2 Samba Unix/Linux SMB client library
4 Copyright (C) 2001 Andrew Tridgell (tridge@samba.org)
5 Copyright (C) 2001 Remus Koos (remuskoos@yahoo.com)
6 Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com)
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 #include "../utils/net.h"
28 int net_ads_usage(int argc
, const char **argv
)
31 "\nnet ads join <org_unit>"\
32 "\n\tjoins the local machine to a ADS realm\n"\
34 "\n\tremoves the local machine from a ADS realm\n"\
36 "\n\ttests that an exiting join is OK\n"\
38 "\n\tlist, add, or delete users in the realm\n"\
40 "\n\tlist, add, or delete groups in the realm\n"\
42 "\n\tshows some info on the server\n"\
44 "\n\tdump the machine account details to stdout\n"
46 "\n\tperform a CLDAP search on the server\n"
47 "\nnet ads password <username@realm> -Uadmin_username@realm%%admin_pass"\
48 "\n\tchange a user's password using an admin account"\
49 "\n\t(note: use realm in UPPERCASE)\n"\
50 "\nnet ads changetrustpw"\
51 "\n\tchange the trust account password of this machine in the AD tree\n"\
52 "\nnet ads printer [info | publish | remove] <printername> <servername>"\
53 "\n\t lookup, add, or remove directory entry for a printer\n"\
55 "\n\tperform a raw LDAP search and dump the results\n"
57 "\n\tperform a raw LDAP search and dump attributes of a particular DN\n"
64 this implements the CLDAP based netlogon lookup requests
65 for finding the domain controller of a ADS domain
67 static int net_ads_lookup(int argc
, const char **argv
)
71 ads
= ads_init(NULL
, NULL
, opt_host
);
73 ads
->auth
.flags
|= ADS_AUTH_NO_BIND
;
78 if (!ads
|| !ads
->config
.realm
) {
79 d_printf("Didn't find the cldap server!\n");
83 return ads_cldap_netlogon(ads
);
88 static int net_ads_info(int argc
, const char **argv
)
92 ads
= ads_init(NULL
, NULL
, opt_host
);
95 ads
->auth
.flags
|= ADS_AUTH_NO_BIND
;
100 if (!ads
|| !ads
->config
.realm
) {
101 d_printf("Didn't find the ldap server!\n");
105 d_printf("LDAP server: %s\n", inet_ntoa(ads
->ldap_ip
));
106 d_printf("LDAP server name: %s\n", ads
->config
.ldap_server_name
);
107 d_printf("Realm: %s\n", ads
->config
.realm
);
108 d_printf("Bind Path: %s\n", ads
->config
.bind_path
);
109 d_printf("LDAP port: %d\n", ads
->ldap_port
);
110 d_printf("Server time: %s\n", http_timestring(ads
->config
.current_time
));
115 static void use_in_memory_ccache(void) {
116 /* Use in-memory credentials cache so we do not interfere with
117 * existing credentials */
118 setenv(KRB5_ENV_CCNAME
, "MEMORY:net_ads", 1);
121 static ADS_STRUCT
*ads_startup(void)
125 BOOL need_password
= False
;
126 BOOL second_time
= False
;
128 ads
= ads_init(NULL
, NULL
, opt_host
);
130 if (!opt_user_name
) {
131 opt_user_name
= "administrator";
134 if (opt_user_specified
) {
135 need_password
= True
;
139 if (!opt_password
&& need_password
) {
141 asprintf(&prompt
,"%s password: ", opt_user_name
);
142 opt_password
= getpass(prompt
);
147 use_in_memory_ccache();
148 ads
->auth
.password
= strdup(opt_password
);
151 ads
->auth
.user_name
= strdup(opt_user_name
);
153 status
= ads_connect(ads
);
154 if (!ADS_ERR_OK(status
)) {
155 if (!need_password
&& !second_time
) {
156 need_password
= True
;
160 DEBUG(1,("ads_connect: %s\n", ads_errstr(status
)));
169 Check to see if connection can be made via ads.
170 ads_startup() stores the password in opt_password if it needs to so
171 that rpc or rap can use it without re-prompting.
