search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add a synonym for samdump ...
[Samba.git] / source / utils / net_rpc.c
blob50c14c6f5b8c34e67418a572bfd923df080d49d4
1 /*
2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2001 Andrew Bartlett (abartlet@samba.org)
5 Copyright (C) 2002 Jim McDonough (jmcd@us.ibm.com)
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
20
21 #include "includes.h"
22 #include "../utils/net.h"
23
24 extern pstring global_myname;
25
26 /**
27 * @file net_rpc.c
28 *
29 * @brief RPC based subcommands for the 'net' utility.
30 *
31 * This file should contain much of the functionality that used to
32 * be found in rpcclient, execpt that the commands should change
33 * less often, and the fucntionality should be sane (the user is not
34 * expected to know a rid/sid before they conduct an operation etc.)
35 *
36 * @todo Perhaps eventually these should be split out into a number
37 * of files, as this could get quite big.
38 **/
39
40
41 /* A function of this type is passed to the 'run_rpc_command' wrapper */
42 typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, struct cli_state *, TALLOC_CTX *, int, const char **);
43
44 /**
45 * Many of the RPC functions need the domain sid. This function gets
46 * it at the start of every run
47 *
48 * @param cli A cli_state already connected to the remote machine
49 *
50 * @return The Domain SID of the remote machine.
51 **/
52
53 static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli)
54 {
55 DOM_SID *domain_sid;
56 POLICY_HND pol;
57 NTSTATUS result = NT_STATUS_OK;
58 uint32 info_class = 5;
59 fstring domain_name;
60 TALLOC_CTX *mem_ctx;
61
62 if (!(domain_sid = malloc(sizeof(DOM_SID)))){
63 DEBUG(0,("net_get_remote_domain_sid: malloc returned NULL!\n"));
64 goto error;
65 }
66
67 if (!(mem_ctx=talloc_init()))
68 {
69 DEBUG(0,("net_get_remote_domain_sid: talloc_init returned NULL!\n"));
70 goto error;
71 }
72
73
74 if (!cli_nt_session_open (cli, PIPE_LSARPC)) {
75 fprintf(stderr, "could not initialise lsa pipe\n");
76 goto error;
77 }
78
79 result = cli_lsa_open_policy(cli, mem_ctx, True,
80 SEC_RIGHTS_MAXIMUM_ALLOWED,
81 &pol);
82 if (!NT_STATUS_IS_OK(result)) {
83 goto error;
84 }
85
86 result = cli_lsa_query_info_policy(cli, mem_ctx, &pol, info_class,
87 domain_name, domain_sid);
88 if (!NT_STATUS_IS_OK(result)) {
89 goto error;
90 }
91
92 cli_lsa_close(cli, mem_ctx, &pol);
93 cli_nt_session_close(cli);
94 talloc_destroy(mem_ctx);
95
96 return domain_sid;
97
98 error:
99 fprintf(stderr, "could not obtain sid for domain %s\n", cli->domain);
100
101 if (!NT_STATUS_IS_OK(result)) {
102 fprintf(stderr, "error: %s\n", nt_errstr(result));
103 }
104
105 exit(1);
106 }
107
108 /**
109 * Run a single RPC command, from start to finish.
110 *
111 * @param pipe_name the pipe to connect to (usually a PIPE_ constant)
112 * @param conn_flag a NET_FLAG_ combination. Passed to
113 * net_make_ipc_connection.
114 * @param argc Standard main() style argc
115 * @param argc Standard main() style argv. Initial components are already
116 * stripped
117 * @return A shell status integer (0 for success)
118 */
119
120 static int run_rpc_command(struct cli_state *cli_arg, const char *pipe_name, int conn_flags,
121 rpc_command_fn fn,
122 int argc, const char **argv)
123 {
124 struct cli_state *cli = NULL;
125 TALLOC_CTX *mem_ctx;
126 NTSTATUS nt_status;
127 DOM_SID *domain_sid;
128
129 /* make use of cli_state handed over as an argument, if possible */
130 if (!cli_arg)
131 cli = net_make_ipc_connection(conn_flags);
132 else
133 cli = cli_arg;
134
135 if (!cli) {
136 return -1;
137 }
138
139 domain_sid = net_get_remote_domain_sid(cli);
140
141 /* Create mem_ctx */
142
143 if (!(mem_ctx = talloc_init())) {
144 DEBUG(0, ("talloc_init() failed\n"));
145 cli_shutdown(cli);
146 return -1;
147 }
148
149 if (!cli_nt_session_open(cli, pipe_name)) {
150 DEBUG(0, ("Could not initialise %s pipe\n", pipe_name));
151 }
152
153 nt_status = fn(domain_sid, cli, mem_ctx, argc, argv);
154
155 if (!NT_STATUS_IS_OK(nt_status)) {
156 DEBUG(1, ("rpc command function failed! (%s)\n", nt_errstr(nt_status)));
157 } else {
158 DEBUG(5, ("rpc command function succedded\n"));
159 }
160
161
162 if (cli->nt_pipe_fnum)
163 cli_nt_session_close(cli);
164
165 /* close the connection only if it was opened here */
166 if (!cli_arg)
167 cli_shutdown(cli);
168
169 talloc_destroy(mem_ctx);
170
171 return (!NT_STATUS_IS_OK(nt_status));
172 }
173
174
175 /****************************************************************************/
176
177
178 /**
179 * Force a change of the trust acccount password.
180 *
181 * All parameters are provided by the run_rpc_command function, except for
182 * argc, argv which are passes through.
183 *
184 * @param domain_sid The domain sid aquired from the remote server
185 * @param cli A cli_state connected to the server.
186 * @param mem_ctx Talloc context, destoyed on compleation of the function.
187 * @param argc Standard main() style argc
188 * @param argc Standard main() style argv. Initial components are already
189 * stripped
190 *
191 * @return Normal NTSTATUS return.
192 **/
193
194 static NTSTATUS rpc_changetrustpw_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
195 int argc, const char **argv) {
196
197 return trust_pw_find_change_and_store_it(cli, mem_ctx, opt_target_workgroup);
198 }
199
200 /**
201 * Force a change of the trust acccount password.
202 *
203 * @param argc Standard main() style argc
204 * @param argc Standard main() style argv. Initial components are already
205 * stripped
206 *
207 * @return A shell status integer (0 for success)
208 **/
209
210 static int rpc_changetrustpw(int argc, const char **argv)
211 {
212 return run_rpc_command(NULL, PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_changetrustpw_internals,
213 argc, argv);
214 }
215
216
217 /****************************************************************************/
218
219
220 /**
221 * Join a domain, the old way.
222 *
223 * This uses 'machinename' as the inital password, and changes it.
224 *
225 * The password should be created with 'server manager' or eqiv first.
226 *
227 * All parameters are provided by the run_rpc_command function, except for
228 * argc, argv which are passes through.
229 *
230 * @param domain_sid The domain sid aquired from the remote server
231 * @param cli A cli_state connected to the server.
232 * @param mem_ctx Talloc context, destoyed on compleation of the function.
233 * @param argc Standard main() style argc
234 * @param argc Standard main() style argv. Initial components are already
235 * stripped
236 *
237 * @return Normal NTSTATUS return.
238 **/
239
240 static NTSTATUS rpc_join_oldstyle_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
241 int argc, const char **argv) {
242
243 extern pstring global_myname;
244 fstring trust_passwd;
245 unsigned char orig_trust_passwd_hash[16];
246 NTSTATUS result;
247
248 fstrcpy(trust_passwd, global_myname);
249 strlower(trust_passwd);
250
251 /*
252 * Machine names can be 15 characters, but the max length on
253 * a password is 14. --jerry
254 */
255
256 trust_passwd[14] = '\0';
257
258 E_md4hash(trust_passwd, orig_trust_passwd_hash);
259
260 result = trust_pw_change_and_store_it(cli, mem_ctx, orig_trust_passwd_hash);
261
262 if (NT_STATUS_IS_OK(result))
263 printf("Joined domain %s.\n",lp_workgroup());
264
265 return result;
266 }
267
268 /**
269 * Join a domain, the old way.
270 *
271 * @param argc Standard main() style argc
272 * @param argc Standard main() style argv. Initial components are already
273 * stripped
274 *
275 * @return A shell status integer (0 for success)
276 **/
277
278 static int net_rpc_join_oldstyle(int argc, const char **argv)
279 {
280 return run_rpc_command(NULL, PIPE_NETLOGON, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC, rpc_join_oldstyle_internals,
281 argc, argv);
282 }
283
284 /**
285 * Basic usage function for 'net rpc join'
286 * @param argc Standard main() style argc
287 * @param argc Standard main() style argv. Initial components are already
288 * stripped
289 **/
290
291 static int rpc_join_usage(int argc, const char **argv)
292 {
293 d_printf("net rpc join -U <username>[%%password] [options]\n"\
294 "\t to join a domain with admin username & password\n"\
295 "\t\t password will be prompted if none is specified\n");
296 d_printf("net rpc join [options except -U]\n"\
297 "\t to join a domain created in server manager\n\n\n");
298
299 net_common_flags_usage(argc, argv);
300 return -1;
301 }
302
303 /**
304 * 'net rpc join' entrypoint.
