search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ldb: comment for ldb_dn_compare_base
[Samba.git] / source3 / rpcclient / cmd_netlogon.c
blobbb5b9dafed4f740ecbc934c7676f91c9990cdf15
1 /*
2 Unix SMB/CIFS implementation.
3 RPC pipe client
4
5 Copyright (C) Tim Potter 2000
6 Copyright (C) Guenther Deschner 2008
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "rpcclient.h"
24 #include "../libcli/auth/libcli_auth.h"
25 #include "../librpc/gen_ndr/ndr_netlogon.h"
26 #include "../librpc/gen_ndr/ndr_netlogon_c.h"
27 #include "rpc_client/cli_netlogon.h"
28 #include "secrets.h"
29 #include "../libcli/auth/netlogon_creds_cli.h"
30 #include "rpc_client/util_netlogon.h"
31
32 static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli,
33 TALLOC_CTX *mem_ctx, int argc,
34 const char **argv)
35 {
36 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
37 WERROR werr;
38 const char *logon_server = cli->desthost;
39 enum netr_LogonControlCode function_code = NETLOGON_CONTROL_REDISCOVER;
40 uint32_t level = 1;
41 union netr_CONTROL_DATA_INFORMATION data;
42 union netr_CONTROL_QUERY_INFORMATION query;
43 const char *domain = lp_workgroup();
44 struct dcerpc_binding_handle *b = cli->binding_handle;
45 int i;
46 #define fn_code_level(x, item) { x, #x, #item }
47 struct {
48 enum netr_LogonControlCode code;
49 const char *name;
50 const char *argument;
51 } supported_levels[] = {
52 fn_code_level(NETLOGON_CONTROL_REDISCOVER, domain),
53 fn_code_level(NETLOGON_CONTROL_TC_QUERY, domain),
54 fn_code_level(NETLOGON_CONTROL_TRANSPORT_NOTIFY, domain),
55 fn_code_level(NETLOGON_CONTROL_FIND_USER, user),
56 fn_code_level(NETLOGON_CONTROL_CHANGE_PASSWORD, domain),
57 fn_code_level(NETLOGON_CONTROL_TC_VERIFY, domain),
58 fn_code_level(NETLOGON_CONTROL_SET_DBFLAG, debug_level),
59 {0, 0, 0}
60 };
61 #undef fn_code_level
62 if ((argc > 5) || (argc < 2)) {
63 fprintf(stderr, "Usage: %s <logon_server> <function_code> "
64 "<level:1..4> <argument>\n", argv[0]);
65 fprintf(stderr, "Supported combinations:\n");
66 fprintf(stderr, "function_code\targument\n");
67 for(i=0; supported_levels[i].code; i++) {
68 fprintf(stderr, "%7d\t\t%s\t(%s)\n",
69 supported_levels[i].code,
70 supported_levels[i].argument,
71 supported_levels[i].name);
72 }
73 return WERR_OK;
74 }
75
76 if (argc >= 2) {
77 logon_server = argv[1];
78 }
79
80 if (argc >= 3) {
81 function_code = atoi(argv[2]);
82 }
83
84 if (argc >= 4) {
85 level = atoi(argv[3]);
86 }
87
88 if (argc >= 5) {
89 domain = argv[4];
90 }
91
92 switch (function_code) {
93 case NETLOGON_CONTROL_REDISCOVER:
94 case NETLOGON_CONTROL_TC_QUERY:
95 case NETLOGON_CONTROL_CHANGE_PASSWORD:
96 case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
97 case NETLOGON_CONTROL_TC_VERIFY:
98 data.domain = domain;
99 break;
100 case NETLOGON_CONTROL_FIND_USER:
101 data.user = domain;
102 break;
103 case NETLOGON_CONTROL_SET_DBFLAG:
104 data.debug_level = atoi(domain);
105 break;
106 default:
107 break;
108 }
109
110 status = dcerpc_netr_LogonControl2(b, mem_ctx,
111 logon_server,
112 function_code,
113 level,
114 &data,
115 &query,
116 &werr);
117 if (!NT_STATUS_IS_OK(status)) {
118 return ntstatus_to_werror(status);
119 }
120
121 if (!W_ERROR_IS_OK(werr)) {
122 return werr;
123 }
124
125 /* Display results */
126
127 return werr;
128 }
129
130 static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli,
131 TALLOC_CTX *mem_ctx, int argc,
132 const char **argv)
133 {
134 const char *dcname = NULL;