173 int net_ads_check(void)
185 determine the netbios workgroup name for a domain
187 static int net_ads_workgroup(int argc
, const char **argv
)
193 if (!(ads
= ads_startup())) return -1;
195 if (!(ctx
= talloc_init("net_ads_workgroup"))) {
199 if (!ADS_ERR_OK(ads_workgroup_name(ads
, ctx
, &workgroup
))) {
200 d_printf("Failed to find workgroup for realm '%s'\n",
206 d_printf("Workgroup: %s\n", workgroup
);
215 static BOOL
usergrp_display(char *field
, void **values
, void *data_area
)
217 char **disp_fields
= (char **) data_area
;
219 if (!field
) { /* must be end of record */
220 if (!strchr_m(disp_fields
[0], '$')) {
222 d_printf("%-21.21s %-50.50s\n",
223 disp_fields
[0], disp_fields
[1]);
225 d_printf("%s\n", disp_fields
[0]);
227 SAFE_FREE(disp_fields
[0]);
228 SAFE_FREE(disp_fields
[1]);
231 if (!values
) /* must be new field, indicate string field */
233 if (StrCaseCmp(field
, "sAMAccountName") == 0) {
234 disp_fields
[0] = strdup((char *) values
[0]);
236 if (StrCaseCmp(field
, "description") == 0)
237 disp_fields
[1] = strdup((char *) values
[0]);
241 static int net_ads_user_usage(int argc
, const char **argv
)
243 return net_help_user(argc
, argv
);
246 static int ads_user_add(int argc
, const char **argv
)
254 if (argc
< 1) return net_ads_user_usage(argc
, argv
);
256 if (!(ads
= ads_startup())) return -1;
258 status
= ads_find_user_acct(ads
, &res
, argv
[0]);
260 if (!ADS_ERR_OK(status
)) {
261 d_printf("ads_user_add: %s\n", ads_errstr(status
));
265 if (ads_count_replies(ads
, res
)) {
266 d_printf("ads_user_add: User %s already exists\n", argv
[0]);
270 status
= ads_add_user_acct(ads
, argv
[0], opt_container
, opt_comment
);
272 if (!ADS_ERR_OK(status
)) {
273 d_printf("Could not add user %s: %s\n", argv
[0],
278 /* if no password is to be set, we're done */
280 d_printf("User %s added\n", argv
[0]);
285 /* try setting the password */
286 asprintf(&upn
, "%s@%s", argv
[0], ads
->config
.realm
);
287 status
= krb5_set_password(ads
->auth
.kdc_server
, upn
, argv
[1], ads
->auth
.time_offset
);
289 if (ADS_ERR_OK(status
)) {
290 d_printf("User %s added\n", argv
[0]);
295 /* password didn't set, delete account */
296 d_printf("Could not add user %s. Error setting password %s\n",
297 argv
[0], ads_errstr(status
));
298 ads_msgfree(ads
, res
);
299 status
=ads_find_user_acct(ads
, &res
, argv
[0]);
300 if (ADS_ERR_OK(status
)) {
301 userdn
= ads_get_dn(ads
, res
);
302 ads_del_dn(ads
, userdn
);
303 ads_memfree(ads
, userdn
);
308 ads_msgfree(ads
, res
);
313 static int ads_user_info(int argc
, const char **argv
)
318 const char *attrs
[] = {"memberOf", NULL
};
319 char *searchstring
=NULL
;
321 char *escaped_user
= escape_ldap_string_alloc(argv
[0]);
323 if (argc
< 1) return net_ads_user_usage(argc
, argv
);
325 if (!(ads
= ads_startup())) return -1;
328 d_printf("ads_user_info: failed to escape user %s\n", argv
[0]);
332 asprintf(&searchstring
, "(sAMAccountName=%s)", escaped_user
);
333 rc
= ads_search(ads
, &res
, searchstring
, attrs
);
334 safe_free(searchstring
);
336 if (!ADS_ERR_OK(rc
)) {
337 d_printf("ads_search: %s\n", ads_errstr(rc
));
341 grouplist
= ldap_get_values(ads
->ld
, res
, "memberOf");
346 for (i
=0;grouplist
[i
];i
++) {
347 groupname
= ldap_explode_dn(grouplist
[i
], 1);