305 * @param argc Standard main() style argc
306 * @param argc Standard main() style argv. Initial components are already
307 * stripped
308 *
309 * Main 'net_rpc_join()' (where the admain username/password is used) is
310 * in net_rpc_join.c
311 * Assume if a -U is specified, it's the new style, otherwise it's the
312 * old style
313 **/
314
315 int net_rpc_join(int argc, const char **argv)
316 {
317 if ((net_rpc_join_oldstyle(argc, argv) == 0))
318 return 0;
319
320 return net_rpc_join_newstyle(argc, argv);
321 }
322
323
324
325 /**
326 * display info about a rpc domain
327 *
328 * All parameters are provided by the run_rpc_command function, except for
329 * argc, argv which are passes through.
330 *
331 * @param domain_sid The domain sid acquired from the remote server
332 * @param cli A cli_state connected to the server.
333 * @param mem_ctx Talloc context, destoyed on completion of the function.
334 * @param argc Standard main() style argc
335 * @param argv Standard main() style argv. Initial components are already
336 * stripped
337 *
338 * @return Normal NTSTATUS return.
339 **/
340
341 static NTSTATUS
342 rpc_info_internals(const DOM_SID *domain_sid, struct cli_state *cli,
343 TALLOC_CTX *mem_ctx, int argc, const char **argv)
344 {
345 POLICY_HND connect_pol, domain_pol;
346 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
347 SAM_UNK_CTR ctr;
348 fstring sid_str;
349
350 sid_to_string(sid_str, domain_sid);
351
352 /* Get sam policy handle */
353 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
354 &connect_pol);
355 if (!NT_STATUS_IS_OK(result)) {
356 goto done;
357 }
358
359 /* Get domain policy handle */
360 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
361 MAXIMUM_ALLOWED_ACCESS,
362 domain_sid, &domain_pol);
363 if (!NT_STATUS_IS_OK(result)) {
364 goto done;
365 }
366
367 ZERO_STRUCT(ctr);
368 result = cli_samr_query_dom_info(cli, mem_ctx, &domain_pol,
369 2, &ctr);
370 if (NT_STATUS_IS_OK(result)) {
371 TALLOC_CTX *ctx = talloc_init();
372 d_printf("Domain Name: %s\n", unistr2_tdup(ctx, &ctr.info.inf2.uni_domain));
373 d_printf("Domain SID: %s\n", sid_str);
374 d_printf("Sequence number: %u\n", ctr.info.inf2.seq_num);
375 d_printf("Num users: %u\n", ctr.info.inf2.num_domain_usrs);
376 d_printf("Num domain groups: %u\n", ctr.info.inf2.num_domain_grps);
377 d_printf("Num local groups: %u\n", ctr.info.inf2.num_local_grps);
378 talloc_destroy(ctx);
379 }
380
381 done:
382 return result;
383 }
384
385
386 /**
387 * 'net rpc info' entrypoint.
388 * @param argc Standard main() style argc
389 * @param argc Standard main() style argv. Initial components are already
390 * stripped
391 **/
392 int net_rpc_info(int argc, const char **argv)
393 {
394 return run_rpc_command(NULL, PIPE_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
395 rpc_info_internals,
396 argc, argv);
397 }
398
399
400 /**
401 * Fetch domain SID into the local secrets.tdb
402 *
403 * All parameters are provided by the run_rpc_command function, except for
404 * argc, argv which are passes through.
405 *
406 * @param domain_sid The domain sid acquired from the remote server
407 * @param cli A cli_state connected to the server.
408 * @param mem_ctx Talloc context, destoyed on completion of the function.
409 * @param argc Standard main() style argc
410 * @param argv Standard main() style argv. Initial components are already
411 * stripped
412 *
413 * @return Normal NTSTATUS return.
414 **/
415
416 static NTSTATUS
417 rpc_getsid_internals(const DOM_SID *domain_sid, struct cli_state *cli,
418 TALLOC_CTX *mem_ctx, int argc, const char **argv)
419 {
420 fstring sid_str;
421
422 sid_to_string(sid_str, domain_sid);
423 d_printf("Storing SID %s for Domain %s in secrets.tdb\n",
424 sid_str, lp_workgroup());
425
426 if (!secrets_store_domain_sid(global_myname, domain_sid)) {
427 DEBUG(0,("pdb_generate_sam_sid: "
428 "Can't store domain SID as a pdc/bdc.\n"));
429 return NT_STATUS_UNSUCCESSFUL;
430 }
431
432 return NT_STATUS_OK;
433 }
434
435
436 /**
437 * 'net rpc getsid' entrypoint.
438 * @param argc Standard main() style argc
439 * @param argc Standard main() style argv. Initial components are already
440 * stripped
441 **/
442 int net_rpc_getsid(int argc, const char **argv)
443 {
444 return run_rpc_command(NULL, PIPE_SAMR, NET_FLAGS_ANONYMOUS | NET_FLAGS_PDC,
445 rpc_getsid_internals,
446 argc, argv);
447 }
448
449
450 /****************************************************************************/
451
452 /**
453 * Basic usage function for 'net rpc user'
454 * @param argc Standard main() style argc.
455 * @param argv Standard main() style argv. Initial components are already
456 * stripped.
457 **/
458
459 static int rpc_user_usage(int argc, const char **argv)
460 {
461 return net_help_user(argc, argv);
462 }
463
464 /**
465 * Add a new user to a remote RPC server
466 *
467 * All parameters are provided by the run_rpc_command function, except for
468 * argc, argv which are passes through.
469 *
470 * @param domain_sid The domain sid acquired from the remote server
471 * @param cli A cli_state connected to the server.
472 * @param mem_ctx Talloc context, destoyed on completion of the function.
473 * @param argc Standard main() style argc
474 * @param argv Standard main() style argv. Initial components are already
475 * stripped
476 *
477 * @return Normal NTSTATUS return.
478 **/
479
480 static NTSTATUS rpc_user_add_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
481 int argc, const char **argv) {
482
483 POLICY_HND connect_pol, domain_pol, user_pol;
484 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
485 const char *acct_name;
486 uint16 acb_info;
487 uint32 unknown, user_rid;
488
489 if (argc != 1) {
490 d_printf("User must be specified\n");
491 rpc_user_usage(argc, argv);
492 return NT_STATUS_OK;
493 }
494
495 acct_name = argv[0];
496
497 /* Get sam policy handle */
498
499 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
500 &connect_pol);
501 if (!NT_STATUS_IS_OK(result)) {
502 goto done;
503 }
504
505 /* Get domain policy handle */
506
507 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
508 MAXIMUM_ALLOWED_ACCESS,
509 domain_sid, &domain_pol);
510 if (!NT_STATUS_IS_OK(result)) {
511 goto done;
512 }
513
514 /* Create domain user */
515
516 acb_info = ACB_NORMAL;
517 unknown = 0xe005000b; /* No idea what this is - a permission mask? */
518
519 result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
520 acct_name, acb_info, unknown,
521 &user_pol, &user_rid);
522 if (!NT_STATUS_IS_OK(result)) {
523 goto done;
524 }
525
526 done:
527 if (!NT_STATUS_IS_OK(result)) {
528 d_printf("Failed to add user %s - %s\n", acct_name,
529 nt_errstr(result));
530 } else {
531 d_printf("Added user %s\n", acct_name);
532 }
533 return result;
534 }
535
536 /**
537 * Add a new user to a remote RPC server
538 *
539 * @param argc Standard main() style argc
540 * @param argv Standard main() style argv. Initial components are already
541 * stripped
542 *
543 * @return A shell status integer (0 for success)
544 **/
545
546 static int rpc_user_add(int argc, const char **argv)
547 {
548 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_add_internals,
549 argc, argv);
550 }
551
552 /**
553 * Delete a user from a remote RPC server
554 *
555 * All parameters are provided by the run_rpc_command function, except for
556 * argc, argv which are passes through.
557 *
558 * @param domain_sid The domain sid acquired from the remote server
559 * @param cli A cli_state connected to the server.
560 * @param mem_ctx Talloc context, destoyed on completion of the function.
561 * @param argc Standard main() style argc
562 * @param argv Standard main() style argv. Initial components are already
563 * stripped
564 *
565 * @return Normal NTSTATUS return.
