run_rpc_command(NULL, PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_join_oldstyle_internals,
281 argc, argv);
282 }
283
284 /**
285 * Basic usage function for 'net rpc join'
286 * @param argc Standard main() style argc
287 * @param argc Standard main() style argv. Initial components are already
288 * stripped
289 **/
290
291 static int rpc_join_usage(int argc, const char **argv)
292 {
293 d_printf("net rpc join -U <username>[%%password] [options]\n"\
294 "\t to join a domain with admin username & password\n"\
295 "\t\t password will be prompted if none is specified\n");
296 d_printf("net rpc join [options except -U]\n"\
297 "\t to join a domain created in server manager\n\n\n");
298
299 net_common_flags_usage(argc, argv);
300 return -1;
301 }
302
303 /**
304 * 'net rpc join' entrypoint.
305 * @param argc Standard main() style argc
306 * @param argc Standard main() style argv. Initial components are already
307 * stripped
308 *
309 * Main 'net_rpc_join()' (where the admain username/password is used) is
310 * in net_rpc_join.c
311 * Assume if a -U is specified, it's the new style, otherwise it's the
312 * old style
313 **/
314
315 int net_rpc_join(int argc, const char **argv)
316 {
317 if ((net_rpc_join_oldstyle(argc, argv) == 0))
318 return 0;
319
320 return net_rpc_join_newstyle(argc, argv);
321 }
322
323
324
325 /**
326 * display info about a rpc domain
327 *
328 * All parameters are provided by the run_rpc_command function, except for
329 * argc, argv which are passes through.
330 *
331 * @param domain_sid The domain sid acquired from the remote server
332 * @param cli A cli_state connected to the server.
333 * @param mem_ctx Talloc context, destoyed on completion of the function.
334 * @param argc Standard main() style argc
335 * @param argv Standard main() style argv. Initial components are already
336 * stripped
337 *
338 * @return Normal NTSTATUS return.
339 **/
340
341 static NTSTATUS
342 rpc_info_internals(const DOM_SID *domain_sid, struct cli_state *cli,
343 TALLOC_CTX *mem_ctx, int argc, const char **argv)
344 {
345 POLICY_HND connect_pol, domain_pol;
346 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
347 SAM_UNK_CTR ctr;
348 fstring sid_str;
349
350 sid_to_string(sid_str, domain_sid);
351
352 /* Get sam policy handle */
353 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
354 &connect_pol);
355 if (!NT_STATUS_IS_OK(result)) {
356 goto done;
357 }
358
359 /* Get domain policy handle */
360 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
361 MAXIMUM_ALLOWED_ACCESS,
362 domain_sid, &domain_pol);
363 if (!NT_STATUS_IS_OK(result)) {
364 goto done;
365 }
366
367 ZERO_STRUCT(ctr);
368 result = cli_samr_query_dom_info(cli, mem_ctx, &domain_pol,
369 2, &ctr);
370 if (NT_STATUS_IS_OK(result)) {
371 TALLOC_CTX *ctx = talloc_init();
372 d_printf("Domain Name: %s\n", unistr2_tdup(ctx, &ctr.info.inf2.uni_domain));
373 d_printf("Domain SID: %s\n", sid_str);
374 d_printf("Sequence number: %u\n", ctr.info.inf2.seq_num);
375 d_printf("Num users: %u\n", ctr.info.inf2.num_domain_usrs);
376 d_printf("Num domain groups: %u\n", ctr.info.inf2.num_domain_grps);
377 d_printf("Num local groups: %u\n", ctr.info.inf2.num_local_grps);
378 talloc_destroy(ctx);
379 }
380
381 done:
382 return result;
383 }
384
385
386 /**
387 * 'net rpc info' entrypoint.
388 * @param argc Standard main() style argc
389 * @param argc Standard main() style argv. Initial components are already
390 * stripped
391 **/
392 int net_rpc_info(int argc, const char **argv)
393 {
394 return run_rpc_command(NULL, PIPE_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
395 rpc_info_internals,
396 argc, argv);
397 }
398
399
400 /**
401 * Fetch domain SID into the local secrets.tdb
402 *
403 * All parameters are provided by the run_rpc_command function, except for
404 * argc, argv which are passes through.
405 *
406 * @param domain_sid The domain sid acquired from the remote server
407 * @param cli A cli_state connected to the server.
408 * @param mem_ctx Talloc context, destoyed on completion of the function.
409 * @param argc Standard main() style argc
410 * @param argv Standard main() style argv. Initial components are already
411 * stripped
412 *
413 * @return Normal NTSTATUS return.
414 **/
415
416 static NTSTATUS
417 rpc_getsid_internals(const DOM_SID *domain_sid, struct cli_state *cli,
418 TALLOC_CTX *mem_ctx, int argc, const char **argv)
419 {
420 fstring sid_str;
421
422 sid_to_string(sid_str, domain_sid);
423 d_printf("Storing SID %s for Domain %s in secrets.tdb\n",
424 sid_str, lp_workgroup());
425
426 if (!secrets_store_domain_sid(global_myname, domain_sid)) {
427 DEBUG(0,("Can't store domain SID\n"));
428 return NT_STATUS_UNSUCCESSFUL;
429 }
430
431 return NT_STATUS_OK;
432 }
433
434
435 /**
436 * 'net rpc getsid' entrypoint.
437 * @param argc Standard main() style argc
438 * @param argc Standard main() style argv. Initial components are already
439 * stripped
440 **/
441 int net_rpc_getsid(int argc, const char **argv)
442 {
443 return run_rpc_command(NULL, PIPE_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
444 rpc_getsid_internals,
445 argc, argv);
446 }
447
448
449 /****************************************************************************/
450
451 /**
452 * Basic usage function for 'net rpc user'
453 * @param argc Standard main() style argc.
454 * @param argv Standard main() style argv. Initial components are already
455 * stripped.
456 **/
457
458 static int rpc_user_usage(int argc, const char **argv)
459 {
460 return net_help_user(argc, argv);
461 }
462
463 /**
464 * Add a new user to a remote RPC server
465 *
466 * All parameters are provided by the run_rpc_command function, except for
467 * argc, argv which are passes through.
468 *
469 * @param domain_sid The domain sid acquired from the remote server
470 * @param cli A cli_state connected to the server.
471 * @param mem_ctx Talloc context, destoyed on completion of the function.
472 * @param argc Standard main() style argc
473 * @param argv Standard main() style argv. Initial components are already
474 * stripped
475 *
476 * @return Normal NTSTATUS return.
477 **/
478
479 static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
480 int argc, const char **argv) {
481
482 POLICY_HND connect_pol, domain_pol, user_pol;
483 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
484 const char *acct_name;
485 uint16 acb_info;
486 uint32 unknown, user_rid;
487
488 if (argc != 1) {
489 d_printf("User must be specified\n");
490 rpc_user_usage(argc, argv);
491 return NT_STATUS_OK;
492 }
493
494 acct_name = argv[0];
495
496 /* Get sam policy handle */
497
498 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
499 &connect_pol);
500 if (!NT_STATUS_IS_OK(result)) {
501 goto done;
502 }
503
504 /* Get domain policy handle */
505
506 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
507 MAXIMUM_ALLOWED_ACCESS,
508 domain_sid, &domain_pol);
509 if (!NT_STATUS_IS_OK(result)) {
510 goto done;
511 }
512
513 /* Create domain user */
514
515 acb_info = ACB_NORMAL;
516 unknown = 0xe005000b; /* No idea what this is - a permission mask? */
517
518 result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
519 acct_name, acb_info, unknown,
520 &user_pol, &user_rid);
521 if (!NT_STATUS_IS_OK(result)) {
522 goto done;
523 }
524
525 done:
526 if (!NT_STATUS_IS_OK(result)) {
527 d_printf("Failed to add user %s - %s\n", acct_name,
528 nt_errstr(result));
529 } else {
530 d_printf("Added user %s\n", acct_name);
531 }
532 return result;
533 }
534
535 /**
536 * Add a new user to a remote RPC server
537 *
538 * @param argc Standard main() style argc
539 * @param argv Standard main() style argv. Initial components are already
540 * stripped
541 *
542 * @return A shell status integer (0 for success)
543 **/
544
545 static int rpc_user_add(int argc, const char **argv)
546 {
547 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_add_internals,
548 argc, argv);
549 }
550
551 /**
552 * Delete a user from a remote RPC server
553 *
554 * All parameters are provided by the run_rpc_command function, except for
555 * argc, argv which are passes through.