135 WERROR werr;
136 NTSTATUS status;
137 int old_timeout;
138 struct dcerpc_binding_handle *b = cli->binding_handle;
139
140 if (argc != 2) {
141 fprintf(stderr, "Usage: %s domainname\n", argv[0]);
142 return WERR_OK;
143 }
144
145 /* Make sure to wait for our DC's reply */
146 old_timeout = rpccli_set_timeout(cli, 30000); /* 30 seconds. */
147 rpccli_set_timeout(cli, MAX(old_timeout, 30000)); /* At least 30 sec */
148
149 status = dcerpc_netr_GetAnyDCName(b, mem_ctx,
150 cli->desthost,
151 argv[1],
152 &dcname,
153 &werr);
154 rpccli_set_timeout(cli, old_timeout);
155
156 if (!NT_STATUS_IS_OK(status)) {
157 return ntstatus_to_werror(status);
158 }
159
160 if (!W_ERROR_IS_OK(werr)) {
161 return werr;
162 }
163
164 /* Display results */
165
166 printf("%s\n", dcname);
167
168 return werr;
169 }
170
171 static WERROR cmd_netlogon_getdcname(struct rpc_pipe_client *cli,
172 TALLOC_CTX *mem_ctx, int argc,
173 const char **argv)
174 {
175 const char *dcname = NULL;
176 NTSTATUS status;
177 WERROR werr;
178 int old_timeout;
179 struct dcerpc_binding_handle *b = cli->binding_handle;
180
181 if (argc != 2) {
182 fprintf(stderr, "Usage: %s domainname\n", argv[0]);
183 return WERR_OK;
184 }
185
186 /* Make sure to wait for our DC's reply */
187 old_timeout = rpccli_set_timeout(cli, 30000); /* 30 seconds. */
188 rpccli_set_timeout(cli, MAX(30000, old_timeout)); /* At least 30 sec */
189
190 status = dcerpc_netr_GetDcName(b, mem_ctx,
191 cli->desthost,
192 argv[1],
193 &dcname,
194 &werr);
195 rpccli_set_timeout(cli, old_timeout);
196
197 if (!NT_STATUS_IS_OK(status)) {
198 return ntstatus_to_werror(status);
199 }
200
201 if (!W_ERROR_IS_OK(werr)) {
202 return werr;
203 }
204
205 /* Display results */
206
207 printf("%s\n", dcname);
208
209 return werr;
210 }
211
212 static WERROR cmd_netlogon_dsr_getdcname(struct rpc_pipe_client *cli,
213 TALLOC_CTX *mem_ctx, int argc,
214 const char **argv)
215 {
216 NTSTATUS result;
217 WERROR werr = WERR_OK;
218 uint32_t flags = DS_RETURN_DNS_NAME;
219 const char *server_name = cli->desthost;
220 const char *domain_name = NULL;
221 struct GUID domain_guid = GUID_zero();
222 struct GUID site_guid = GUID_zero();
223 struct netr_DsRGetDCNameInfo *info = NULL;
224 struct dcerpc_binding_handle *b = cli->binding_handle;
225
226 if (argc < 2) {
227 fprintf(stderr, "Usage: %s [domain_name] [domain_guid] "
228 "[site_guid] [flags]\n", argv[0]);
229 return WERR_OK;
230 }
231
232 if (argc >= 2)
233 domain_name = argv[1];
234
235 if (argc >= 3) {
236 if (!NT_STATUS_IS_OK(GUID_from_string(argv[2], &domain_guid))) {
237 return WERR_NOT_ENOUGH_MEMORY;
238 }
239 }
240
241 if (argc >= 4) {
242 if (!NT_STATUS_IS_OK(GUID_from_string(argv[3], &site_guid))) {
243 return WERR_NOT_ENOUGH_MEMORY;
244 }
245 }
246
247 if (argc >= 5)
248 sscanf(argv[4], "%x", &flags);
249
250 result = dcerpc_netr_DsRGetDCName(b, mem_ctx,
251 server_name,
252 domain_name,
253 &domain_guid,
254 &site_guid,
255 flags,
256 &info,
257 &werr);
258 if (!NT_STATUS_IS_OK(result)) {
259 return ntstatus_to_werror(result);
260 }
261
262 if (W_ERROR_IS_OK(werr)) {
263 d_printf("DsGetDcName gave: %s\n",
264 NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
265 return WERR_OK;
266 }
267
268 printf("rpccli_netlogon_dsr_getdcname returned %s\n",
269 win_errstr(werr));
270
271 return werr;
272 }
273
274 static WERROR cmd_netlogon_dsr_getdcnameex(struct rpc_pipe_client *cli,
275 TALLOC_CTX *mem_ctx, int argc,