348 d_printf("%s\n", groupname
[0]);
349 ldap_value_free(groupname
);
351 ldap_value_free(grouplist
);
354 ads_msgfree(ads
, res
);
360 static int ads_user_delete(int argc
, const char **argv
)
367 if (argc
< 1) return net_ads_user_usage(argc
, argv
);
369 if (!(ads
= ads_startup())) return -1;
371 rc
= ads_find_user_acct(ads
, &res
, argv
[0]);
372 if (!ADS_ERR_OK(rc
)) {
373 DEBUG(0, ("User %s does not exist\n", argv
[0]));
376 userdn
= ads_get_dn(ads
, res
);
377 ads_msgfree(ads
, res
);
378 rc
= ads_del_dn(ads
, userdn
);
379 ads_memfree(ads
, userdn
);
380 if (!ADS_ERR_OK(rc
)) {
381 d_printf("User %s deleted\n", argv
[0]);
384 d_printf("Error deleting user %s: %s\n", argv
[0],
389 int net_ads_user(int argc
, const char **argv
)
391 struct functable func
[] = {
392 {"ADD", ads_user_add
},
393 {"INFO", ads_user_info
},
394 {"DELETE", ads_user_delete
},
399 const char *shortattrs
[] = {"sAMAccountName", NULL
};
400 const char *longattrs
[] = {"sAMAccountName", "description", NULL
};
401 char *disp_fields
[2] = {NULL
, NULL
};
404 if (!(ads
= ads_startup())) return -1;
406 if (opt_long_list_entries
)
407 d_printf("\nUser name Comment"\
408 "\n-----------------------------\n");
410 rc
= ads_do_search_all_fn(ads
, ads
->config
.bind_path
,
412 "(objectclass=user)",
413 opt_long_list_entries
? longattrs
:
414 shortattrs
, usergrp_display
,
420 return net_run_function(argc
, argv
, func
, net_ads_user_usage
);
423 static int net_ads_group_usage(int argc
, const char **argv
)
425 return net_help_group(argc
, argv
);
428 static int ads_group_add(int argc
, const char **argv
)
435 if (argc
< 1) return net_ads_group_usage(argc
, argv
);
437 if (!(ads
= ads_startup())) return -1;
439 status
= ads_find_user_acct(ads
, &res
, argv
[0]);
441 if (!ADS_ERR_OK(status
)) {
442 d_printf("ads_group_add: %s\n", ads_errstr(status
));
446 if (ads_count_replies(ads
, res
)) {
447 d_printf("ads_group_add: Group %s already exists\n", argv
[0]);
448 ads_msgfree(ads
, res
);
452 status
= ads_add_group_acct(ads
, argv
[0], opt_container
, opt_comment
);
454 if (ADS_ERR_OK(status
)) {
455 d_printf("Group %s added\n", argv
[0]);
458 d_printf("Could not add group %s: %s\n", argv
[0],
464 ads_msgfree(ads
, res
);
469 static int ads_group_delete(int argc
, const char **argv
)
476 if (argc
< 1) return net_ads_group_usage(argc
, argv
);
478 if (!(ads
= ads_startup())) return -1;
480 rc
= ads_find_user_acct(ads
, &res
, argv
[0]);
481 if (!ADS_ERR_OK(rc
)) {
482 DEBUG(0, ("Group %s does not exist\n", argv
[0]));
485 groupdn
= ads_get_dn(ads
, res
);
486 ads_msgfree(ads
, res
);
487 rc
= ads_del_dn(ads
, groupdn
);
488 ads_memfree(ads
, groupdn
);
489 if (!ADS_ERR_OK(rc
)) {
490 d_printf("Group %s deleted\n", argv
[0]);
493 d_printf("Error deleting group %s: %s\n", argv
[0],
498 int net_ads_group(int argc
, const char **argv
)
500 struct functable func
[] = {
501 {"ADD", ads_group_add
},
502 {"DELETE", ads_group_delete
},
507 const char *shortattrs
[] = {"sAMAccountName", NULL
};
508 const char *longattrs
[] = {"sAMAccountName", "description", NULL
};
509 char *disp_fields
[2] = {NULL
, NULL
};
512 if (!(ads
= ads_startup())) return -1;
514 if (opt_long_list_entries
)
515 d_printf("\nGroup name Comment"\
516 "\n-----------------------------\n");
517 rc