556 *
557 * @param domain_sid The domain sid acquired from the remote server
558 * @param cli A cli_state connected to the server.
559 * @param mem_ctx Talloc context, destoyed on completion of the function.
560 * @param argc Standard main() style argc
561 * @param argv Standard main() style argv. Initial components are already
562 * stripped
563 *
564 * @return Normal NTSTATUS return.
565 **/
566
567 static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid,
568 struct cli_state *cli,
569 TALLOC_CTX *mem_ctx,
570 int argc, const char **argv)
571 {
572 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
573 POLICY_HND connect_pol, domain_pol, user_pol;
574
575 if (argc < 1) {
576 d_printf("User must be specified\n");
577 rpc_user_usage(argc, argv);
578 return NT_STATUS_OK;
579 }
580 /* Get sam policy and domain handles */
581
582 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
583 &connect_pol);
584
585 if (!NT_STATUS_IS_OK(result)) {
586 goto done;
587 }
588
589 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
590 MAXIMUM_ALLOWED_ACCESS,
591 domain_sid, &domain_pol);
592
593 if (!NT_STATUS_IS_OK(result)) {
594 goto done;
595 }
596
597 /* Get handle on user */
598
599 {
600 uint32 *user_rids, num_rids, *name_types;
601 uint32 flags = 0x000003e8; /* Unknown */
602
603 result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol,
604 flags, 1, &argv[0],
605 &num_rids, &user_rids,
606 &name_types);
607
608 if (!NT_STATUS_IS_OK(result)) {
609 goto done;
610 }
611
612 result = cli_samr_open_user(cli, mem_ctx, &domain_pol,
613 MAXIMUM_ALLOWED_ACCESS,
614 user_rids[0], &user_pol);
615
616 if (!NT_STATUS_IS_OK(result)) {
617 goto done;
618 }
619 }
620
621 /* Delete user */
622
623 result = cli_samr_delete_dom_user(cli, mem_ctx, &user_pol);
624
625 if (!NT_STATUS_IS_OK(result)) {
626 goto done;
627 }
628
629 /* Display results */
630
631 done:
632 return result;
633
634 }
635
636 /**
637 * Delete a user from a remote RPC server
638 *
639 * @param argc Standard main() style argc
640 * @param argv Standard main() style argv. Initial components are already
641 * stripped
642 *
643 * @return A shell status integer (0 for success)
644 **/
645
646 static int rpc_user_delete(int argc, const char **argv)
647 {
648 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_del_internals,
649 argc, argv);
650 }
651
652 /**
653 * List user's groups on a remote RPC server
654 *
655 * All parameters are provided by the run_rpc_command function, except for
656 * argc, argv which are passes through.
657 *
658 * @param domain_sid The domain sid acquired from the remote server
659 * @param cli A cli_state connected to the server.
660 * @param mem_ctx Talloc context, destoyed on completion of the function.
661 * @param argc Standard main() style argc
662 * @param argv Standard main() style argv. Initial components are already
663 * stripped
664 *
665 * @return Normal NTSTATUS return.
666 **/
667
668 static NTSTATUS
669 rpc_user_info_internals(const DOM_SID *domain_sid, struct cli_state *cli,
670 TALLOC_CTX *mem_ctx, int argc, const char **argv)
671 {
672 POLICY_HND connect_pol, domain_pol, user_pol;
673 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
674 uint32 *rids, num_rids, *name_types, num_names;
675 uint32 flags = 0x000003e8; /* Unknown */
676 int i;
677 char **names;
678 DOM_GID *user_gids;
679
680 if (argc < 1) {
681 d_printf("User must be specified\n");
682 rpc_user_usage(argc, argv);
683 return NT_STATUS_OK;
684 }
685 /* Get sam policy handle */
686
687 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
688 &connect_pol);
689 if (!NT_STATUS_IS_OK(result)) goto done;
690
691 /* Get domain policy handle */
692
693 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
694 MAXIMUM_ALLOWED_ACCESS,
695 domain_sid, &domain_pol);
696 if (!NT_STATUS_IS_OK(result)) goto done;
697
698 /* Get handle on user */
699
700 result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol,
701 flags, 1, &argv[0],
702 &num_rids, &rids, &name_types);
703
704 if (!NT_STATUS_IS_OK(result)) goto done;
705
706 result = cli_samr_open_user(cli, mem_ctx, &domain_pol,
707 MAXIMUM_ALLOWED_ACCESS,
708 rids[0], &user_pol);
709 if (!NT_STATUS_IS_OK(result)) goto done;
710
711 result = cli_samr_query_usergroups(cli, mem_ctx, &user_pol,
712 &num_rids, &user_gids);
713
714 /* Look up rids */
715
716 rids = (uint32 *)talloc(mem_ctx, sizeof(uint32) * num_rids);
717
718 for (i = 0; i < num_rids; i++)
719 rids[i] = user_gids[i].g_rid;
720
721 result = cli_samr_lookup_rids(cli, mem_ctx, &domain_pol,
722 flags, num_rids, rids,
723 &num_names, &names, &name_types);
724
725 if (!NT_STATUS_IS_OK(result)) {
726 goto done;
727 }
728
729 /* Display results */
730
731 for (i = 0; i < num_names; i++)
732 printf("%s\n", names[i]);
733
734 done:
735 return result;
736 }
737
738 /**
739 * List a user's groups from a remote RPC server
740 *
741 * @param argc Standard main() style argc
742 * @param argv Standard main() style argv. Initial components are already
743 * stripped
744 *
745 * @return A shell status integer (0 for success)
746 **/
747
748 static int rpc_user_info(int argc, const char **argv)
749 {
750 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_info_internals,
751 argc, argv);
752 }
753
754 /**
755 * List users on a remote RPC server
756 *
757 * All parameters are provided by the run_rpc_command function, except for
758 * argc, argv which are passes through.
759 *
760 * @param domain_sid The domain sid acquired from the remote server
761 * @param cli A cli_state connected to the server.
762 * @param mem_ctx Talloc context, destoyed on completion of the function.
763 * @param argc Standard main() style argc
764 * @param argv Standard main() style argv. Initial components are already
765 * stripped
766 *
767 * @return Normal NTSTATUS return.
768 **/
769
770 static NTSTATUS
771 rpc_user_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
772 TALLOC_CTX *mem_ctx, int argc, const char **argv)
773 {
774 POLICY_HND connect_pol, domain_pol;
775 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
776 uint32 start_idx=0, max_entries=250, num_entries, i;
777 SAM_DISPINFO_CTR ctr;
778 SAM_DISPINFO_1 info1;
779
780 /* Get sam policy handle */
781
782 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
783 &connect_pol);
784 if (!NT_STATUS_IS_OK(result)) {
785 goto done;
786 }
787
788 /* Get domain policy handle */
789
790 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
791 MAXIMUM_ALLOWED_ACCESS,
792 domain_sid, &domain_pol);
793 if (!NT_STATUS_IS_OK(result)) {
794 goto done;
795 }
796
797 /* Query domain users */
798 ZERO_STRUCT(ctr);
799 ZERO_STRUCT(info1);
800 ctr.sam.info1 = &info1;
801 if (opt_long_list_entries)
802 d_printf("\nUser name Comment"\
803 "\n-----------------------------\n");
804 do {
805 fstring user, desc;
806 result = cli_samr_query_dispinfo(cli, mem_ctx, &domain_pol,
807 &start_idx, 1, &num_entries,
808 max_entries, &ctr);
809 for (i = 0; i < num_entries; i++) {
810 unistr2_to_ascii(user, &(&ctr.sam.info1->str[i])->uni_acct_name, sizeof(user)-1);
811 if (opt_long_list_entries)
812 unistr2_to_ascii(desc, &(&ctr.sam.info1->str[i])->uni_acct_desc, sizeof(desc)-1);
813
814 if (opt_long_list_entries)
815 printf("%-21.21s %-50.50s\n", user, desc);
816 else
817 printf("%s\n", user);
818 }
819 } while (!NT_STATUS_IS_OK(result));
820
821 done:
822 return result;
823 }
824
825 /**
826 * 'net rpc user' entrypoint.