276 const char **argv)
277 {
278 WERROR result;
279 NTSTATUS status;
280 uint32_t flags = DS_RETURN_DNS_NAME;
281 const char *server_name = cli->desthost;
282 const char *domain_name;
283 const char *site_name = NULL;
284 struct GUID domain_guid = GUID_zero();
285 struct netr_DsRGetDCNameInfo *info = NULL;
286 struct dcerpc_binding_handle *b = cli->binding_handle;
287
288 if (argc < 2) {
289 fprintf(stderr, "Usage: %s [domain_name] [domain_guid] "
290 "[site_name] [flags]\n", argv[0]);
291 return WERR_OK;
292 }
293
294 domain_name = argv[1];
295
296 if (argc >= 3) {
297 if (!NT_STATUS_IS_OK(GUID_from_string(argv[2], &domain_guid))) {
298 return WERR_NOT_ENOUGH_MEMORY;
299 }
300 }
301
302 if (argc >= 4) {
303 site_name = argv[3];
304 }
305
306 if (argc >= 5) {
307 sscanf(argv[4], "%x", &flags);
308 }
309
310 status = dcerpc_netr_DsRGetDCNameEx(b, mem_ctx,
311 server_name,
312 domain_name,
313 &domain_guid,
314 site_name,
315 flags,
316 &info,
317 &result);
318 if (!NT_STATUS_IS_OK(status)) {
319 return ntstatus_to_werror(status);
320 }
321
322 if (!W_ERROR_IS_OK(result)) {
323 return result;
324 }
325
326 d_printf("DsRGetDCNameEx gave %s\n",
327 NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
328
329 return result;
330 }
331
332 static WERROR cmd_netlogon_dsr_getdcnameex2(struct rpc_pipe_client *cli,
333 TALLOC_CTX *mem_ctx, int argc,
334 const char **argv)
335 {
336 WERROR result;
337 NTSTATUS status;
338 uint32_t flags = DS_RETURN_DNS_NAME;
339 const char *server_name = cli->desthost;
340 const char *domain_name = NULL;
341 const char *client_account = NULL;
342 uint32_t mask = 0;
343 const char *site_name = NULL;
344 struct GUID domain_guid = GUID_zero();
345 struct netr_DsRGetDCNameInfo *info = NULL;
346 struct dcerpc_binding_handle *b = cli->binding_handle;
347
348 if (argc < 2) {
349 fprintf(stderr, "Usage: %s [client_account] [acb_mask] "
350 "[domain_name] [domain_guid] [site_name] "
351 "[flags]\n", argv[0]);
352 return WERR_OK;
353 }
354
355 if (argc >= 2) {
356 client_account = argv[1];
357 }
358
359 if (argc >= 3) {
360 mask = atoi(argv[2]);
361 }
362
363 if (argc >= 4) {
364 domain_name = argv[3];
365 }
366
367 if (argc >= 5) {
368 if (!NT_STATUS_IS_OK(GUID_from_string(argv[4], &domain_guid))) {
369 return WERR_NOT_ENOUGH_MEMORY;
370 }
371 }
372
373 if (argc >= 6) {
374 site_name = argv[5];
375 }
376
377 if (argc >= 7) {
378 sscanf(argv[6], "%x", &flags);
379 }
380
381 status = dcerpc_netr_DsRGetDCNameEx2(b, mem_ctx,
382 server_name,
383 client_account,
384 mask,
385 domain_name,
386 &domain_guid,
387 site_name,
388 flags,
389 &info,
390 &result);
391 if (!NT_STATUS_IS_OK(status)) {
392 return ntstatus_to_werror(status);
393 }
394
395 if (!W_ERROR_IS_OK(result)) {
396 return result;
397 }
398
399 d_printf("DsRGetDCNameEx2 gave %s\n",
400 NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
401
402 return result;
403 }
404
405
406 static WERROR cmd_netlogon_dsr_getsitename(struct rpc_pipe_client *cli,
407 TALLOC_CTX *mem_ctx, int argc,
408 const char **argv)
409 {
410 WERROR werr;
411 NTSTATUS status;
412 const char *sitename = NULL;
413 struct dcerpc_binding_handle *b = cli->binding_handle;
414
415 if (argc != 2) {
416 fprintf(stderr, "Usage: %s computername\n", argv[0]);
417 return WERR_OK;
418 }
419
420 status = dcerpc_netr_DsRGetSiteName(b, mem_ctx,
421 argv[1],
422 &sitename,
423 &werr);
424 if (!NT_STATUS_IS_OK(status)) {
425 return ntstatus_to_werror(status);
426 }