566 **/
567
568 static NTSTATUS rpc_user_del_internals(const DOM_SID *domain_sid,
569 struct cli_state *cli,
570 TALLOC_CTX *mem_ctx,
571 int argc, const char **argv)
572 {
573 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
574 POLICY_HND connect_pol, domain_pol, user_pol;
575
576 if (argc < 1) {
577 d_printf("User must be specified\n");
578 rpc_user_usage(argc, argv);
579 return NT_STATUS_OK;
580 }
581 /* Get sam policy and domain handles */
582
583 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
584 &connect_pol);
585
586 if (!NT_STATUS_IS_OK(result)) {
587 goto done;
588 }
589
590 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
591 MAXIMUM_ALLOWED_ACCESS,
592 domain_sid, &domain_pol);
593
594 if (!NT_STATUS_IS_OK(result)) {
595 goto done;
596 }
597
598 /* Get handle on user */
599
600 {
601 uint32 *user_rids, num_rids, *name_types;
602 uint32 flags = 0x000003e8; /* Unknown */
603
604 result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol,
605 flags, 1, &argv[0],
606 &num_rids, &user_rids,
607 &name_types);
608
609 if (!NT_STATUS_IS_OK(result)) {
610 goto done;
611 }
612
613 result = cli_samr_open_user(cli, mem_ctx, &domain_pol,
614 MAXIMUM_ALLOWED_ACCESS,
615 user_rids[0], &user_pol);
616
617 if (!NT_STATUS_IS_OK(result)) {
618 goto done;
619 }
620 }
621
622 /* Delete user */
623
624 result = cli_samr_delete_dom_user(cli, mem_ctx, &user_pol);
625
626 if (!NT_STATUS_IS_OK(result)) {
627 goto done;
628 }
629
630 /* Display results */
631
632 done:
633 return result;
634
635 }
636
637 /**
638 * Delete a user from a remote RPC server
639 *
640 * @param argc Standard main() style argc
641 * @param argv Standard main() style argv. Initial components are already
642 * stripped
643 *
644 * @return A shell status integer (0 for success)
645 **/
646
647 static int rpc_user_delete(int argc, const char **argv)
648 {
649 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_del_internals,
650 argc, argv);
651 }
652
653 /**
654 * List user's groups on a remote RPC server
655 *
656 * All parameters are provided by the run_rpc_command function, except for
657 * argc, argv which are passes through.
658 *
659 * @param domain_sid The domain sid acquired from the remote server
660 * @param cli A cli_state connected to the server.
661 * @param mem_ctx Talloc context, destoyed on completion of the function.
662 * @param argc Standard main() style argc
663 * @param argv Standard main() style argv. Initial components are already
664 * stripped
665 *
666 * @return Normal NTSTATUS return.
667 **/
668
669 static NTSTATUS
670 rpc_user_info_internals(const DOM_SID *domain_sid, struct cli_state *cli,
671 TALLOC_CTX *mem_ctx, int argc, const char **argv)
672 {
673 POLICY_HND connect_pol, domain_pol, user_pol;
674 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
675 uint32 *rids, num_rids, *name_types, num_names;
676 uint32 flags = 0x000003e8; /* Unknown */
677 int i;
678 char **names;
679 DOM_GID *user_gids;
680
681 if (argc < 1) {
682 d_printf("User must be specified\n");
683 rpc_user_usage(argc, argv);
684 return NT_STATUS_OK;
685 }
686 /* Get sam policy handle */
687
688 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
689 &connect_pol);
690 if (!NT_STATUS_IS_OK(result)) goto done;
691
692 /* Get domain policy handle */
693
694 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
695 MAXIMUM_ALLOWED_ACCESS,
696 domain_sid, &domain_pol);
697 if (!NT_STATUS_IS_OK(result)) goto done;
698
699 /* Get handle on user */
700
701 result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol,
702 flags, 1, &argv[0],
703 &num_rids, &rids, &name_types);
704
705 if (!NT_STATUS_IS_OK(result)) goto done;
706
707 result = cli_samr_open_user(cli, mem_ctx, &domain_pol,
708 MAXIMUM_ALLOWED_ACCESS,
709 rids[0], &user_pol);
710 if (!NT_STATUS_IS_OK(result)) goto done;
711
712 result = cli_samr_query_usergroups(cli, mem_ctx, &user_pol,
713 &num_rids, &user_gids);
714
715 /* Look up rids */
716
717 rids = (uint32 *)talloc(mem_ctx, sizeof(uint32) * num_rids);
718
719 for (i = 0; i < num_rids; i++)
720 rids[i] = user_gids[i].g_rid;
721
722 result = cli_samr_lookup_rids(cli, mem_ctx, &domain_pol,
723 flags, num_rids, rids,
724 &num_names, &names, &name_types);
725
726 if (!NT_STATUS_IS_OK(result)) {
727 goto done;
728 }
729
730 /* Display results */
731
732 for (i = 0; i < num_names; i++)
733 printf("%s\n", names[i]);
734
735 done:
736 return result;
737 }
738
739 /**
740 * List a user's groups from a remote RPC server
741 *
742 * @param argc Standard main() style argc
743 * @param argv Standard main() style argv. Initial components are already
744 * stripped
745 *
746 * @return A shell status integer (0 for success)
747 **/
748
749 static int rpc_user_info(int argc, const char **argv)
750 {
751 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_user_info_internals,
752 argc, argv);
753 }
754
755 /**
756 * List users on a remote RPC server
757 *
758 * All parameters are provided by the run_rpc_command function, except for
759 * argc, argv which are passes through.
760 *
761 * @param domain_sid The domain sid acquired from the remote server
762 * @param cli A cli_state connected to the server.
763 * @param mem_ctx Talloc context, destoyed on completion of the function.
764 * @param argc Standard main() style argc
765 * @param argv Standard main() style argv. Initial components are already
766 * stripped
767 *
768 * @return Normal NTSTATUS return.
769 **/
770
771 static NTSTATUS
772 rpc_user_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
773 TALLOC_CTX *mem_ctx, int argc, const char **argv)
774 {
775 POLICY_HND connect_pol, domain_pol;
776 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
777 uint32 start_idx=0, max_entries=250, num_entries, i;
778 SAM_DISPINFO_CTR ctr;
779 SAM_DISPINFO_1 info1;
780
781 /* Get sam policy handle */
782
783 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
784 &connect_pol);
785 if (!NT_STATUS_IS_OK(result)) {
786 goto done;
787 }
788
789 /* Get domain policy handle */
790
791 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
792 MAXIMUM_ALLOWED_ACCESS,
793 domain_sid, &domain_pol);
794 if (!NT_STATUS_IS_OK(result)) {
795 goto done;
796 }
797
798 /* Query domain users */
799 ZERO_STRUCT(ctr);
800 ZERO_STRUCT(info1);
801 ctr.sam.info1 = &info1;
802 if (opt_long_list_entries)
803 d_printf("\nUser name Comment"\
804 "\n-----------------------------\n");
805 do {
806 fstring user, desc;
807 result = cli_samr_query_dispinfo(cli, mem_ctx, &domain_pol,
808 &start_idx, 1, &num_entries,
809 max_entries, &ctr);
810 for (i = 0; i < num_entries; i++) {
811 unistr2_to_ascii(user, &(&ctr.sam.info1->str[i])->uni_acct_name, sizeof(user)-1);
812 if (opt_long_list_entries)
813 unistr2_to_ascii(desc, &(&ctr.sam.info1->str[i])->uni_acct_desc, sizeof(desc)-1);
814
815 if (opt_long_list_entries)
816 printf("%-21.21s %-50.50s\n", user, desc);
817 else
818 printf("%s\n", user);
819 }
820 } while (!NT_STATUS_IS_OK(result));
821
822 done:
823 return result;
824 }
825
826 /**
827 * 'net rpc user' entrypoint.
828 * @param argc Standard main() style argc
829 * @param argc Standard main() style argv. Initial components are already
830 * stripped
831 **/
832
833 int net_rpc_user(int argc, const char **argv)
834 {
835 struct functable func[] = {
836 {"add", rpc_user_add},
837 {"info", rpc_user_info},
838 {"delete", rpc_user_delete},
839 {NULL, NULL}
840 };
841
842 if (argc == 0) {
843 if (opt_long_list_entries) {
844 } else {
845 }
846 return run_rpc_command(NULL,PIPE_SAMR, 0,
847 rpc_user_list_internals,
848 argc, argv);
849 }
850
851 return net_run_function(argc, argv, func, rpc_user_usage);
852 }
853
854
855 /****************************************************************************/
856
857 /**
858 * Basic usage function for 'net rpc group'
859 * @param argc Standard main() style argc.
860 * @param argv Standard main() style argv. Initial components are already
861 * stripped.
862 **/
863
864 static int rpc_group_usage(int argc, const char **argv)
865 {
866 return net_help_group(argc, argv);
867 }
868
869 /**
870 * List groups on a remote RPC server
871 *
872 * All parameters are provided by the run_rpc_command function, except for
873 * argc, argv which are passes through.
874 *
875 * @param domain_sid The domain sid acquired from the remote server
876 * @param cli A cli_state connected to the server.
877 * @param mem_ctx Talloc context, destoyed on completion of the function.
878 * @param argc Standard main() style argc
879 * @param argv Standard main() style argv. Initial components are already
880 * stripped
881 *
882 * @return Normal NTSTATUS return.