827 * @param argc Standard main() style argc
828 * @param argc Standard main() style argv. Initial components are already
829 * stripped
830 **/
831
832 int net_rpc_user(int argc, const char **argv)
833 {
834 struct functable func[] = {
835 {"add", rpc_user_add},
836 {"info", rpc_user_info},
837 {"delete", rpc_user_delete},
838 {NULL, NULL}
839 };
840
841 if (argc == 0) {
842 if (opt_long_list_entries) {
843 } else {
844 }
845 return run_rpc_command(NULL,PIPE_SAMR, 0,
846 rpc_user_list_internals,
847 argc, argv);
848 }
849
850 return net_run_function(argc, argv, func, rpc_user_usage);
851 }
852
853
854 /****************************************************************************/
855
856 /**
857 * Basic usage function for 'net rpc group'
858 * @param argc Standard main() style argc.
859 * @param argv Standard main() style argv. Initial components are already
860 * stripped.
861 **/
862
863 static int rpc_group_usage(int argc, const char **argv)
864 {
865 return net_help_group(argc, argv);
866 }
867
868 /**
869 * List groups on a remote RPC server
870 *
871 * All parameters are provided by the run_rpc_command function, except for
872 * argc, argv which are passes through.
873 *
874 * @param domain_sid The domain sid acquired from the remote server
875 * @param cli A cli_state connected to the server.
876 * @param mem_ctx Talloc context, destoyed on completion of the function.
877 * @param argc Standard main() style argc
878 * @param argv Standard main() style argv. Initial components are already
879 * stripped
880 *
881 * @return Normal NTSTATUS return.
882 **/
883
884 static NTSTATUS
885 rpc_group_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
886 TALLOC_CTX *mem_ctx, int argc, const char **argv)
887 {
888 POLICY_HND connect_pol, domain_pol;
889 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
890 uint32 start_idx=0, max_entries=250, num_entries, i;
891 struct acct_info *groups;
892 DOM_SID global_sid_Builtin;
893
894 string_to_sid(&global_sid_Builtin, "S-1-5-32");
895
896 /* Get sam policy handle */
897
898 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
899 &connect_pol);
900 if (!NT_STATUS_IS_OK(result)) {
901 goto done;
902 }
903
904 /* Get domain policy handle */
905
906 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
907 MAXIMUM_ALLOWED_ACCESS,
908 domain_sid, &domain_pol);
909 if (!NT_STATUS_IS_OK(result)) {
910 goto done;
911 }
912
913 /* Query domain groups */
914 if (opt_long_list_entries)
915 d_printf("\nGroup name Comment"\
916 "\n-----------------------------\n");
917 do {
918 result = cli_samr_enum_dom_groups(cli, mem_ctx, &domain_pol,
919 &start_idx, max_entries,
920 &groups, &num_entries);
921
922 for (i = 0; i < num_entries; i++) {
923 if (opt_long_list_entries)
924 printf("%-21.21s %-50.50s\n",
925 groups[i].acct_name,
926 groups[i].acct_desc);
927 else
928 printf("%-21.21s\n", groups[i].acct_name);
929 }
930 } while (!NT_STATUS_IS_OK(result));
931 /* query domain aliases */
932 do {
933 result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol,
934 &start_idx, max_entries,
935 &groups, &num_entries);
936
937 for (i = 0; i < num_entries; i++) {
938 if (opt_long_list_entries)
939 printf("%-21.21s %-50.50s\n",
940 groups[i].acct_name,
941 groups[i].acct_desc);
942 else
943 printf("%-21.21s\n", groups[i].acct_name);
944 }
945 } while (!NT_STATUS_IS_OK(result));
946 cli_samr_close(cli, mem_ctx, &domain_pol);
947 /* Get builtin policy handle */
948
949 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
950 MAXIMUM_ALLOWED_ACCESS,
951 &global_sid_Builtin, &domain_pol);
952 if (!NT_STATUS_IS_OK(result)) {
953 goto done;
954 }
955 /* query builtin aliases */
956 do {
957 result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol,
958 &start_idx, max_entries,
959 &groups, &num_entries);
960
961 for (i = 0; i < num_entries; i++) {
962 if (opt_long_list_entries)
963 printf("%-21.21s %-50.50s\n",
964 groups[i].acct_name,
965 groups[i].acct_desc);
966 else
967 printf("%s\n", groups[i].acct_name);
968 }
969 } while (!NT_STATUS_IS_OK(result));
970
971 done:
972 return result;
973 }
974
975 /**
976 * 'net rpc group' entrypoint.
977 * @param argc Standard main() style argc
978 * @param argc Standard main() style argv. Initial components are already
979 * stripped
980 **/
981
982 int net_rpc_group(int argc, const char **argv)
983 {
984 struct functable func[] = {
985 #if 0
986 {"add", rpc_group_add},
987 {"delete", rpc_group_delete},
988 #endif
989 {NULL, NULL}
990 };
991
992 if (argc == 0) {
993 if (opt_long_list_entries) {
994 } else {
995 }
996 return run_rpc_command(NULL, PIPE_SAMR, 0,
997 rpc_group_list_internals,
998 argc, argv);
999 }
1000
1001 return net_run_function(argc, argv, func, rpc_group_usage);
1002 }
1003
1004 /****************************************************************************/
1005
1006 static int rpc_share_usage(int argc, const char **argv)
1007 {
1008 return net_help_share(argc, argv);
1009 }
1010
1011 /**
1012 * Add a share on a remote RPC server
1013 *
1014 * All parameters are provided by the run_rpc_command function, except for
1015 * argc, argv which are passes through.
1016 *
1017 * @param domain_sid The domain sid acquired from the remote server
1018 * @param cli A cli_state connected to the server.
1019 * @param mem_ctx Talloc context, destoyed on completion of the function.
1020 * @param argc Standard main() style argc
1021 * @param argv Standard main() style argv. Initial components are already
1022 * stripped
1023 *
1024 * @return Normal NTSTATUS return.
1025 **/
1026 static NTSTATUS
1027 rpc_share_add_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1028 TALLOC_CTX *mem_ctx,int argc, const char **argv)
1029 {
1030 WERROR result;
1031 char *sharename=talloc_strdup(mem_ctx, argv[0]);
1032 char *path;
1033 uint32 type=0; /* only allow disk shares to be added */
1034 uint32 num_users=0, perms=0;
1035 char *password=NULL; /* don't allow a share password */
1036
1037 path = strchr(sharename, '=');
1038 if (!path)
1039 return NT_STATUS_UNSUCCESSFUL;
1040 *path++ = '\0';
1041
1042 result = cli_srvsvc_net_share_add(cli, mem_ctx, sharename, type,
1043 opt_comment, perms, opt_maxusers,
1044 num_users, path, password);
1045 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1046 }
1047
1048 static int rpc_share_add(int argc, const char **argv)
1049 {
1050 if ((argc < 1) || !strchr(argv[0], '=')) {
1051 DEBUG(1,("Sharename or path not specified on add\n"));
1052 return rpc_share_usage(argc, argv);
1053 }
1054 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1055 rpc_share_add_internals,
1056 argc, argv);
1057 }
1058
1059 /**
1060 * Delete a share on a remote RPC server
1061 *
1062 * All parameters are provided by the run_rpc_command function, except for
1063 * argc, argv which are passes through.
1064 *
1065 * @param domain_sid The domain sid acquired from the remote server
1066 * @param cli A cli_state connected to the server.
1067 * @param mem_ctx Talloc context, destoyed on completion of the function.
1068 * @param argc Standard main() style argc
1069 * @param argv Standard main() style argv. Initial components are already
1070 * stripped
1071 *
1072 * @return Normal NTSTATUS return.