427
428 if (!W_ERROR_IS_OK(werr)) {
429 printf("rpccli_netlogon_dsr_gesitename returned %s\n",
430 nt_errstr(werror_to_ntstatus(werr)));
431 return werr;
432 }
433
434 printf("Computer %s is on Site: %s\n", argv[1], sitename);
435
436 return WERR_OK;
437 }
438
439 static WERROR cmd_netlogon_logon_ctrl(struct rpc_pipe_client *cli,
440 TALLOC_CTX *mem_ctx, int argc,
441 const char **argv)
442 {
443 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
444 WERROR werr;
445 const char *logon_server = cli->desthost;
446 enum netr_LogonControlCode function_code = 1;
447 uint32_t level = 1;
448 union netr_CONTROL_QUERY_INFORMATION info;
449 struct dcerpc_binding_handle *b = cli->binding_handle;
450
451 if (argc > 4) {
452 fprintf(stderr, "Usage: %s <logon_server> <function_code> "
453 "<level>\n", argv[0]);
454 return WERR_OK;
455 }
456
457 if (argc >= 2) {
458 logon_server = argv[1];
459 }
460
461 if (argc >= 3) {
462 function_code = atoi(argv[2]);
463 }
464
465 if (argc >= 4) {
466 level = atoi(argv[3]);
467 }
468
469 status = dcerpc_netr_LogonControl(b, mem_ctx,
470 logon_server,
471 function_code,
472 level,
473 &info,
474 &werr);
475 if (!NT_STATUS_IS_OK(status)) {
476 return ntstatus_to_werror(status);
477 }
478
479 if (!W_ERROR_IS_OK(werr)) {
480 return werr;
481 }
482
483 /* Display results */
484
485 return werr;
486 }
487
488 /* Log on a domain user */
489
490 static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli,
491 TALLOC_CTX *mem_ctx, int argc,
492 const char **argv)
493 {
494 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
495 int logon_type = NetlogonNetworkInformation;
496 const char *username, *password;
497 uint32_t logon_param = 0;
498 const char *workstation = NULL;
499 struct netr_SamInfo3 *info3 = NULL;
500 uint8_t authoritative = 1;
501 uint32_t flags = 0;
502 uint16_t validation_level;
503 union netr_Validation *validation = NULL;
504 uint64_t logon_id = 0;
505
506 /* Check arguments */
507
508 if (argc < 3 || argc > 6) {
509 fprintf(stderr, "Usage: samlogon <username> <password> [workstation]"
510 "[logon_type (1 or 2)] [logon_parameter]\n");
511 return NT_STATUS_OK;
512 }
513
514 username = argv[1];
515 password = argv[2];
516
517 if (argc >= 4)
518 workstation = argv[3];
519
520 if (argc >= 5)
521 sscanf(argv[4], "%i", &logon_type);
522
523 if (argc == 6)
524 sscanf(argv[5], "%x", &logon_param);
525
526 if (rpcclient_netlogon_creds == NULL) {
527 result = NT_STATUS_UNSUCCESSFUL;
528 goto done;
529 }
530 logon_id = generate_random_u64();
531
532 /* Perform the sam logon */
533
534 result = rpccli_netlogon_password_logon(rpcclient_netlogon_creds,
535 cli->binding_handle,
536 mem_ctx,
537 logon_param,
538 lp_workgroup(),
539 username,
540 password,
541 workstation,
542 logon_id,
543 logon_type,
544 &authoritative,
545 &flags,
546 &validation_level,
547 &validation);
548 if (!NT_STATUS_IS_OK(result))
549 goto done;
550
551 result = map_validation_to_info3(mem_ctx,
552 validation_level,
553 validation,
554 &info3);
555 if (!NT_STATUS_IS_OK(result)) {
556 return result;
557 }
558
559 done:
560 return result;
561 }
562
563 /* Change the trust account password */
564
565 static NTSTATUS cmd_netlogon_change_trust_pw(struct rpc_pipe_client *cli,
566 TALLOC_CTX *mem_ctx, int argc,
567 const char **argv)
568 {
569 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
570 const char *dcname = cli->desthost;
571
572 /* Check arguments */
573
574 if (argc > 1) {