883 **/
884
885 static NTSTATUS
886 rpc_group_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
887 TALLOC_CTX *mem_ctx, int argc, const char **argv)
888 {
889 POLICY_HND connect_pol, domain_pol;
890 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
891 uint32 start_idx=0, max_entries=250, num_entries, i;
892 struct acct_info *groups;
893 DOM_SID global_sid_Builtin;
894
895 string_to_sid(&global_sid_Builtin, "S-1-5-32");
896
897 /* Get sam policy handle */
898
899 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
900 &connect_pol);
901 if (!NT_STATUS_IS_OK(result)) {
902 goto done;
903 }
904
905 /* Get domain policy handle */
906
907 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
908 MAXIMUM_ALLOWED_ACCESS,
909 domain_sid, &domain_pol);
910 if (!NT_STATUS_IS_OK(result)) {
911 goto done;
912 }
913
914 /* Query domain groups */
915 if (opt_long_list_entries)
916 d_printf("\nGroup name Comment"\
917 "\n-----------------------------\n");
918 do {
919 result = cli_samr_enum_dom_groups(cli, mem_ctx, &domain_pol,
920 &start_idx, max_entries,
921 &groups, &num_entries);
922
923 for (i = 0; i < num_entries; i++) {
924 if (opt_long_list_entries)
925 printf("%-21.21s %-50.50s\n",
926 groups[i].acct_name,
927 groups[i].acct_desc);
928 else
929 printf("%-21.21s\n", groups[i].acct_name);
930 }
931 } while (!NT_STATUS_IS_OK(result));
932 /* query domain aliases */
933 do {
934 result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol,
935 &start_idx, max_entries,
936 &groups, &num_entries);
937
938 for (i = 0; i < num_entries; i++) {
939 if (opt_long_list_entries)
940 printf("%-21.21s %-50.50s\n",
941 groups[i].acct_name,
942 groups[i].acct_desc);
943 else
944 printf("%-21.21s\n", groups[i].acct_name);
945 }
946 } while (!NT_STATUS_IS_OK(result));
947 cli_samr_close(cli, mem_ctx, &domain_pol);
948 /* Get builtin policy handle */
949
950 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
951 MAXIMUM_ALLOWED_ACCESS,
952 &global_sid_Builtin, &domain_pol);
953 if (!NT_STATUS_IS_OK(result)) {
954 goto done;
955 }
956 /* query builtin aliases */
957 do {
958 result = cli_samr_enum_als_groups(cli, mem_ctx, &domain_pol,
959 &start_idx, max_entries,
960 &groups, &num_entries);
961
962 for (i = 0; i < num_entries; i++) {
963 if (opt_long_list_entries)
964 printf("%-21.21s %-50.50s\n",
965 groups[i].acct_name,
966 groups[i].acct_desc);
967 else
968 printf("%s\n", groups[i].acct_name);
969 }
970 } while (!NT_STATUS_IS_OK(result));
971
972 done:
973 return result;
974 }
975
976 /**
977 * 'net rpc group' entrypoint.
978 * @param argc Standard main() style argc
979 * @param argc Standard main() style argv. Initial components are already
980 * stripped
981 **/
982
983 int net_rpc_group(int argc, const char **argv)
984 {
985 struct functable func[] = {
986 #if 0
987 {"add", rpc_group_add},
988 {"delete", rpc_group_delete},
989 #endif
990 {NULL, NULL}
991 };
992
993 if (argc == 0) {
994 if (opt_long_list_entries) {
995 } else {
996 }
997 return run_rpc_command(NULL, PIPE_SAMR, 0,
998 rpc_group_list_internals,
999 argc, argv);
1000 }
1001
1002 return net_run_function(argc, argv, func, rpc_group_usage);
1003 }
1004
1005 /****************************************************************************/
1006
1007 static int rpc_share_usage(int argc, const char **argv)
1008 {
1009 return net_help_share(argc, argv);
1010 }
1011
1012 /**
1013 * Add a share on a remote RPC server
1014 *
1015 * All parameters are provided by the run_rpc_command function, except for
1016 * argc, argv which are passes through.
1017 *
1018 * @param domain_sid The domain sid acquired from the remote server
1019 * @param cli A cli_state connected to the server.
1020 * @param mem_ctx Talloc context, destoyed on completion of the function.
1021 * @param argc Standard main() style argc
1022 * @param argv Standard main() style argv. Initial components are already
1023 * stripped
1024 *
1025 * @return Normal NTSTATUS return.
1026 **/
1027 static NTSTATUS
1028 rpc_share_add_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1029 TALLOC_CTX *mem_ctx,int argc, const char **argv)
1030 {
1031 WERROR result;
1032 char *sharename=talloc_strdup(mem_ctx, argv[0]);
1033 char *path;
1034 uint32 type=0; /* only allow disk shares to be added */
1035 uint32 num_users=0, perms=0;
1036 char *password=NULL; /* don't allow a share password */
1037
1038 path = strchr(sharename, '=');
1039 if (!path)
1040 return NT_STATUS_UNSUCCESSFUL;
1041 *path++ = '\0';
1042
1043 result = cli_srvsvc_net_share_add(cli, mem_ctx, sharename, type,
1044 opt_comment, perms, opt_maxusers,
1045 num_users, path, password);
1046 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1047 }
1048
1049 static int rpc_share_add(int argc, const char **argv)
1050 {
1051 if ((argc < 1) || !strchr(argv[0], '=')) {
1052 DEBUG(1,("Sharename or path not specified on add\n"));
1053 return rpc_share_usage(argc, argv);
1054 }
1055 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1056 rpc_share_add_internals,
1057 argc, argv);
1058 }
1059
1060 /**
1061 * Delete a share on a remote RPC server
1062 *
1063 * All parameters are provided by the run_rpc_command function, except for
1064 * argc, argv which are passes through.
1065 *
1066 * @param domain_sid The domain sid acquired from the remote server
1067 * @param cli A cli_state connected to the server.
1068 * @param mem_ctx Talloc context, destoyed on completion of the function.
1069 * @param argc Standard main() style argc
1070 * @param argv Standard main() style argv. Initial components are already
1071 * stripped
1072 *
1073 * @return Normal NTSTATUS return.
1074 **/
1075 static NTSTATUS
1076 rpc_share_del_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1077 TALLOC_CTX *mem_ctx,int argc, const char **argv)
1078 {
1079 WERROR result;
1080
1081 result = cli_srvsvc_net_share_del(cli, mem_ctx, argv[0]);
1082 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1083 }
1084
1085 /**
1086 * Delete a share on a remote RPC server
1087 *
1088 * @param domain_sid The domain sid acquired from the remote server
1089 * @param argc Standard main() style argc
1090 * @param argv Standard main() style argv. Initial components are already
1091 * stripped
1092 *
1093 * @return A shell status integer (0 for success)
1094 **/
1095 static int rpc_share_delete(int argc, const char **argv)
1096 {
1097 if (argc < 1) {
1098 DEBUG(1,("Sharename not specified on delete\n"));
1099 return rpc_share_usage(argc, argv);
1100 }
1101 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1102 rpc_share_del_internals,
1103 argc, argv);
1104 }
1105
1106 /**
1107 * Formatted print of share info
1108 *
1109 * @param info1 pointer to SRV_SHARE_INFO_1 to format
1110 **/
1111
1112 static void display_share_info_1(SRV_SHARE_INFO_1 *info1)
1113 {
1114 fstring netname = "", remark = "";
1115
1116 rpcstr_pull_unistr2_fstring(netname, &info1->info_1_str.uni_netname);
1117 rpcstr_pull_unistr2_fstring(remark, &info1->info_1_str.uni_remark);
1118
1119 if (opt_long_list_entries) {
1120 d_printf("%-12.12s %-8.8s %-50.50s\n",
1121 netname, share_type[info1->info_1.type], remark);
1122 } else {
1123 d_printf("%-12.12s\n", netname);
1124 }
1125
1126 }
1127
1128 /**
1129 * List shares on a remote RPC server
1130 *
1131 * All parameters are provided by the run_rpc_command function, except for
1132 * argc, argv which are passes through.
1133 *
1134 * @param domain_sid The domain sid acquired from the remote server
1135 * @param cli A cli_state connected to the server.
1136 * @param mem_ctx Talloc context, destoyed on completion of the function.
1137 * @param argc Standard main() style argc
1138 * @param argv Standard main() style argv. Initial components are already
1139 * stripped
1140 *
1141 * @return Normal NTSTATUS return.
1142 **/
1143
1144 static NTSTATUS
1145 rpc_share_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1146 TALLOC_CTX *mem_ctx, int argc, const char **argv)
1147 {
1148 SRV_SHARE_INFO_CTR ctr;
1149 WERROR result;
1150 ENUM_HND hnd;
1151 uint32 preferred_len = 0xffffffff, i;
1152
1153 init_enum_hnd(&hnd, 0);
1154
1155 result = cli_srvsvc_net_share_enum(
1156 cli, mem_ctx, 1, &ctr, preferred_len, &hnd);
1157
1158 if (!W_ERROR_IS_OK(result))
1159 goto done;
1160
1161 /* Display results */
1162
1163 if (opt_long_list_entries) {
1164 d_printf(
1165 "\nEnumerating shared resources (exports) on remote server:\n\n"\
1166 "\nShare name Type Description\n"\
1167 "---------- ---- -----------\n");
1168 }
1169 for (i = 0; i < ctr.num_entries; i++)
1170 display_share_info_1(&ctr.share.info1[i]);
1171 done:
1172 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1173 }
1174
1175 /**
1176 * 'net rpc share' entrypoint.
1177 * @param argc Standard main() style argc
1178 * @param argv Standard main() style argv. Initial components are already
1179 * stripped
1180 **/
1181
1182 int net_rpc_share(int argc, const char **argv)
1183 {
1184 struct functable func[] = {
1185 {"add", rpc_share_add},
1186 {"delete", rpc_share_delete},
1187 {NULL, NULL}
1188 };
1189
1190 if (argc == 0)
1191 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1192 rpc_share_list_internals,
1193 argc, argv);
1194
1195 return net_run_function(argc, argv, func, rpc_share_usage);
1196 }
1197
1198 /****************************************************************************/
1199
1200 static int rpc_file_usage(int argc, const char **argv)
1201 {
1202 return net_help_file(argc, argv);
1203 }
1204
1205 /**
1206 * Close a file on a remote RPC server
1207 *
1208 * All parameters are provided by the run_rpc_command function, except for
1209 * argc, argv which are passes through.