= ads_do_search_all_fn(ads
, ads
->config
.bind_path
,
519 "(objectclass=group)",
520 opt_long_list_entries
? longattrs
:
521 shortattrs
, usergrp_display
,
527 return net_run_function(argc
, argv
, func
, net_ads_group_usage
);
530 static int net_ads_status(int argc
, const char **argv
)
536 if (!(ads
= ads_startup())) return -1;
538 rc
= ads_find_machine_acct(ads
, &res
, global_myname());
539 if (!ADS_ERR_OK(rc
)) {
540 d_printf("ads_find_machine_acct: %s\n", ads_errstr(rc
));
544 if (ads_count_replies(ads
, res
) == 0) {
545 d_printf("No machine account for '%s' found\n", global_myname());
554 static int net_ads_leave(int argc
, const char **argv
)
556 ADS_STRUCT
*ads
= NULL
;
559 if (!secrets_init()) {
560 DEBUG(1,("Failed to initialise secrets database\n"));
566 asprintf(&user_name
, "%s$", global_myname());
567 opt_password
= secrets_fetch_machine_password(opt_target_workgroup
, NULL
, NULL
);
568 opt_user_name
= user_name
;
571 if (!(ads
= ads_startup())) {
575 rc
= ads_leave_realm(ads
, global_myname());
576 if (!ADS_ERR_OK(rc
)) {
577 d_printf("Failed to delete host '%s' from the '%s' realm.\n",
578 global_myname(), ads
->config
.realm
);
582 d_printf("Removed '%s' from realm '%s'\n", global_myname(), ads
->config
.realm
);
587 static int net_ads_join_ok(void)
590 ADS_STRUCT
*ads
= NULL
;
592 if (!secrets_init()) {
593 DEBUG(1,("Failed to initialise secrets database\n"));
597 asprintf(&user_name
, "%s$", global_myname());
598 opt_user_name
= user_name
;
599 opt_password
= secrets_fetch_machine_password(opt_target_workgroup
, NULL
, NULL
);
601 if (!(ads
= ads_startup())) {
610 check that an existing join is OK
612 int net_ads_testjoin(int argc
, const char **argv
)
614 use_in_memory_ccache();
616 /* Display success or failure */
617 if (net_ads_join_ok() != 0) {
618 fprintf(stderr
,"Join to domain is not valid\n");
622 printf("Join is OK\n");
627 join a domain using ADS
629 int net_ads_join(int argc
, const char **argv
)
635 const char *org_unit
= "Computers";
640 uint32 sec_channel_type
;
641 uint32 account_type
= UF_WORKSTATION_TRUST_ACCOUNT
;
643 if (argc
> 0) org_unit
= argv
[0];
645 if (!secrets_init()) {
646 DEBUG(1,("Failed to initialise secrets database\n"));
650 /* check what type of join
651 TODO: make this variable like RPC
653 account_type
= UF_WORKSTATION_TRUST_ACCOUNT
;
655 tmp_password
= generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH
);
656 password
= strdup(tmp_password
);
658 if (!(ads
= ads_startup())) return -1;
660 ou_str
= ads_ou_string(org_unit
);
661 asprintf(&dn
, "%s,%s", ou_str
, ads
->config
.bind_path
);
664 rc
= ads_search_dn(ads
, &res
, dn
, NULL
);
665 ads_msgfree(ads
, res
);
667 if (rc
.error_type
== ADS_ERROR_LDAP
&& rc
.err
.rc
== LDAP_NO_SUCH_OBJECT
) {
668 d_printf("ads_join_realm: organizational unit %s does not exist (dn:%s)\n",
674 if (!ADS_ERR_OK(rc
)) {
675 d_printf("ads_join_realm: %s\n", ads_errstr(rc
));
679 rc
= ads_join_realm(ads
, global_myname(), account_type
, org_unit
);
680 if (!ADS_ERR_OK(rc
)) {
681 d_printf("ads_join_realm: %s\n", ads_errstr(rc
));
685 rc
= ads_domain_sid(ads
, &dom_sid
);
686 if (!ADS_ERR_OK(rc
)) {
687 d_printf("ads_domain_sid: %s\n", ads_errstr(rc
));
691 rc
= ads_set_machine_password(ads
, global_myname(), password
);
692 if (!ADS_ERR_OK(rc