1073 **/
1074 static NTSTATUS
1075 rpc_share_del_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1076 TALLOC_CTX *mem_ctx,int argc, const char **argv)
1077 {
1078 WERROR result;
1079
1080 result = cli_srvsvc_net_share_del(cli, mem_ctx, argv[0]);
1081 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1082 }
1083
1084 /**
1085 * Delete a share on a remote RPC server
1086 *
1087 * @param domain_sid The domain sid acquired from the remote server
1088 * @param argc Standard main() style argc
1089 * @param argv Standard main() style argv. Initial components are already
1090 * stripped
1091 *
1092 * @return A shell status integer (0 for success)
1093 **/
1094 static int rpc_share_delete(int argc, const char **argv)
1095 {
1096 if (argc < 1) {
1097 DEBUG(1,("Sharename not specified on delete\n"));
1098 return rpc_share_usage(argc, argv);
1099 }
1100 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1101 rpc_share_del_internals,
1102 argc, argv);
1103 }
1104
1105 /**
1106 * Formatted print of share info
1107 *
1108 * @param info1 pointer to SRV_SHARE_INFO_1 to format
1109 **/
1110
1111 static void display_share_info_1(SRV_SHARE_INFO_1 *info1)
1112 {
1113 fstring netname = "", remark = "";
1114
1115 rpcstr_pull_unistr2_fstring(netname, &info1->info_1_str.uni_netname);
1116 rpcstr_pull_unistr2_fstring(remark, &info1->info_1_str.uni_remark);
1117
1118 if (opt_long_list_entries) {
1119 d_printf("%-12.12s %-8.8s %-50.50s\n",
1120 netname, share_type[info1->info_1.type], remark);
1121 } else {
1122 d_printf("%-12.12s\n", netname);
1123 }
1124
1125 }
1126
1127 /**
1128 * List shares on a remote RPC server
1129 *
1130 * All parameters are provided by the run_rpc_command function, except for
1131 * argc, argv which are passes through.
1132 *
1133 * @param domain_sid The domain sid acquired from the remote server
1134 * @param cli A cli_state connected to the server.
1135 * @param mem_ctx Talloc context, destoyed on completion of the function.
1136 * @param argc Standard main() style argc
1137 * @param argv Standard main() style argv. Initial components are already
1138 * stripped
1139 *
1140 * @return Normal NTSTATUS return.
1141 **/
1142
1143 static NTSTATUS
1144 rpc_share_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1145 TALLOC_CTX *mem_ctx, int argc, const char **argv)
1146 {
1147 SRV_SHARE_INFO_CTR ctr;
1148 WERROR result;
1149 ENUM_HND hnd;
1150 uint32 preferred_len = 0xffffffff, i;
1151
1152 init_enum_hnd(&hnd, 0);
1153
1154 result = cli_srvsvc_net_share_enum(
1155 cli, mem_ctx, 1, &ctr, preferred_len, &hnd);
1156
1157 if (!W_ERROR_IS_OK(result))
1158 goto done;
1159
1160 /* Display results */
1161
1162 if (opt_long_list_entries) {
1163 d_printf(
1164 "\nEnumerating shared resources (exports) on remote server:\n\n"\
1165 "\nShare name Type Description\n"\
1166 "---------- ---- -----------\n");
1167 }
1168 for (i = 0; i < ctr.num_entries; i++)
1169 display_share_info_1(&ctr.share.info1[i]);
1170 done:
1171 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1172 }
1173
1174 /**
1175 * 'net rpc share' entrypoint.
1176 * @param argc Standard main() style argc
1177 * @param argv Standard main() style argv. Initial components are already
1178 * stripped
1179 **/
1180
1181 int net_rpc_share(int argc, const char **argv)
1182 {
1183 struct functable func[] = {
1184 {"add", rpc_share_add},
1185 {"delete", rpc_share_delete},
1186 {NULL, NULL}
1187 };
1188
1189 if (argc == 0)
1190 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1191 rpc_share_list_internals,
1192 argc, argv);
1193
1194 return net_run_function(argc, argv, func, rpc_share_usage);
1195 }
1196
1197 /****************************************************************************/
1198
1199 static int rpc_file_usage(int argc, const char **argv)
1200 {
1201 return net_help_file(argc, argv);
1202 }
1203
1204 /**
1205 * Close a file on a remote RPC server
1206 *
1207 * All parameters are provided by the run_rpc_command function, except for
1208 * argc, argv which are passes through.
1209 *
1210 * @param domain_sid The domain sid acquired from the remote server
1211 * @param cli A cli_state connected to the server.
1212 * @param mem_ctx Talloc context, destoyed on completion of the function.
1213 * @param argc Standard main() style argc
1214 * @param argv Standard main() style argv. Initial components are already
1215 * stripped
1216 *
1217 * @return Normal NTSTATUS return.
1218 **/
1219 static NTSTATUS
1220 rpc_file_close_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1221 TALLOC_CTX *mem_ctx, int argc, const char **argv)
1222 {
1223 WERROR result;
1224 result = cli_srvsvc_net_file_close(cli, mem_ctx, atoi(argv[0]));
1225 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1226 }
1227
1228 /**
1229 * Close a file on a remote RPC server
1230 *
1231 * @param argc Standard main() style argc
1232 * @param argv Standard main() style argv. Initial components are already
1233 * stripped
1234 *
1235 * @return A shell status integer (0 for success)
1236 **/
1237 static int rpc_file_close(int argc, const char **argv)
1238 {
1239 if (argc < 1) {
1240 DEBUG(1, ("No fileid given on close\n"));
1241 return(rpc_file_usage(argc, argv));
1242 }
1243
1244 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1245 rpc_file_close_internals,
1246 argc, argv);
1247 }
1248
1249 /**
1250 * Formatted print of open file info
1251 *
1252 * @param info3 FILE_INFO_3 contents
1253 * @param str3 strings for FILE_INFO_3
1254 **/
1255
1256 static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3)
1257 {
1258 fstring user = "", path = "";
1259
1260 rpcstr_pull_unistr2_fstring(user, &str3->uni_user_name);
1261 rpcstr_pull_unistr2_fstring(path, &str3->uni_path_name);
1262
1263 d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
1264 info3->id, user, info3->perms, info3->num_locks, path);
1265 }
1266
1267 /**
1268 * List open files on a remote RPC server
1269 *
1270 * All parameters are provided by the run_rpc_command function, except for
1271 * argc, argv which are passes through.
1272 *
1273 * @param domain_sid The domain sid acquired from the remote server
1274 * @param cli A cli_state connected to the server.
1275 * @param mem_ctx Talloc context, destoyed on completion of the function.
1276 * @param argc Standard main() style argc
1277 * @param argv Standard main() style argv. Initial components are already
1278 * stripped
1279 *
1280 * @return Normal NTSTATUS return.
1281 **/
1282
1283 static NTSTATUS
1284 rpc_file_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1285 TALLOC_CTX *mem_ctx, int argc, const char **argv)
1286 {
1287 SRV_FILE_INFO_CTR ctr;
1288 WERROR result;
1289 ENUM_HND hnd;
1290 uint32 preferred_len = 0xffffffff, i;
1291 const char *username=NULL;
1292
1293 init_enum_hnd(&hnd, 0);
1294
1295 /* if argc > 0, must be user command */
1296 if (argc > 0)
1297 username = smb_xstrdup(argv[0]);
1298
1299 result = cli_srvsvc_net_file_enum(
1300 cli, mem_ctx, 3, username, &ctr, preferred_len, &hnd);
1301
1302 if (!W_ERROR_IS_OK(result))
1303 goto done;
1304
1305 /* Display results */
1306
1307 d_printf(
1308 "\nEnumerating open files on remote server:\n\n"\
1309 "\nFileId Opened by Perms Locks Path"\
1310 "\n------ --------- ----- ----- ---- \n");
1311 for (i = 0; i < ctr.num_entries; i++)
1312 display_file_info_3(&ctr.file.info3[i].info_3,
1313 &ctr.file.info3[i].info_3_str);
1314 done:
1315 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1316 }
1317
1318
1319 /**
1320 * List files for a user on a remote RPC server
1321 *
1322 * @param argc Standard main() style argc
1323 * @param argv Standard main() style argv. Initial components are already
1324 * stripped
1325 *
1326 * @return A shell status integer (0 for success)
1327 **/
1328 static int rpc_file_user(int argc, const char **argv)
1329 {
1330 if (argc < 1) {
1331 DEBUG(1, ("No username given\n"));
1332 return(rpc_file_usage(argc, argv));
1333 }
1334
1335 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1336 rpc_file_list_internals,
1337 argc, argv);
1338 }
1339
1340
1341 /**
1342 * 'net rpc file' entrypoint.