1210 *
1211 * @param domain_sid The domain sid acquired from the remote server
1212 * @param cli A cli_state connected to the server.
1213 * @param mem_ctx Talloc context, destoyed on completion of the function.
1214 * @param argc Standard main() style argc
1215 * @param argv Standard main() style argv. Initial components are already
1216 * stripped
1217 *
1218 * @return Normal NTSTATUS return.
1219 **/
1220 static NTSTATUS
1221 rpc_file_close_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1222 TALLOC_CTX *mem_ctx, int argc, const char **argv)
1223 {
1224 WERROR result;
1225 result = cli_srvsvc_net_file_close(cli, mem_ctx, atoi(argv[0]));
1226 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1227 }
1228
1229 /**
1230 * Close a file on a remote RPC server
1231 *
1232 * @param argc Standard main() style argc
1233 * @param argv Standard main() style argv. Initial components are already
1234 * stripped
1235 *
1236 * @return A shell status integer (0 for success)
1237 **/
1238 static int rpc_file_close(int argc, const char **argv)
1239 {
1240 if (argc < 1) {
1241 DEBUG(1, ("No fileid given on close\n"));
1242 return(rpc_file_usage(argc, argv));
1243 }
1244
1245 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1246 rpc_file_close_internals,
1247 argc, argv);
1248 }
1249
1250 /**
1251 * Formatted print of open file info
1252 *
1253 * @param info3 FILE_INFO_3 contents
1254 * @param str3 strings for FILE_INFO_3
1255 **/
1256
1257 static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3)
1258 {
1259 fstring user = "", path = "";
1260
1261 rpcstr_pull_unistr2_fstring(user, &str3->uni_user_name);
1262 rpcstr_pull_unistr2_fstring(path, &str3->uni_path_name);
1263
1264 d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n",
1265 info3->id, user, info3->perms, info3->num_locks, path);
1266 }
1267
1268 /**
1269 * List open files on a remote RPC server
1270 *
1271 * All parameters are provided by the run_rpc_command function, except for
1272 * argc, argv which are passes through.
1273 *
1274 * @param domain_sid The domain sid acquired from the remote server
1275 * @param cli A cli_state connected to the server.
1276 * @param mem_ctx Talloc context, destoyed on completion of the function.
1277 * @param argc Standard main() style argc
1278 * @param argv Standard main() style argv. Initial components are already
1279 * stripped
1280 *
1281 * @return Normal NTSTATUS return.
1282 **/
1283
1284 static NTSTATUS
1285 rpc_file_list_internals(const DOM_SID *domain_sid, struct cli_state *cli,
1286 TALLOC_CTX *mem_ctx, int argc, const char **argv)
1287 {
1288 SRV_FILE_INFO_CTR ctr;
1289 WERROR result;
1290 ENUM_HND hnd;
1291 uint32 preferred_len = 0xffffffff, i;
1292 const char *username=NULL;
1293
1294 init_enum_hnd(&hnd, 0);
1295
1296 /* if argc > 0, must be user command */
1297 if (argc > 0)
1298 username = smb_xstrdup(argv[0]);
1299
1300 result = cli_srvsvc_net_file_enum(
1301 cli, mem_ctx, 3, username, &ctr, preferred_len, &hnd);
1302
1303 if (!W_ERROR_IS_OK(result))
1304 goto done;
1305
1306 /* Display results */
1307
1308 d_printf(
1309 "\nEnumerating open files on remote server:\n\n"\
1310 "\nFileId Opened by Perms Locks Path"\
1311 "\n------ --------- ----- ----- ---- \n");
1312 for (i = 0; i < ctr.num_entries; i++)
1313 display_file_info_3(&ctr.file.info3[i].info_3,
1314 &ctr.file.info3[i].info_3_str);
1315 done:
1316 return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
1317 }
1318
1319
1320 /**
1321 * List files for a user on a remote RPC server
1322 *
1323 * @param argc Standard main() style argc
1324 * @param argv Standard main() style argv. Initial components are already
1325 * stripped
1326 *
1327 * @return A shell status integer (0 for success)
1328 **/
1329 static int rpc_file_user(int argc, const char **argv)
1330 {
1331 if (argc < 1) {
1332 DEBUG(1, ("No username given\n"));
1333 return(rpc_file_usage(argc, argv));
1334 }
1335
1336 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1337 rpc_file_list_internals,
1338 argc, argv);
1339 }
1340
1341
1342 /**
1343 * 'net rpc file' entrypoint.
1344 * @param argc Standard main() style argc
1345 * @param argv Standard main() style argv. Initial components are already
1346 * stripped
1347 **/
1348
1349 int net_rpc_file(int argc, const char **argv)
1350 {
1351 struct functable func[] = {
1352 {"close", rpc_file_close},
1353 {"user", rpc_file_user},
1354 #if 0
1355 {"info", rpc_file_info},
1356 #endif
1357 {NULL, NULL}
1358 };
1359
1360 if (argc == 0)
1361 return run_rpc_command(NULL, PIPE_SRVSVC, 0,
1362 rpc_file_list_internals,
1363 argc, argv);
1364
1365 return net_run_function(argc, argv, func, rpc_file_usage);
1366 }
1367
1368 /****************************************************************************/
1369
1370
1371
1372 /**
1373 * ABORT the shutdown of a remote RPC Server
1374 *
1375 * All parameters are provided by the run_rpc_command function, except for
1376 * argc, argv which are passed through.
1377 *
1378 * @param domain_sid The domain sid aquired from the remote server
1379 * @param cli A cli_state connected to the server.
1380 * @param mem_ctx Talloc context, destoyed on compleation of the function.
1381 * @param argc Standard main() style argc
1382 * @param argv Standard main() style argv. Initial components are already
1383 * stripped
1384 *
1385 * @return Normal NTSTATUS return.
1386 **/
1387
1388 static NTSTATUS rpc_shutdown_abort_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1389 int argc, const char **argv)
1390 {
1391 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1392
1393 result = cli_reg_abort_shutdown(cli, mem_ctx);
1394
1395 if (NT_STATUS_IS_OK(result))
1396 DEBUG(5,("cmd_reg_abort_shutdown: query succeeded\n"));
1397 else
1398 DEBUG(5,("cmd_reg_abort_shutdown: query failed\n"));
1399
1400 return result;
1401 }
1402
1403
1404 /**
1405 * ABORT the Shut down of a remote RPC server
1406 *
1407 * @param argc Standard main() style argc
1408 * @param argv Standard main() style argv. Initial components are already
1409 * stripped
1410 *
1411 * @return A shell status integer (0 for success)
1412 **/
1413
1414 static int rpc_shutdown_abort(int argc, const char **argv)
1415 {
1416 return run_rpc_command(NULL, PIPE_WINREG, 0, rpc_shutdown_abort_internals,
1417 argc, argv);
1418 }
1419
1420 /**
1421 * Shut down a remote RPC Server
1422 *
1423 * All parameters are provided by the run_rpc_command function, except for
1424 * argc, argv which are passes through.
1425 *
1426 * @param domain_sid The domain sid aquired from the remote server
1427 * @param cli A cli_state connected to the server.
1428 * @param mem_ctx Talloc context, destoyed on compleation of the function.
1429 * @param argc Standard main() style argc
1430 * @param argc Standard main() style argv. Initial components are already
1431 * stripped
1432 *
1433 * @return Normal NTSTATUS return.
1434 **/
1435
1436 static NTSTATUS rpc_shutdown_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1437 int argc, const char **argv)
1438 {
1439 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1440 char *msg = "This machine will be shutdown shortly";
1441 uint32 timeout = 20;
1442 uint16 flgs = 0;
1443 BOOL reboot = opt_reboot;
1444 BOOL force = opt_force;
1445 #if 0
1446 poptContext pc;
1447 int rc;
1448
1449 struct poptOption long_options[] = {
1450 {"message", 'm', POPT_ARG_STRING, &msg},
1451 {"timeout", 't', POPT_ARG_INT, &timeout},
1452 {"reboot", 'r', POPT_ARG_NONE, &reboot},
1453 {"force", 'f', POPT_ARG_NONE, &force},
1454 { 0, 0, 0, 0}
1455 };
1456
1457 pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
1458 POPT_CONTEXT_KEEP_FIRST);
1459
1460 rc = poptGetNextOpt(pc);
1461
1462 if (rc < -1) {
1463 /* an error occurred during option processing */
1464 DEBUG(0, ("%s: %s\n",
1465 poptBadOption(pc, POPT_BADOPTION_NOALIAS),
1466 poptStrerror(rc)));
1467 return NT_STATUS_INVALID_PARAMETER;
1468 }
1469 #endif
1470 if (reboot) {
1471 flgs |= REG_REBOOT_ON_SHUTDOWN;
1472 }
1473 if (force) {
1474 flgs |= REG_FORCE_SHUTDOWN;
1475 }
1476 if (opt_comment) {
1477 msg = opt_comment;
1478 }
1479 if (opt_timeout) {
1480 timeout = opt_timeout;
1481 }
1482
1483 /* create an entry */
1484 result = cli_reg_shutdown(cli, mem_ctx, msg, timeout, flgs);
1485
1486 if (NT_STATUS_IS_OK(result))
1487 DEBUG(5,("Shutdown of remote machine succeeded\n"));
1488 else
1489 DEBUG(0,("Shutdown of remote machine failed!\n"));
1490
1491 return result;
1492 }
1493
1494 /**
1495 * Shut down a remote RPC server
1496 *
1497 * @param argc Standard main() style argc
1498 * @param argc Standard main() style argv. Initial components are already
1499 * stripped
1500 *
1501 * @return A shell status integer (0 for success)
1502 **/
1503
1504 static int rpc_shutdown(int argc, const char **argv)
1505 {
1506 return run_rpc_command(NULL, PIPE_WINREG, 0, rpc_shutdown_internals,
1507 argc, argv);
1508 }
1509
1510 /***************************************************************************
1511 NT Domain trusts code (i.e. 'net rpc trustdom' functionality)
1512
1513 ***************************************************************************/
1514
1515 /**
1516 * Add interdomain trust account to the RPC server.