)) {
693 d_printf("ads_set_machine_password: %s\n", ads_errstr(rc
));
697 if (!secrets_store_domain_sid(lp_workgroup(), &dom_sid
)) {
698 DEBUG(1,("Failed to save domain sid\n"));
702 if (!secrets_store_machine_password(password
, lp_workgroup(), sec_channel_type
)) {
703 DEBUG(1,("Failed to save machine password\n"));
707 d_printf("Joined '%s' to realm '%s'\n", global_myname(), ads
->config
.realm
);
714 int net_ads_printer_usage(int argc
, const char **argv
)
717 "\nnet ads printer info <printer> <server>"
718 "\n\tlookup info in directory for printer on server"
719 "\n\t(note: printer defaults to \"*\", server defaults to local)\n"
720 "\nnet ads printer publish <printername>"
721 "\n\tpublish printer in directory"
722 "\n\t(note: printer name is required)\n"
723 "\nnet ads printer remove <printername>"
724 "\n\tremove printer from directory"
725 "\n\t(note: printer name is required)\n");
729 static int net_ads_printer_info(int argc
, const char **argv
)
733 const char *servername
, *printername
;
736 if (!(ads
= ads_startup())) return -1;
739 printername
= argv
[0];
744 servername
= argv
[1];
746 servername
= global_myname();
748 rc
= ads_find_printer_on_server(ads
, &res
, printername
, servername
);
750 if (!ADS_ERR_OK(rc
)) {
751 d_printf("ads_find_printer_on_server: %s\n", ads_errstr(rc
));
752 ads_msgfree(ads
, res
);
756 if (ads_count_replies(ads
, res
) == 0) {
757 d_printf("Printer '%s' not found\n", printername
);
758 ads_msgfree(ads
, res
);
763 ads_msgfree(ads
, res
);
768 void do_drv_upgrade_printer(int msg_type
, pid_t src
, void *buf
, size_t len
)
773 static int net_ads_printer_publish(int argc
, const char **argv
)
777 const char *servername
;
778 struct cli_state
*cli
;
779 struct in_addr server_ip
;
781 TALLOC_CTX
*mem_ctx
= talloc_init("net_ads_printer_publish");
782 ADS_MODLIST mods
= ads_init_mods(mem_ctx
);
783 char *prt_dn
, *srv_dn
, **srv_cn
;
786 if (!(ads
= ads_startup())) return -1;
789 return net_ads_printer_usage(argc
, argv
);
792 servername
= argv
[1];
794 servername
= global_myname();
796 ads_find_machine_acct(ads
, &res
, servername
);
797 srv_dn
= ldap_get_dn(ads
->ld
, res
);
798 srv_cn
= ldap_explode_dn(srv_dn
, 1);
799 asprintf(&prt_dn
, "cn=%s-%s,%s", srv_cn
[0], argv
[0], srv_dn
);
801 resolve_name(servername
, &server_ip
, 0x20);
803 nt_status
= cli_full_connection(&cli
, global_myname(), servername
,
806 opt_user_name
, opt_workgroup
,
807 opt_password
? opt_password
: "",
808 CLI_FULL_CONNECTION_USE_KERBEROS
,
811 cli_nt_session_open(cli
, PI_SPOOLSS
);
812 get_remote_printer_publishing_data(cli
, mem_ctx
, &mods
, argv
[0]);
814 rc
= ads_add_printer_entry(ads
, prt_dn
, mem_ctx
, &mods
);
815 if (!ADS_ERR_OK(rc
)) {
816 d_printf("ads_publish_printer: %s\n", ads_errstr(rc
));
820 d_printf("published printer\n");
825 static int net_ads_printer_remove(int argc
, const char **argv
)
829 const char *servername
;
833 if (!(ads
= ads_startup())) return -1;
836 return net_ads_printer_usage(argc
, argv
);
839 servername
= argv
[1];
841 servername
= global_myname();
843 rc
= ads_find_printer_on_server(ads
, &res
, argv
[0], servername
);
845 if (!ADS_ERR_OK(rc
)) {
846 d_printf("ads_find_printer_on_server: %s\n", ads_errstr(rc
));
847 ads_msgfree(ads
, res
);