1343 * @param argc Standard main() style argc
1344 * @param argv Standard main() style argv. Initial components are already
1345 * stripped
1346 **/
1347
1348 int net_rpc_file(int argc, const char **argv)
1349 {
1350 struct functable func[] = {
1351 {"close", rpc_file_close},
1352 {"user", rpc_file_user},
1353 #if 0
1354 {"info", rpc_file_info},
1355 #endif
1356 {NULL, NULL}
1357 };
1358
1359 if (argc == 0)
1360 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1361 rpc_file_list_internals,
1362 argc, argv);
1363
1364 return net_run_function(argc, argv, func, rpc_file_usage);
1365 }
1366
1367 /****************************************************************************/
1368
1369
1370
1371 /**
1372 * ABORT the shutdown of a remote RPC Server
1373 *
1374 * All parameters are provided by the run_rpc_command function, except for
1375 * argc, argv which are passed through.
1376 *
1377 * @param domain_sid The domain sid aquired from the remote server
1378 * @param cli A cli_state connected to the server.
1379 * @param mem_ctx Talloc context, destoyed on compleation of the function.
1380 * @param argc Standard main() style argc
1381 * @param argv Standard main() style argv. Initial components are already
1382 * stripped
1383 *
1384 * @return Normal NTSTATUS return.
1385 **/
1386
1387 static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1388 int argc, const char **argv)
1389 {
1390 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1391
1392 result = cli_reg_abort_shutdown(cli, mem_ctx);
1393
1394 if (NT_STATUS_IS_OK(result))
1395 DEBUG(5,("cmd_reg_abort_shutdown: query succeeded\n"));
1396 else
1397 DEBUG(5,("cmd_reg_abort_shutdown: query failed\n"));
1398
1399 return result;
1400 }
1401
1402
1403 /**
1404 * ABORT the Shut down of a remote RPC server
1405 *
1406 * @param argc Standard main() style argc
1407 * @param argv Standard main() style argv. Initial components are already
1408 * stripped
1409 *
1410 * @return A shell status integer (0 for success)
1411 **/
1412
1413 static int rpc_shutdown_abort(int argc, const char **argv)
1414 {
1415 return run_rpc_command(NULL, PIPE_WINREG, 0, rpc_shutdown_abort_internals,
1416 argc, argv);
1417 }
1418
1419 /**
1420 * Shut down a remote RPC Server
1421 *
1422 * All parameters are provided by the run_rpc_command function, except for
1423 * argc, argv which are passes through.
1424 *
1425 * @param domain_sid The domain sid aquired from the remote server
1426 * @param cli A cli_state connected to the server.
1427 * @param mem_ctx Talloc context, destoyed on compleation of the function.
1428 * @param argc Standard main() style argc
1429 * @param argc Standard main() style argv. Initial components are already
1430 * stripped
1431 *
1432 * @return Normal NTSTATUS return.
1433 **/
1434
1435 static NTSTATUS rpc_shutdown_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1436 int argc, const char **argv)
1437 {
1438 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1439 char *msg = "This machine will be shutdown shortly";
1440 uint32 timeout = 20;
1441 uint16 flgs = 0;
1442 BOOL reboot = opt_reboot;
1443 BOOL force = opt_force;
1444 #if 0
1445 poptContext pc;
1446 int rc;
1447
1448 struct poptOption long_options[] = {
1449 {"message", 'm', POPT_ARG_STRING, &msg},
1450 {"timeout", 't', POPT_ARG_INT, &timeout},
1451 {"reboot", 'r', POPT_ARG_NONE, &reboot},
1452 {"force", 'f', POPT_ARG_NONE, &force},
1453 { 0, 0, 0, 0}
1454 };
1455
1456 pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
1457 POPT_CONTEXT_KEEP_FIRST);
1458
1459 rc = poptGetNextOpt(pc);
1460
1461 if (rc < -1) {
1462 /* an error occurred during option processing */
1463 DEBUG(0, ("%s: %s\n",
1464 poptBadOption(pc, POPT_BADOPTION_NOALIAS),
1465 poptStrerror(rc)));
1466 return NT_STATUS_INVALID_PARAMETER;
1467 }
1468 #endif
1469 if (reboot) {
1470 flgs |= REG_REBOOT_ON_SHUTDOWN;
1471 }
1472 if (force) {
1473 flgs |= REG_FORCE_SHUTDOWN;
1474 }
1475 if (opt_comment) {
1476 msg = opt_comment;
1477 }
1478 if (opt_timeout) {
1479 timeout = opt_timeout;
1480 }
1481
1482 /* create an entry */
1483 result = cli_reg_shutdown(cli, mem_ctx, msg, timeout, flgs);
1484
1485 if (NT_STATUS_IS_OK(result))
1486 DEBUG(5,("Shutdown of remote machine succeeded\n"));
1487 else
1488 DEBUG(0,("Shutdown of remote machine failed!\n"));
1489
1490 return result;
1491 }
1492
1493 /**
1494 * Shut down a remote RPC server
1495 *
1496 * @param argc Standard main() style argc
1497 * @param argc Standard main() style argv. Initial components are already
1498 * stripped
1499 *
1500 * @return A shell status integer (0 for success)
1501 **/
1502
1503 static int rpc_shutdown(int argc, const char **argv)
1504 {
1505 return run_rpc_command(NULL, PIPE_WINREG, 0, rpc_shutdown_internals,
1506 argc, argv);
1507 }
1508
1509 /***************************************************************************
1510 NT Domain trusts code (i.e. 'net rpc trustdom' functionality)
1511
1512 ***************************************************************************/
1513
1514 /**
1515 * Add interdomain trust account to the RPC server.
1516 * All parameters (except for argc and argv) are passed by run_rpc_command
1517 * function.
1518 *
1519 * @param domain_sid The domain sid acquired from the server
1520 * @param cli A cli_state connected to the server.
1521 * @param mem_ctx Talloc context, destoyed on completion of the function.
1522 * @param argc Standard main() style argc
1523 * @param argc Standard main() style argv. Initial components are already
1524 * stripped
1525 *
1526 * @return normal NTSTATUS return code
1527 */
1528
1529 static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1530 int argc, const char **argv) {
1531
1532 POLICY_HND connect_pol, domain_pol, user_pol;
1533 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1534 char *acct_name;
1535 uint16 acb_info;
1536 uint32 unknown, user_rid;
1537
1538 if (argc != 1) {
1539 d_printf("Usage: net rpc trustdom add <domain_name>\n");
1540 return NT_STATUS_INVALID_PARAMETER;
1541 }
1542
1543 /*
1544 * Make valid trusting domain account (ie. uppercased and with '$' appended)
1545 */
1546
1547 if (asprintf(&acct_name, "%s$", argv[0]) < 0) {
1548 return NT_STATUS_NO_MEMORY;
1549 }
1550
1551 strupper(acct_name);
1552
1553 /* Get samr policy handle */
1554 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1555 &connect_pol);
1556 if (!NT_STATUS_IS_OK(result)) {
1557 goto done;
1558 }
1559
1560 /* Get domain policy handle */
1561 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
1562 MAXIMUM_ALLOWED_ACCESS,
1563 domain_sid, &domain_pol);
1564 if (!NT_STATUS_IS_OK(result)) {
1565 goto done;
1566 }
1567
1568 /* Create trusting domain's account */
1569 acb_info = ACB_DOMTRUST;
1570 unknown = 0xe005000b; /* No idea what this is - a permission mask?