1517 * All parameters (except for argc and argv) are passed by run_rpc_command
1518 * function.
1519 *
1520 * @param domain_sid The domain sid acquired from the server
1521 * @param cli A cli_state connected to the server.
1522 * @param mem_ctx Talloc context, destoyed on completion of the function.
1523 * @param argc Standard main() style argc
1524 * @param argc Standard main() style argv. Initial components are already
1525 * stripped
1526 *
1527 * @return normal NTSTATUS return code
1528 */
1529
1530 static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1531 int argc, const char **argv) {
1532
1533 POLICY_HND connect_pol, domain_pol, user_pol;
1534 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
1535 char *acct_name;
1536 uint16 acb_info;
1537 uint32 unknown, user_rid;
1538
1539 if (argc != 1) {
1540 d_printf("Usage: net rpc trustdom add <domain_name>\n");
1541 return NT_STATUS_INVALID_PARAMETER;
1542 }
1543
1544 /*
1545 * Make valid trusting domain account (ie. uppercased and with '$' appended)
1546 */
1547
1548 if (asprintf(&acct_name, "%s$", argv[0]) < 0) {
1549 return NT_STATUS_NO_MEMORY;
1550 }
1551
1552 strupper(acct_name);
1553
1554 /* Get samr policy handle */
1555 result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
1556 &connect_pol);
1557 if (!NT_STATUS_IS_OK(result)) {
1558 goto done;
1559 }
1560
1561 /* Get domain policy handle */
1562 result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
1563 MAXIMUM_ALLOWED_ACCESS,
1564 domain_sid, &domain_pol);
1565 if (!NT_STATUS_IS_OK(result)) {
1566 goto done;
1567 }
1568
1569 /* Create trusting domain's account */
1570 acb_info = ACB_DOMTRUST;
1571 unknown = 0xe005000b; /* No idea what this is - a permission mask?
1572 mimir: yes, most probably it is */
1573
1574 result = cli_samr_create_dom_user(cli, mem_ctx, &domain_pol,
1575 acct_name, acb_info, unknown,
1576 &user_pol, &user_rid);
1577 if (!NT_STATUS_IS_OK(result)) {
1578 goto done;
1579 }
1580
1581 done:
1582 SAFE_FREE(acct_name);
1583 return result;
1584 }
1585
1586 /**
1587 * Create interdomain trust account for a remote domain.
1588 *
1589 * @param argc standard argc
1590 * @param argv standard argv without initial components
1591 *
1592 * @return Integer status (0 means success)
1593 **/
1594
1595 static int rpc_trustdom_add(int argc, const char **argv)
1596 {
1597 return run_rpc_command(NULL, PIPE_SAMR, 0, rpc_trustdom_add_internals,
1598 argc, argv);
1599 }
1600
1601
1602 /**
1603 * Delete interdomain trust account for a remote domain.
1604 *
1605 * @param argc standard argc
1606 * @param argv standard argv without initial components
1607 *
1608 * @return Integer status (0 means success)
1609 **/
1610
1611 static int rpc_trustdom_del(int argc, const char **argv)
1612 {
1613 d_printf("Sorry, not yet implemented.\n");
1614 return -1;
1615 }
1616
1617
1618 /**
1619 * Establish trust relationship to a trusting domain.
1620 * Interdomain account must already be created on remote PDC.
1621 *
1622 * @param argc standard argc
1623 * @param argv standard argv without initial components
1624 *
1625 * @return Integer status (0 means success)
1626 **/
1627
1628 extern char *opt_user_name;
1629 extern char *opt_password;
1630 extern char *opt_workgroup;
1631
1632 static int rpc_trustdom_establish(int argc, const char **argv)
1633 {
1634 struct cli_state *cli;
1635 struct in_addr server_ip;
1636 POLICY_HND connect_hnd;
1637 TALLOC_CTX *mem_ctx;
1638 NTSTATUS nt_status;
1639 DOM_SID domain_sid;
1640 WKS_INFO_100 wks_info;
1641
1642 char* domain_name;
1643 char* acct_name;
1644 fstring pdc_name;
1645
1646 /*
1647 * Connect to \\server\ipc$ as 'our domain' account with password
1648 */
1649
1650 if (argc != 1) {
1651 d_printf("Usage: net rpc trustdom establish <domain_name>\n");
1652 return -1;
1653 }
1654
1655 domain_name = smb_xstrdup(argv[0]);
1656 strupper(domain_name);
1657
1658 /*
1659 * opt_workgroup will be used by connection functions further,
1660 * hence it should be set to remote domain name instead of ours
1661 */
1662 if (opt_workgroup) {
1663 SAFE_FREE(opt_workgroup);
1664 opt_workgroup = smb_xstrdup(domain_name);
1665 };
1666
1667 asprintf(&acct_name, "%s$", lp_workgroup());
1668 strupper(acct_name);
1669
1670 opt_user_name = acct_name;
1671
1672 /* find the domain controller */
1673 if (!net_find_dc(&server_ip, pdc_name, domain_name)) {
1674 DEBUG(0, ("Coulnd find domain controller for domain %s\n", domain_name));
1675 return -1;
1676 }
1677
1678 /* connect to ipc$ as username/password */
1679 nt_status = connect_to_ipc(&cli, &server_ip, pdc_name);
1680 if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
1681
1682 /* Is it trusting domain account for sure ? */
1683 DEBUG(0, ("Couldn't verify trusting domain account. Error was %s\n",
1684 nt_errstr(nt_status)));
1685 return -1;
1686 }
1687
1688 /*
1689 * Connect to \\server\ipc$ again (this time anonymously)
1690 */
1691
1692 nt_status = connect_to_ipc_anonymous(&cli, &server_ip, (char*)pdc_name);
1693
1694 if (NT_STATUS_IS_ERR(nt_status)) {
1695 DEBUG(0, ("Couldn't connect to domain %s controller. Error was %s.\n",
1696 domain_name, nt_errstr(nt_status)));
1697 }
1698
1699 /*
1700 * Use NetServerEnum2 to make sure we're talking to a proper server
1701 */
1702
1703 if (!cli_get_pdc_name(cli, domain_name, (char*)pdc_name)) {
1704 DEBUG(0, ("NetServerEnum2 error: Couldn't find primary domain controller\
1705 for domain %s\n", domain_name));
1706 }
1707
1708 /*
1709 * Call WksQueryInfo to check remote server's capabilities
1710 * note: It is now used only to get unicode domain name
1711 */
1712
1713 if (!cli_nt_session_open(cli, PIPE_WKSSVC)) {
1714 DEBUG(0, ("Couldn't not initialise wkssvc pipe\n"));
1715 return -1;
1716 }
1717
1718 if (!(mem_ctx = talloc_init_named("establishing trust relationship to domain %s",
1719 domain_name))) {
1720 DEBUG(0, ("talloc_init() failed\n"));
1721 cli_shutdown(cli);
1722 return -1;
1723 }
1724
1725 nt_status = cli_wks_query_info(cli, mem_ctx, &wks_info);
1726
1727 if (NT_STATUS_IS_ERR(nt_status)) {
1728 DEBUG(0, ("WksQueryInfo call failed.\n"));
1729 return -1;
1730 }
1731
1732 if (cli->nt_pipe_fnum)
1733 cli_nt_session_close(cli);
1734
1735
1736 /*
1737 * Call LsaOpenPolicy and LsaQueryInfo
1738 */
1739
1740 if (!(mem_ctx = talloc_init())) {
1741 DEBUG(0, ("talloc_init() failed\n"));
1742 cli_shutdown(cli);
1743 return -1;
1744 }
1745
1746 if (!cli_nt_session_open(cli, PIPE_LSARPC)) {
1747 DEBUG(0, ("Could not initialise lsa pipe\n"));
1748 cli_shutdown(cli);
1749 return -1;
1750 }
1751
1752 nt_status = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE,
1753 &connect_hnd);
1754 if (NT_STATUS_IS_ERR(nt_status)) {
1755 DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
1756 nt_errstr(nt_status)));
1757 return -1;
1758 }
1759
1760 /* Querying info level 5 */
1761
1762 nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd,
1763 5 /* info level */, domain_name,
1764 &domain_sid);
1765 if (NT_STATUS_IS_ERR(nt_status)) {
1766 DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
1767 nt_errstr(nt_status)));
1768 return -1;
1769 }
1770
1771
1772
1773
1774 /* There should be actually query info level 3 (following nt serv behaviour),
1775 but I still don't know if it's _really_ necessary */
1776
1777 /*
1778 * Store the password in secrets db
1779 */
1780
1781 if (!secrets_store_trusted_domain_password(domain_name, wks_info.uni_lan_grp.buffer,
1782 wks_info.uni_lan_grp.uni_str_len, opt_password,
1783 domain_sid)) {
1784 DEBUG(0, ("Storing password for trusted domain failed.\n"));