851 if (ads_count_replies(ads
, res
) == 0) {
852 d_printf("Printer '%s' not found\n", argv
[1]);
853 ads_msgfree(ads
, res
);
857 prt_dn
= ads_get_dn(ads
, res
);
858 ads_msgfree(ads
, res
);
859 rc
= ads_del_dn(ads
, prt_dn
);
860 ads_memfree(ads
, prt_dn
);
862 if (!ADS_ERR_OK(rc
)) {
863 d_printf("ads_del_dn: %s\n", ads_errstr(rc
));
870 static int net_ads_printer(int argc
, const char **argv
)
872 struct functable func
[] = {
873 {"INFO", net_ads_printer_info
},
874 {"PUBLISH", net_ads_printer_publish
},
875 {"REMOVE", net_ads_printer_remove
},
879 return net_run_function(argc
, argv
, func
, net_ads_printer_usage
);
883 static int net_ads_password(int argc
, const char **argv
)
886 const char *auth_principal
= opt_user_name
;
887 const char *auth_password
= opt_password
;
889 char *new_password
= NULL
;
895 if ((argc
!= 1) || (opt_user_name
== NULL
) ||
896 (opt_password
== NULL
) || (strchr(opt_user_name
, '@') == NULL
) ||
897 (strchr(argv
[0], '@') == NULL
)) {
898 return net_ads_usage(argc
, argv
);
901 use_in_memory_ccache();
902 c
= strchr(auth_principal
, '@');
905 /* use the realm so we can eventually change passwords for users
906 in realms other than default */
907 if (!(ads
= ads_init(realm
, NULL
, NULL
))) return -1;
909 /* we don't actually need a full connect, but it's the easy way to
910 fill in the KDC's addresss */
913 if (!ads
|| !ads
->config
.realm
) {
914 d_printf("Didn't find the kerberos server!\n");
918 asprintf(&prompt
, "Enter new password for %s:", argv
[0]);
920 new_password
= getpass(prompt
);
922 ret
= kerberos_set_password(ads
->auth
.kdc_server
, auth_principal
,
923 auth_password
, argv
[0], new_password
, ads
->auth
.time_offset
);
924 if (!ADS_ERR_OK(ret
)) {
925 d_printf("Password change failed :-( ...\n");
931 d_printf("Password change for %s completed.\n", argv
[0]);
939 int net_ads_changetrustpw(int argc
, const char **argv
)
942 char *host_principal
;
947 if (!secrets_init()) {
948 DEBUG(1,("Failed to initialise secrets database\n"));
952 asprintf(&user_name
, "%s$", global_myname());
953 opt_user_name
= user_name
;
955 opt_password
= secrets_fetch_machine_password(opt_target_workgroup
, NULL
, NULL
);
957 use_in_memory_ccache();
959 if (!(ads
= ads_startup())) {
963 hostname
= strdup(global_myname());
965 asprintf(&host_principal
, "%s@%s", hostname
, ads
->config
.realm
);
967 d_printf("Changing password for principal: HOST/%s\n", host_principal
);
969 ret
= ads_change_trust_account_password(ads
, host_principal
);
971 if (!ADS_ERR_OK(ret
)) {
972 d_printf("Password change failed :-( ...\n");
974 SAFE_FREE(host_principal
);
978 d_printf("Password change for principal HOST/%s succeeded.\n", host_principal
);
980 SAFE_FREE(host_principal
);
986 help for net ads search
988 static int net_ads_search_usage(int argc
, const char **argv
)
991 "\nnet ads search <expression> <attributes...>\n"\
992 "\nperform a raw LDAP search on a ADS server and dump the results\n"\
993 "The expression is a standard LDAP search expression, and the\n"\
994 "attributes are a list of LDAP fields to show in the results\n\n"\
995 "Example: net ads search '(objectCategory=group)' sAMAccountName\n\n"
997 net_common_flags_usage(argc
, argv
);
1003 general ADS search function. Useful in diagnosing problems in ADS