1571 mimir: yes, most probably it is */
1572
1573 result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
1574 acct_name, acb_info, unknown,
1575 &user_pol, &user_rid);
1576 if (!NT_STATUS_IS_OK(result)) {
1577 goto done;
1578 }
1579
1580 done:
1581 SAFE_FREE(acct_name);
1582 return result;
1583 }
1584
1585 /**
1586 * Create interdomain trust account for a remote domain.
1587 *
1588 * @param argc standard argc
1589 * @param argv standard argv without initial components
1590 *
1591 * @return Integer status (0 means success)
1592 **/
1593
1594 static int rpc_trustdom_add(int argc, const char **argv)
1595 {
1596 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_trustdom_add_internals,
1597 argc, argv);
1598 }
1599
1600
1601 /**
1602 * Delete interdomain trust account for a remote domain.
1603 *
1604 * @param argc standard argc
1605 * @param argv standard argv without initial components
1606 *
1607 * @return Integer status (0 means success)
1608 **/
1609
1610 static int rpc_trustdom_del(int argc, const char **argv)
1611 {
1612 d_printf("Sorry, not yet implemented.\n");
1613 return -1;
1614 }
1615
1616
1617 /**
1618 * Establish trust relationship to a trusting domain.
1619 * Interdomain account must already be created on remote PDC.
1620 *
1621 * @param argc standard argc
1622 * @param argv standard argv without initial components
1623 *
1624 * @return Integer status (0 means success)
1625 **/
1626
1627 extern char *opt_user_name;
1628 extern char *opt_password;
1629 extern char *opt_workgroup;
1630
1631 static int rpc_trustdom_establish(int argc, const char **argv)
1632 {
1633 struct cli_state *cli;
1634 struct in_addr server_ip;
1635 POLICY_HND connect_hnd;
1636 TALLOC_CTX *mem_ctx;
1637 NTSTATUS nt_status;
1638 DOM_SID domain_sid;
1639 WKS_INFO_100 wks_info;
1640
1641 char* domain_name;
1642 char* acct_name;
1643 fstring pdc_name;
1644
1645 /*
1646 * Connect to \\server\ipc$ as 'our domain' account with password
1647 */
1648
1649 if (argc != 1) {
1650 d_printf("Usage: net rpc trustdom establish <domain_name>\n");
1651 return -1;
1652 }
1653
1654 domain_name = smb_xstrdup(argv[0]);
1655 strupper(domain_name);
1656
1657 /*
1658 * opt_workgroup will be used by connection functions further,
1659 * hence it should be set to remote domain name instead of ours
1660 */
1661 if (opt_workgroup) {
1662 SAFE_FREE(opt_workgroup);
1663 opt_workgroup = smb_xstrdup(domain_name);
1664 };
1665
1666 asprintf(&acct_name, "%s$", lp_workgroup());
1667 strupper(acct_name);
1668
1669 opt_user_name = acct_name;
1670
1671 /* find the domain controller */
1672 if (!net_find_dc(&server_ip, pdc_name, domain_name)) {
1673 DEBUG(0, ("Coulnd find domain controller for domain %s\n", domain_name));
1674 return -1;
1675 }
1676
1677 /* connect to ipc$ as username/password */
1678 nt_status = connect_to_ipc(&cli, &server_ip, pdc_name);
1679 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
1680
1681 /* Is it trusting domain account for sure ? */
1682 DEBUG(0, ("Couldn't verify trusting domain account. Error was %s\n",
1683 nt_errstr(nt_status)));
1684 return -1;
1685 }
1686
1687 /*
1688 * Connect to \\server\ipc$ again (this time anonymously)
1689 */
1690
1691 nt_status = connect_to_ipc_anonymous(&cli, &server_ip, (char*)pdc_name);
1692
1693 if (NT_STATUS_IS_ERR(nt_status)) {
1694 DEBUG(0, ("Couldn't connect to domain %s controller. Error was %s.\n",
1695 domain_name, nt_errstr(nt_status)));
1696 }
1697
1698 /*
1699 * Use NetServerEnum2 to make sure we're talking to a proper server
1700 */
1701
1702 if (!cli_get_pdc_name(cli, domain_name, (char*)pdc_name)) {
1703 DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\
1704 for domain %s\n", domain_name));
1705 }
1706
1707 /*
1708 * Call WksQueryInfo to check remote server's capabilities
1709 * note: It is now used only to get unicode domain name
1710 */
1711
1712 if (!cli_nt_session_open(cli, PIPE_WKSSVC)) {
1713 DEBUG(0, ("Couldn't not initialise wkssvc pipe\n"));
1714 return -1;
1715 }
1716
1717 if (!(mem_ctx = talloc_init_named("establishing trust relationship to domain %s",
1718 domain_name))) {
1719 DEBUG(0, ("talloc_init() failed\n"));
1720 cli_shutdown(cli);
1721 return -1;
1722 }
1723
1724 nt_status = cli_wks_query_info(cli, mem_ctx, &wks_info);
1725
1726 if (NT_STATUS_IS_ERR(nt_status)) {
1727 DEBUG(0, ("WksQueryInfo call failed.\n"));
1728 return -1;
1729 }
1730
1731 if (cli->nt_pipe_fnum)
1732 cli_nt_session_close(cli);
1733
1734
1735 /*
1736 * Call LsaOpenPolicy and LsaQueryInfo
1737 */
1738
1739 if (!(mem_ctx = talloc_init())) {
1740 DEBUG(0, ("talloc_init() failed\n"));
1741 cli_shutdown(cli);
1742 return -1;
1743 }
1744
1745 if (!cli_nt_session_open(cli, PIPE_LSARPC)) {
1746 DEBUG(0, ("Could not initialise lsa pipe\n"));
1747 cli_shutdown(cli);
1748 return -1;
1749 }
1750
1751 nt_status = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE,
1752 &connect_hnd);
1753 if (NT_STATUS_IS_ERR(nt_status)) {
1754 DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
1755 nt_errstr(nt_status)));
1756 return -1;
1757 }
1758
1759 /* Querying info level 5 */
1760
1761 nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd,
1762 5 /* info level */, domain_name,
1763 &domain_sid);
1764 if (NT_STATUS_IS_ERR(nt_status)) {
1765 DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
1766 nt_errstr(nt_status)));
1767 return -1;
1768 }
1769
1770
1771
1772
1773 /* There should be actually query info level 3 (following nt serv behaviour),
1774 but I still don't know if it's _really_ necessary */
1775
1776 /*
1777 * Store the password in secrets db
1778 */
1779
1780 if (!secrets_store_trusted_domain_password(domain_name, wks_info.uni_lan_grp.buffer,
1781 wks_info.uni_lan_grp.uni_str_len, opt_password,
1782 domain_sid)) {
1783 DEBUG(0, ("Storing password for trusted domain failed.\n"));
1784 return -1;
1785 }
1786
1787 /*
1788 * Close the pipes and clean up
1789 */
1790
1791 nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd);
1792 if (NT_STATUS_IS_ERR(nt_status)) {
1793 DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n",
1794 nt_errstr(nt_status)));
1795 return -1;
1796 }
1797
1798 if (cli->nt_pipe_fnum)
1799 cli_nt_session_close(cli);
1800
1801 talloc_destroy(mem_ctx);
1802
1803 DEBUG(0, ("Success!\n"));
1804 return 0;
1805 }
1806
1807 /**
1808 * Revoke trust relationship to the remote domain
1809 *
1810 * @param argc standard argc
1811 * @param argv standard argv without initial components
1812 *
1813 * @return Integer status (0 means success)
1814 **/
1815
1816 static int rpc_trustdom_revoke(int argc, const char **argv)
1817 {
1818 char* domain_name;
1819
1820 if (argc < 1) return -1;
1821
1822 /* generate upper cased domain name */
1823 domain_name = smb_xstrdup(argv[0]);
1824 strupper(domain_name);
1825
1826 /* delete password of the trust */
1827 if (!trusted_domain_password_delete(domain_name)) {
1828 DEBUG(0, ("Failed to revoke relationship to the trusted domain %s\n",