1785 return -1;
1786 }
1787
1788 /*
1789 * Close the pipes and clean up
1790 */
1791
1792 nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd);
1793 if (NT_STATUS_IS_ERR(nt_status)) {
1794 DEBUG(0, ("Couldn't close LSA pipe. Error was %s\n",
1795 nt_errstr(nt_status)));
1796 return -1;
1797 }
1798
1799 if (cli->nt_pipe_fnum)
1800 cli_nt_session_close(cli);
1801
1802 talloc_destroy(mem_ctx);
1803
1804 DEBUG(0, ("Success!\n"));
1805 return 0;
1806 }
1807
1808 /**
1809 * Revoke trust relationship to the remote domain
1810 *
1811 * @param argc standard argc
1812 * @param argv standard argv without initial components
1813 *
1814 * @return Integer status (0 means success)
1815 **/
1816
1817 static int rpc_trustdom_revoke(int argc, const char **argv)
1818 {
1819 char* domain_name;
1820
1821 if (argc < 1) return -1;
1822
1823 /* generate upper cased domain name */
1824 domain_name = smb_xstrdup(argv[0]);
1825 strupper(domain_name);
1826
1827 /* delete password of the trust */
1828 if (!trusted_domain_password_delete(domain_name)) {
1829 DEBUG(0, ("Failed to revoke relationship to the trusted domain %s\n",
1830 domain_name));
1831 return -1;
1832 };
1833
1834 return 0;
1835 }
1836
1837 /**
1838 * Usage for 'net rpc trustdom' command
1839 *
1840 * @param argc standard argc
1841 * @param argv standard argv without inital components
1842 *
1843 * @return Integer status returned to shell
1844 **/
1845
1846 static int rpc_trustdom_usage(int argc, const char **argv)
1847 {
1848 d_printf(" net rpc trustdom add \t\t add trusting domain's account\n");
1849 d_printf(" net rpc trustdom del \t\t delete trusting domain's account\n");
1850 d_printf(" net rpc trustdom establish \t establish relationship to trusted domain\n");
1851 d_printf(" net rpc trustdom revoke \t abandon relationship to trusted domain\n");
1852 d_printf(" net rpc trustdom list \t show current interdomain trust relationships\n");
1853 return -1;
1854 }
1855
1856
1857 static NTSTATUS rpc_query_domain_sid(const DOM_SID *domain_sid, struct cli_state *cli, TALLOC_CTX *mem_ctx,
1858 int argc, const char **argv)
1859 {
1860 fstring str_sid;
1861 sid_to_string(str_sid, domain_sid);
1862 d_printf("%s\n", str_sid);
1863 return NT_STATUS_OK;
1864 };
1865
1866
1867 extern char* opt_workgroup;
1868 extern char* opt_target_worgroup;
1869 extern char* opt_host;
1870 extern char* opt_password;
1871
1872 static int rpc_trustdom_list(int argc, const char **argv)
1873 {
1874 /* common variables */
1875 TALLOC_CTX* mem_ctx;
1876 struct cli_state *cli, *remote_cli;
1877 NTSTATUS nt_status;
1878 char *domain_name = NULL;
1879 DOM_SID queried_dom_sid;
1880 fstring ascii_sid, padding;
1881 int ascii_dom_name_len;
1882 POLICY_HND connect_hnd;
1883
1884 /* trusted domains listing variables */
1885 int enum_ctx = 0;
1886 int num_domains, i, pad_len, col_len = 20;
1887 DOM_SID *domain_sids;
1888 char **trusted_dom_names;
1889 fstring pdc_name;
1890
1891 /* trusting domains listing variables */
1892 POLICY_HND domain_hnd;
1893 char **trusting_dom_names;
1894 uint32 *trusting_dom_rids;
1895
1896 /*
1897 * Listing trusted domains (stored in secrets.tdb, if local)
1898 */
1899
1900 mem_ctx = talloc_init_named("trust relationships listing");
1901
1902 /*
1903 * set domain and pdc name to local samba server (default)
1904 * or to remote one given in command line
1905 */
1906 strupper(opt_workgroup);
1907 if (strcmp(opt_workgroup, lp_workgroup())) {
1908 domain_name = opt_workgroup;
1909 if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup);
1910 opt_target_workgroup = opt_workgroup;
1911 } else {
1912 safe_strcpy(pdc_name, global_myname, FSTRING_LEN);
1913 domain_name = talloc_strdup(mem_ctx, lp_workgroup());
1914 if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup);
1915 opt_target_workgroup = domain_name;
1916 };
1917
1918 /* open \PIPE\lsarpc and open policy handle */
1919 if (!(cli = net_make_ipc_connection(NET_FLAGS_PDC))) {
1920 DEBUG(0, ("Couldn't connect to domain controller\n"));
1921 return -1;
1922 };
1923
1924 if (!cli_nt_session_open(cli, PIPE_LSARPC)) {
1925 DEBUG(0, ("Could not initialise lsa pipe\n"));
1926 return -1;
1927 };
1928
1929 nt_status = cli_lsa_open_policy2(cli, mem_ctx, True, SEC_RIGHTS_QUERY_VALUE,
1930 &connect_hnd);
1931 if (NT_STATUS_IS_ERR(nt_status)) {
1932 DEBUG(0, ("Couldn't open policy handle. Error was %s\n",
1933 nt_errstr(nt_status)));
1934 return -1;
1935 };
1936
1937 /* query info level 5 to obtain sid of a domain being queried */
1938 nt_status = cli_lsa_query_info_policy(cli, mem_ctx, &connect_hnd,
1939 5 /* info level */, domain_name, &queried_dom_sid);
1940 if (NT_STATUS_IS_ERR(nt_status)) {
1941 DEBUG(0, ("LSA Query Info failed. Returned error was %s\n",
1942 nt_errstr(nt_status)));
1943 return -1;
1944 }
1945
1946 /*
1947 * Keep calling LsaEnumTrustdom over opened pipe until
1948 * the end of enumeration is reached
1949 */
1950
1951 d_printf("Trusted domains list:\n\n");
1952
1953 do {
1954 nt_status = cli_lsa_enum_trust_dom(cli, mem_ctx, &connect_hnd, &enum_ctx,
1955 &num_domains,
1956 &trusted_dom_names, &domain_sids);
1957
1958 if (NT_STATUS_IS_ERR(nt_status)) {
1959 DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n",
1960 nt_errstr(nt_status)));
1961 return -1;
1962 };
1963
1964 for (i = 0; i < num_domains; i++) {
1965 /* convert sid into ascii string */
1966 sid_to_string(ascii_sid, &(domain_sids[i]));
1967
1968 /* calculate padding space for d_printf to look nicer */
1969 pad_len = col_len - strlen(trusted_dom_names[i]);
1970 padding[pad_len] = 0;
1971 do padding[--pad_len] = ' '; while (pad_len);
1972
1973 d_printf("%s%s%s\n", trusted_dom_names[i], padding, ascii_sid);
1974 };
1975
1976 /*
1977 * in case of no trusted domains say something rather
1978 * than just display blank line
1979 */
1980 if (!num_domains) d_printf("none\n");
1981
1982 } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
1983
1984 /* close this connection before doing next one */
1985 nt_status = cli_lsa_close(cli, mem_ctx, &connect_hnd);
1986 if (NT_STATUS_IS_ERR(nt_status)) {
1987 DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n",
1988 nt_errstr(nt_status)));
1989 return -1;
1990 };
1991
1992 cli_nt_session_close(cli);
1993
1994 /*
1995 * Listing trusting domains (stored in passdb backend, if local)
1996 */
1997
1998 d_printf("\nTrusting domains list:\n\n");
1999
2000 /*
2001 * Open \PIPE\samr and get needed policy handles
2002 */
2003 if (!cli_nt_session_open(cli, PIPE_SAMR)) {
2004 DEBUG(0, ("Could not initialise samr pipe\n"));
2005 return -1;
2006 };
2007
2008 /* SamrConnect */
2009 nt_status = cli_samr_connect(cli, mem_ctx, SAMR_ACCESS_OPEN_DOMAIN,
2010 &connect_hnd);
2011 if (!NT_STATUS_IS_OK(nt_status)) {
2012 DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n",
2013 nt_errstr(nt_status)));
2014 return -1;
2015 };
2016
2017 /* SamrOpenDomain - we have to open domain policy handle in order to be
2018 able to enumerate accounts*/
2019 nt_status = cli_samr_open_domain(cli, mem_ctx, &connect_hnd,
2020 DOMAIN_ACCESS_ENUM_ACCOUNTS,
2021 &queried_dom_sid, &domain_hnd);
2022 if (!NT_STATUS_IS_OK(nt_status)) {
2023 DEBUG(0, ("Couldn't open domain object. Error was %s\n",
2024 nt_errstr(nt_status)));
2025 return -1;
2026 };
2027
2028 /*
2029 * perform actual enumeration
2030 */
2031
2032 enum_ctx = 0; /* reset enumeration context from last enumeration */
2033 do {
2034
2035 nt_status = cli_samr_enum_dom_users(cli, mem_ctx, &domain_hnd,
2036 &enum_ctx, ACB_DOMTRUST, 0xffff,