1005 static int net_ads_search(int argc
, const char **argv
)
1014 return net_ads_search_usage(argc
, argv
);
1017 if (!(ads
= ads_startup())) {
1024 rc
= ads_do_search_all(ads
, ads
->config
.bind_path
,
1027 if (!ADS_ERR_OK(rc
)) {
1028 d_printf("search failed: %s\n", ads_errstr(rc
));
1032 d_printf("Got %d replies\n\n", ads_count_replies(ads
, res
));
1034 /* dump the results */
1037 ads_msgfree(ads
, res
);
1045 help for net ads search
1047 static int net_ads_dn_usage(int argc
, const char **argv
)
1050 "\nnet ads dn <dn> <attributes...>\n"\
1051 "\nperform a raw LDAP search on a ADS server and dump the results\n"\
1052 "The DN standard LDAP DN, and the attributes are a list of LDAP fields \n"\
1053 "to show in the results\n\n"\
1054 "Example: net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' sAMAccountName\n\n"
1056 net_common_flags_usage(argc
, argv
);
1062 general ADS search function. Useful in diagnosing problems in ADS
1064 static int net_ads_dn(int argc
, const char **argv
)
1073 return net_ads_dn_usage(argc
, argv
);
1076 if (!(ads
= ads_startup())) {
1083 rc
= ads_do_search_all(ads
, dn
,
1085 "(objectclass=*)", attrs
, &res
);
1086 if (!ADS_ERR_OK(rc
)) {
1087 d_printf("search failed: %s\n", ads_errstr(rc
));
1091 d_printf("Got %d replies\n\n", ads_count_replies(ads
, res
));
1093 /* dump the results */
1096 ads_msgfree(ads
, res
);
1103 int net_ads_help(int argc
, const char **argv
)
1105 struct functable func
[] = {
1106 {"USER", net_ads_user_usage
},
1107 {"GROUP", net_ads_group_usage
},
1108 {"PRINTER", net_ads_printer_usage
},
1109 {"SEARCH", net_ads_search_usage
},
1111 {"INFO", net_ads_info
},
1112 {"JOIN", net_ads_join
},
1113 {"LEAVE", net_ads_leave
},
1114 {"STATUS", net_ads_status
},
1115 {"PASSWORD", net_ads_password
},
1116 {"CHANGETRUSTPW", net_ads_changetrustpw
},
1121 return net_run_function(argc
, argv
, func
, net_ads_usage
);
1124 int net_ads(int argc
, const char **argv
)
1126 struct functable func
[] = {
1127 {"INFO", net_ads_info
},
1128 {"JOIN", net_ads_join
},
1129 {"TESTJOIN", net_ads_testjoin
},
1130 {"LEAVE", net_ads_leave
},
1131 {"STATUS", net_ads_status
},
1132 {"USER", net_ads_user
},
1133 {"GROUP", net_ads_group
},
1134 {"PASSWORD", net_ads_password
},
1135 {"CHANGETRUSTPW", net_ads_changetrustpw
},
1136 {"PRINTER", net_ads_printer
},
1137 {"SEARCH", net_ads_search
},
1139 {"WORKGROUP", net_ads_workgroup
},
1140 {"LOOKUP", net_ads_lookup
},
1141 {"HELP", net_ads_help
},
1145 return net_run_function(argc
, argv
, func
, net_ads_usage
);
1150 static int net_ads_noads(void)
1152 d_printf("ADS support not compiled in\n");
1156 int net_ads_usage(int argc
, const char **argv
)
1158 return net_ads_noads();
1161 int net_ads_help(int argc
, const char **argv
)
1163 return net_ads_noads();
1166 int net_ads_changetrustpw(int argc
, const char **argv
)
1168 return net_ads_noads();
1171 int net_ads_join(int argc
, const char **argv
)
1173 return net_ads_noads();
1176 int net_ads_user(int argc
, const char **argv
)
1178 return net_ads_noads();
1181 int net_ads_group(int argc
, const char **argv
)
1183 return net_ads_noads();
1186 /* this one shouldn't display a message */
1187 int net_ads_check(void)
1192 int net_ads(int argc
, const char **argv
)
1194 return net_ads_usage(argc
, argv
);