1829 domain_name));
1830 return -1;
1831 };
1832
1833 return 0;
1834 }
1835
1836 /**
1837 * Usage for 'net rpc trustdom' command
1838 *
1839 * @param argc standard argc
1840 * @param argv standard argv without inital components
1841 *
1842 * @return Integer status returned to shell
1843 **/
1844
1845 static int rpc_trustdom_usage(int argc, const char **argv)
1846 {
1847 d_printf(" net rpc trustdom add \t\t add trusting domain's account\n");
1848 d_printf(" net rpc trustdom del \t\t delete trusting domain's account\n");
1849 d_printf(" net rpc trustdom establish \t establish relationship to trusted domain\n");
1850 d_printf(" net rpc trustdom revoke \t abandon relationship to trusted domain\n");
1851 d_printf(" net rpc trustdom list \t show current interdomain trust relationships\n");
1852 return -1;
1853 }
1854
1855
1856 static NTSTATUS rpc_query_domain_sid(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1857 int argc, const char **argv)
1858 {
1859 fstring str_sid;
1860 sid_to_string(str_sid, domain_sid);
1861 d_printf("%s\n", str_sid);
1862 return NT_STATUS_OK;
1863 };
1864
1865
1866 extern char* opt_workgroup;
1867 extern char* opt_target_worgroup;
1868 extern char* opt_host;
1869 extern char* opt_password;
1870
1871 static int rpc_trustdom_list(int argc, const char **argv)
1872 {
1873 /* common variables */
1874 TALLOC_CTX* mem_ctx;
1875 struct cli_state *cli, *remote_cli;
1876 NTSTATUS nt_status;
1877 char *domain_name = NULL;
1878 DOM_SID queried_dom_sid;
1879 fstring ascii_sid, padding;
1880 int ascii_dom_name_len;
1881 POLICY_HND connect_hnd;
1882
1883 /* trusted domains listing variables */
1884 int enum_ctx = 0;
1885 int num_domains, i, pad_len, col_len = 20;
1886 DOM_SID *domain_sids;
1887 char **trusted_dom_names;
1888 fstring pdc_name;
1889
1890 /* trusting domains listing variables */
1891 POLICY_HND domain_hnd;
1892 char **trusting_dom_names;
1893 uint32 *trusting_dom_rids;
1894
1895 /*
1896 * Listing trusted domains (stored in secrets.tdb, if local)
1897 */
1898
1899 mem_ctx = talloc_init_named("trust relationships listing");
1900
1901 /*
1902 * set domain and pdc name to local samba server (default)
1903 * or to remote one given in command line
1904 */
1905 strupper(opt_workgroup);
1906 if (strcmp(opt_workgroup, lp_workgroup())) {
1907 domain_name = opt_workgroup;
1908 if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup);
1909 opt_target_workgroup = opt_workgroup;
1910 } else {
1911 safe_strcpy(pdc_name, global_myname, FSTRING_LEN);
1912 domain_name = talloc_strdup(mem_ctx, lp_workgroup());
1913 if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup);
1914 opt_target_workgroup = domain_name;
1915 };
1916
1917 /* open \PIPE\lsarpc and open policy handle */
1918 if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) {
1919 DEBUG(0, ("Couldn't connect to domain controller\n"));
1920 return -1;
1921 };
1922
1923 if (!cli_nt_session_open(cli, PIPE_LSARPC)) {
1924 DEBUG(0, ("Could not initialise lsa pipe\n"));
1925 return -1;
1926 };
1927
1928 nt_status = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE,
1929 &connect_hnd);
1930 if (NT_STATUS_IS_ERR(nt_status)) {
1931 DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
1932 nt_errstr(nt_status)));
1933 return -1;
1934 };
1935
1936 /* query info level 5 to obtain sid of a domain being queried */
1937 nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd,
1938 5 /* info level */, domain_name, &queried_dom_sid);
1939 if (NT_STATUS_IS_ERR(nt_status)) {
1940 DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
1941 nt_errstr(nt_status)));
1942 return -1;
1943 }
1944
1945 /*
1946 * Keep calling LsaEnumTrustdom over opened pipe until
1947 * the end of enumeration is reached
1948 */
1949
1950 d_printf("Trusted domains list:\n\n");
1951
1952 do {
1953 nt_status = cli_lsa_enum_trust_dom(cli, mem_ctx, &connect_hnd, &enum_ctx,
1954 &num_domains,
1955 &trusted_dom_names, &domain_sids);
1956
1957 if (NT_STATUS_IS_ERR(nt_status)) {
1958 DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
1959 nt_errstr(nt_status)));
1960 return -1;
1961 };
1962
1963 for (i = 0; i < num_domains; i++) {
1964 /* convert sid into ascii string */
1965 sid_to_string(ascii_sid, &(domain_sids[i]));
1966
1967 /* calculate padding space for d_printf to look nicer */
1968 pad_len = col_len - strlen(trusted_dom_names[i]);
1969 padding[pad_len] = 0;
1970 do padding[--pad_len] = ' '; while (pad_len);
1971
1972 d_printf("%s%s%s\n", trusted_dom_names[i], padding, ascii_sid);
1973 };
1974
1975 /*
1976 * in case of no trusted domains say something rather
1977 * than just display blank line
1978 */
1979 if (!num_domains) d_printf("none\n");
1980
1981 } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
1982
1983 /* close this connection before doing next one */
1984 nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd);
1985 if (NT_STATUS_IS_ERR(nt_status)) {
1986 DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
1987 nt_errstr(nt_status)));
1988 return -1;
1989 };
1990
1991 cli_nt_session_close(cli);
1992
1993 /*
1994 * Listing trusting domains (stored in passdb backend, if local)
1995 */
1996
1997 d_printf("\nTrusting domains list:\n\n");
1998
1999 /*
2000 * Open \PIPE\samr and get needed policy handles
2001 */
2002 if (!cli_nt_session_open(cli, PIPE_SAMR)) {
2003 DEBUG(0, ("Could not initialise samr pipe\n"));
2004 return -1;
2005 };
2006
2007 /* SamrConnect */
2008 nt_status = cli_samr_connect(cli, mem_ctx, SAMR_ACCESS_OPEN_DOMAIN,
2009 &connect_hnd);
2010 if (!NT_STATUS_IS_OK(nt_status)) {
2011 DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
2012 nt_errstr(nt_status)));
2013 return -1;
2014 };
2015
2016 /* SamrOpenDomain - we have to open domain policy handle in order to be
2017 able to enumerate accounts*/
2018 nt_status = cli_samr_open_domain(cli, mem_ctx, &connect_hnd,
2019 DOMAIN_ACCESS_ENUM_ACCOUNTS,
2020 &queried_dom_sid, &domain_hnd);
2021 if (!NT_STATUS_IS_OK(nt_status)) {
2022 DEBUG(0, ("Couldn't open domain object. Error was %s\n",
2023 nt_errstr(nt_status)));
2024 return -1;
2025 };
2026
2027 /*
2028 * perform actual enumeration
2029 */
2030
2031 enum_ctx = 0; /* reset enumeration context from last enumeration */
2032 do {
2033
2034 nt_status = cli_samr_enum_dom_users(cli, mem_ctx, &domain_hnd,
2035 &enum_ctx, ACB_DOMTRUST, 0xffff,
2036 &trusting_dom_names, &trusting_dom_rids,
2037 &num_domains);
2038 if (NT_STATUS_IS_ERR(nt_status)) {
2039 DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n",
2040 nt_errstr(nt_status)));
2041 return -1;
2042 };
2043
2044 for (i = 0; i < num_domains; i++) {
2045
2046 /*
2047 * get each single domain's sid (do we _really_ need this ?):
2048 * 1) connect to domain's pdc
2049 * 2) query the pdc for domain's sid
2050 */
2051
2052 /* get rid of '$' tail */
2053 ascii_dom_name_len = strlen(trusting_dom_names[i]);
2054 if (ascii_dom_name_len && ascii_dom_name_len < FSTRING_LEN)