2037 &trusting_dom_names, &trusting_dom_rids,
2038 &num_domains);
2039 if (NT_STATUS_IS_ERR(nt_status)) {
2040 DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n",
2041 nt_errstr(nt_status)));
2042 return -1;
2043 };
2044
2045 for (i = 0; i < num_domains; i++) {
2046
2047 /*
2048 * get each single domain's sid (do we _really_ need this ?):
2049 * 1) connect to domain's pdc
2050 * 2) query the pdc for domain's sid
2051 */
2052
2053 /* get rid of '$' tail */
2054 ascii_dom_name_len = strlen(trusting_dom_names[i]);
2055 if (ascii_dom_name_len && ascii_dom_name_len < FSTRING_LEN)
2056 trusting_dom_names[i][ascii_dom_name_len - 1] = '\0';
2057
2058 /* calculate padding space for d_printf to look nicer */
2059 pad_len = col_len - strlen(trusting_dom_names[i]);
2060 padding[pad_len] = 0;
2061 do padding[--pad_len] = ' '; while (pad_len);
2062
2063 /* set opt_* variables to remote domain */
2064 strupper(trusting_dom_names[i]);
2065 opt_workgroup = talloc_strdup(mem_ctx, trusting_dom_names[i]);
2066 if (opt_target_workgroup) SAFE_FREE(opt_target_workgroup);
2067 opt_target_workgroup = opt_workgroup;
2068
2069 d_printf("%s%s", trusting_dom_names[i], padding);
2070
2071 /* connect to remote domain controller */
2072 remote_cli = net_make_ipc_connection(NET_FLAGS_PDC | NET_FLAGS_ANONYMOUS);
2073 if (remote_cli) {
2074 /* query for domain's sid */
2075 if (run_rpc_command(remote_cli, PIPE_LSARPC, 0, rpc_query_domain_sid, argc, argv))
2076 d_printf("couldn't get domain's sid\n");
2077
2078 cli_shutdown(remote_cli);
2079
2080 } else {
2081 d_printf("domain controller is not responding\n");
2082 };
2083 };
2084
2085 if (!num_domains) d_printf("none\n");
2086
2087 } while (NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES));
2088
2089 /* close opened samr and domain policy handles */
2090 nt_status = cli_samr_close(cli, mem_ctx, &domain_hnd);
2091 if (!NT_STATUS_IS_OK(nt_status)) {
2092 DEBUG(0, ("Couldn't properly close domain policy handle for domain %s\n", domain_name));
2093 };
2094
2095 nt_status = cli_samr_close(cli, mem_ctx, &connect_hnd);
2096 if (!NT_STATUS_IS_OK(nt_status)) {
2097 DEBUG(0, ("Couldn't properly close samr policy handle for domain %s\n", domain_name));
2098 };
2099
2100 /* close samr pipe and connection to IPC$ */
2101 cli_nt_session_close(cli);
2102 cli_shutdown(cli);
2103
2104 talloc_destroy(mem_ctx);
2105 return 0;
2106 }
2107
2108 /**
2109 * Entrypoint for 'net rpc trustdom' code
2110 *
2111 * @param argc standard argc
2112 * @param argv standard argv without initial components
2113 *
2114 * @return Integer status (0 means success)
2115 */
2116
2117 static int rpc_trustdom(int argc, const char **argv)
2118 {
2119 struct functable func[] = {
2120 {"add", rpc_trustdom_add},
2121 {"del", rpc_trustdom_del},
2122 {"establish", rpc_trustdom_establish},
2123 {"revoke", rpc_trustdom_revoke},
2124 {"help", rpc_trustdom_usage},
2125 {"list", rpc_trustdom_list},
2126 {NULL, NULL}
2127 };
2128
2129 if (argc == 0) {
2130 rpc_trustdom_usage(argc, argv);
2131 return -1;
2132 }
2133
2134 return (net_run_function(argc, argv, func, rpc_user_usage));
2135 }
2136
2137 /**
2138 * Check if a server will take rpc commands
2139 * @param flags Type of server to connect to (PDC, DMB, localhost)
2140 * if the host is not explicitly specified
2141 * @return BOOL (true means rpc supported)
2142 */
2143 BOOL net_rpc_check(unsigned flags)
2144 {
2145 struct cli_state cli;
2146 BOOL ret = False;
2147 struct in_addr server_ip;
2148 char *server_name = NULL;
2149
2150 /* flags (i.e. server type) may depend on command */
2151 if (!net_find_server(flags, &server_ip, &server_name))
2152 return False;
2153
2154 ZERO_STRUCT(cli);
2155 if (cli_initialise(&cli) == False)
2156 return False;
2157
2158 if (!cli_connect(&cli, server_name, &server_ip))
2159 goto done;
2160 if (!attempt_netbios_session_request(&cli, global_myname,
2161 server_name, &server_ip))
2162 goto done;
2163 if (!cli_negprot(&cli))
2164 goto done;
2165 if (cli.protocol < PROTOCOL_NT1)
2166 goto done;
2167
2168 ret = True;
2169 done:
2170 cli_shutdown(&cli);
2171 return ret;
2172 }
2173
2174
2175 /****************************************************************************/
2176
2177
2178 /**
2179 * Basic usage function for 'net rpc'
2180 * @param argc Standard main() style argc
2181 * @param argv Standard main() style argv. Initial components are already
2182 * stripped
2183 **/
2184
2185 int net_rpc_usage(int argc, const char **argv)
2186 {
2187 d_printf(" net rpc info \t\t\tshow basic info about a domain \n");
2188 d_printf(" net rpc join \t\t\tto join a domain \n");
2189 d_printf(" net rpc testjoin \t\ttests that a join is valid\n");
2190 d_printf(" net rpc user \t\t\tto add, delete and list users\n");
2191 d_printf(" net rpc group \t\tto list groups\n");
2192 d_printf(" net rpc share \t\tto add, delete, and list shares\n");
2193 d_printf(" net rpc file \t\t\tto list open files\n");
2194 d_printf(" net rpc changetrustpw \tto change the trust account password\n");
2195 d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n");
2196 d_printf(" net rpc trustdom \t\tto create trusting domain's account\n"
2197 "\t\t\t\t\tor establish trust\n");
2198 d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n");
2199 d_printf(" net rpc shutdown \t\tto shutdown a remote server\n");
2200 d_printf("\n");
2201 d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */
2202 d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n");
2203 d_printf("\t-f or --force\trequest the remote server force its shutdown\n");
2204 d_printf("\t-t or --timeout=<timeout>\tnumber of seconds before shutdown\n");
2205 d_printf("\t-c or --comment=<message>\ttext message to display on impending shutdown\n");
2206 return -1;
2207 }
2208
2209
2210 /**
2211 * Help function for 'net rpc'. Calls command specific help if requested
2212 * or displays usage of net rpc
2213 * @param argc Standard main() style argc
2214 * @param argv Standard main() style argv. Initial components are already
2215 * stripped
2216 **/
2217
2218 int net_rpc_help(int argc, const char **argv)
2219 {
2220 struct functable func[] = {
2221 {"join", rpc_join_usage},
2222 {"user", rpc_user_usage},
2223 {"group", rpc_group_usage},
2224 {"share", rpc_share_usage},
2225 /*{"changetrustpw", rpc_changetrustpw_usage}, */
2226 {"trustdom", rpc_trustdom_usage},
2227 /*{"abortshutdown", rpc_shutdown_abort_usage},*/
2228 /*{"shutdown", rpc_shutdown_usage}, */
2229 {NULL, NULL}
2230 };
2231
2232 if (argc == 0) {
2233 net_rpc_usage(argc, argv);
2234 return -1;
2235 }
2236
2237 return (net_run_function(argc, argv, func, rpc_user_usage));
2238 }
2239
2240
2241 /**
2242 * 'net rpc' entrypoint.
2243 * @param argc Standard main() style argc
2244 * @param argv Standard main() style argv. Initial components are already
2245 * stripped
2246 **/
2247
2248 int net_rpc(int argc, const char **argv)
2249 {
2250 struct functable func[] = {
2251 {"info", net_rpc_info},
2252 {"join", net_rpc_join},
2253 {"testjoin", net_rpc_testjoin},
2254 {"user", net_rpc_user},
2255 {"group", net_rpc_group},
2256 {"share", net_rpc_share},
2257 {"file", net_rpc_file},
2258 {"changetrustpw", rpc_changetrustpw},
2259 {"trustdom", rpc_trustdom},
2260 {"abortshutdown", rpc_shutdown_abort},
2261 {"shutdown", rpc_shutdown},
2262 {"samdump", rpc_samdump},
2263 {"vampire", rpc_samdump},
2264 {"getsid", net_rpc_getsid},
2265 {"help", net_rpc_help},
2266 {NULL, NULL}
2267 };
2268 return net_run_function(argc, argv, func, net_rpc_usage);
2269 }
Samba GIT mirror