2055 trusting_dom_names[i][ascii_dom_name_len - 1] = '\0';
2056
2057 /* calculate padding space for d_printf to look nicer */
2058 pad_len = col_len - strlen(trusting_dom_names[i]);
2059 padding[pad_len] = 0;
2060 do padding[--pad_len] = ' '; while (pad_len);
2061
2062 /* set opt_* variables to remote domain */
2063 strupper(trusting_dom_names[i]);
2064 opt_workgroup = talloc_strdup(mem_ctx, trusting_dom_names[i]);
2065 if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup);
2066 opt_target_workgroup = opt_workgroup;
2067
2068 d_printf("%s%s", trusting_dom_names[i], padding);
2069
2070 /* connect to remote domain controller */
2071 remote_cli = net_make_ipc_connection(NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS);
2072 if (remote_cli) {
2073 /* query for domain's sid */
2074 if (run_rpc_command(remote_cli, PIPE_LSARPC, 0, rpc_query_domain_sid, argc, argv))
2075 d_printf("couldn't get domain's sid\n");
2076
2077 cli_shutdown(remote_cli);
2078
2079 } else {
2080 d_printf("domain controller is not responding\n");
2081 };
2082 };
2083
2084 if (!num_domains) d_printf("none\n");
2085
2086 } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
2087
2088 /* close opened samr and domain policy handles */
2089 nt_status = cli_samr_close(cli, mem_ctx, &domain_hnd);
2090 if (!NT_STATUS_IS_OK(nt_status)) {
2091 DEBUG(0, ("Couldn't properly close domain policy handle for domain %s\n", domain_name));
2092 };
2093
2094 nt_status = cli_samr_close(cli, mem_ctx, &connect_hnd);
2095 if (!NT_STATUS_IS_OK(nt_status)) {
2096 DEBUG(0, ("Couldn't properly close samr policy handle for domain %s\n", domain_name));
2097 };
2098
2099 /* close samr pipe and connection to IPC$ */
2100 cli_nt_session_close(cli);
2101 cli_shutdown(cli);
2102
2103 talloc_destroy(mem_ctx);
2104 return 0;
2105 }
2106
2107 /**
2108 * Entrypoint for 'net rpc trustdom' code
2109 *
2110 * @param argc standard argc
2111 * @param argv standard argv without initial components
2112 *
2113 * @return Integer status (0 means success)
2114 */
2115
2116 static int rpc_trustdom(int argc, const char **argv)
2117 {
2118 struct functable func[] = {
2119 {"add", rpc_trustdom_add},
2120 {"del", rpc_trustdom_del},
2121 {"establish", rpc_trustdom_establish},
2122 {"revoke", rpc_trustdom_revoke},
2123 {"help", rpc_trustdom_usage},
2124 {"list", rpc_trustdom_list},
2125 {NULL, NULL}
2126 };
2127
2128 if (argc == 0) {
2129 rpc_trustdom_usage(argc, argv);
2130 return -1;
2131 }
2132
2133 return (net_run_function(argc, argv, func, rpc_user_usage));
2134 }
2135
2136 /**
2137 * Check if a server will take rpc commands
2138 * @param flags Type of server to connect to (PDC, DMB, localhost)
2139 * if the host is not explicitly specified
2140 * @return BOOL (true means rpc supported)
2141 */
2142 BOOL net_rpc_check(unsigned flags)
2143 {
2144 struct cli_state cli;
2145 BOOL ret = False;
2146 struct in_addr server_ip;
2147 char *server_name = NULL;
2148
2149 /* flags (i.e. server type) may depend on command */
2150 if (!net_find_server(flags, &server_ip, &server_name))
2151 return False;
2152
2153 ZERO_STRUCT(cli);
2154 if (cli_initialise(&cli) == False)
2155 return False;
2156
2157 if (!cli_connect(&cli, server_name, &server_ip))
2158 goto done;
2159 if (!attempt_netbios_session_request(&cli, global_myname,
2160 server_name, &server_ip))
2161 goto done;
2162 if (!cli_negprot(&cli))
2163 goto done;
2164 if (cli.protocol < PROTOCOL_NT1)
2165 goto done;
2166
2167 ret = True;
2168 done:
2169 cli_shutdown(&cli);
2170 return ret;
2171 }
2172
2173
2174 /****************************************************************************/
2175
2176
2177 /**
2178 * Basic usage function for 'net rpc'
2179 * @param argc Standard main() style argc
2180 * @param argv Standard main() style argv. Initial components are already
2181 * stripped
2182 **/
2183
2184 int net_rpc_usage(int argc, const char **argv)
2185 {
2186 d_printf(" net rpc info \t\t\tshow basic info about a domain \n");
2187 d_printf(" net rpc join \t\t\tto join a domain \n");
2188 d_printf(" net rpc testjoin \t\ttests that a join is valid\n");
2189 d_printf(" net rpc user \t\t\tto add, delete and list users\n");
2190 d_printf(" net rpc group \t\tto list groups\n");
2191 d_printf(" net rpc share \t\tto add, delete, and list shares\n");
2192 d_printf(" net rpc file \t\t\tto list open files\n");
2193 d_printf(" net rpc changetrustpw \tto change the trust account password\n");
2194 d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n");
2195 d_printf(" net rpc trustdom \t\tto create trusting domain's account\n"
2196 "\t\t\t\t\tor establish trust\n");
2197 d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n");
2198 d_printf(" net rpc shutdown \t\tto shutdown a remote server\n");
2199 d_printf("\n");
2200 d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */
2201 d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n");
2202 d_printf("\t-f or --force\trequest the remote server force its shutdown\n");
2203 d_printf("\t-t or --timeout=<timeout>\tnumber of seconds before shutdown\n");
2204 d_printf("\t-c or --comment=<message>\ttext message to display on impending shutdown\n");
2205 return -1;
2206 }
2207
2208
2209 /**
2210 * Help function for 'net rpc'. Calls command specific help if requested
2211 * or displays usage of net rpc
2212 * @param argc Standard main() style argc
2213 * @param argv Standard main() style argv. Initial components are already
2214 * stripped
2215 **/
2216
2217 int net_rpc_help(int argc, const char **argv)
2218 {
2219 struct functable func[] = {
2220 {"join", rpc_join_usage},
2221 {"user", rpc_user_usage},
2222 {"group", rpc_group_usage},
2223 {"share", rpc_share_usage},
2224 /*{"changetrustpw", rpc_changetrustpw_usage}, */
2225 {"trustdom", rpc_trustdom_usage},
2226 /*{"abortshutdown", rpc_shutdown_abort_usage},*/
2227 /*{"shutdown", rpc_shutdown_usage}, */
2228 {NULL, NULL}
2229 };
2230
2231 if (argc == 0) {
2232 net_rpc_usage(argc, argv);
2233 return -1;
2234 }
2235
2236 return (net_run_function(argc, argv, func, rpc_user_usage));
2237 }
2238
2239
2240 /**
2241 * 'net rpc' entrypoint.
2242 * @param argc Standard main() style argc
2243 * @param argv Standard main() style argv. Initial components are already
2244 * stripped
2245 **/
2246
2247 int net_rpc(int argc, const char **argv)
2248 {
2249 struct functable func[] = {
2250 {"info", net_rpc_info},
2251 {"join", net_rpc_join},
2252 {"testjoin", net_rpc_testjoin},
2253 {"user", net_rpc_user},
2254 {"group", net_rpc_group},
2255 {"share", net_rpc_share},
2256 {"file", net_rpc_file},
2257 {"changetrustpw", rpc_changetrustpw},
2258 {"trustdom", rpc_trustdom},
2259 {"abortshutdown", rpc_shutdown_abort},
2260 {"shutdown", rpc_shutdown},
2261 {"samdump", rpc_samdump},
2262 {"vampire", rpc_vampire},
2263 {"getsid", net_rpc_getsid},
2264 {"help", net_rpc_help},
2265 {NULL, NULL}
2266 };
2267 return net_run_function(argc, argv, func, net_rpc_usage);
2268 }
Samba GIT mirror