575 fprintf(stderr, "Usage: change_trust_pw");
576 return NT_STATUS_OK;
577 }
578
579 result = trust_pw_change(rpcclient_netlogon_creds,
580 rpcclient_msg_ctx,
581 cli->binding_handle,
582 lp_workgroup(),
583 dcname,
584 true); /* force */
585 if (!NT_STATUS_IS_OK(result))
586 goto done;
587
588 done:
589 return result;
590 }
591
592 static WERROR cmd_netlogon_gettrustrid(struct rpc_pipe_client *cli,
593 TALLOC_CTX *mem_ctx, int argc,
594 const char **argv)
595 {
596 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
597 WERROR werr = WERR_GEN_FAILURE;
598 const char *server_name = cli->desthost;
599 const char *domain_name = lp_workgroup();
600 uint32_t rid = 0;
601 struct dcerpc_binding_handle *b = cli->binding_handle;
602
603 if (argc < 1 || argc > 3) {
604 fprintf(stderr, "Usage: %s <server_name> <domain_name>\n",
605 argv[0]);
606 return WERR_OK;
607 }
608
609 if (argc >= 2) {
610 server_name = argv[1];
611 }
612
613 if (argc >= 3) {
614 domain_name = argv[2];
615 }
616
617 status = dcerpc_netr_LogonGetTrustRid(b, mem_ctx,
618 server_name,
619 domain_name,
620 &rid,
621 &werr);
622 if (!NT_STATUS_IS_OK(status)) {
623 werr = ntstatus_to_werror(status);
624 goto done;
625 }
626
627 if (W_ERROR_IS_OK(werr)) {
628 printf("Rid: %d\n", rid);
629 }
630 done:
631 return werr;
632 }
633
634 static WERROR cmd_netlogon_dsr_enumtrustdom(struct rpc_pipe_client *cli,
635 TALLOC_CTX *mem_ctx, int argc,
636 const char **argv)
637 {
638 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
639 WERROR werr = WERR_GEN_FAILURE;
640 const char *server_name = cli->desthost;
641 uint32_t trust_flags = NETR_TRUST_FLAG_IN_FOREST;
642 struct netr_DomainTrustList trusts;
643 struct dcerpc_binding_handle *b = cli->binding_handle;
644
645 if (argc < 1 || argc > 3) {
646 fprintf(stderr, "Usage: %s <server_name> <trust_flags>\n",
647 argv[0]);
648 return WERR_OK;
649 }
650
651 if (argc >= 2) {
652 server_name = argv[1];
653 }
654
655 if (argc >= 3) {
656 sscanf(argv[2], "%x", &trust_flags);
657 }
658
659 status = dcerpc_netr_DsrEnumerateDomainTrusts(b, mem_ctx,
660 server_name,
661 trust_flags,
662 &trusts,
663 &werr);
664 if (!NT_STATUS_IS_OK(status)) {
665 werr = ntstatus_to_werror(status);
666 goto done;
667 }
668
669 if (W_ERROR_IS_OK(werr)) {
670 int i;
671
672 printf("%d domains returned\n", trusts.count);
673
674 for (i=0; i<trusts.count; i++ ) {
675 printf("%s (%s)\n",
676 trusts.array[i].dns_name,
677 trusts.array[i].netbios_name);
678 }
679 }
680 done:
681 return werr;
682 }
683
684 static WERROR cmd_netlogon_deregisterdnsrecords(struct rpc_pipe_client *cli,
685 TALLOC_CTX *mem_ctx, int argc,
686 const char **argv)
687 {
688 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
689 WERROR werr = WERR_GEN_FAILURE;
690 const char *server_name = cli->desthost;
691 const char *domain = lp_workgroup();
692 const char *dns_host = NULL;
693 struct dcerpc_binding_handle *b = cli->binding_handle;
694
695 if (argc < 1 || argc > 4) {
696 fprintf(stderr, "Usage: %s <server_name> <domain_name> "
697 "<dns_host>\n", argv[0]);
698 return WERR_OK;
699 }
700
701 if (argc >= 2) {
702 server_name = argv[1];
703 }
704
705 if (argc >= 3) {
706 domain = argv[2];
707 }
708
709 if (argc >= 4) {
710 dns_host = argv[3];
711 }
712
713 status = dcerpc_netr_DsrDeregisterDNSHostRecords(b, mem_ctx,
714 server_name,
715 domain,
716 NULL,
717 NULL,
718 dns_host,
719 &werr);
720 if (!NT_STATUS_IS_OK(status)) {
721 werr = ntstatus_to_werror(status);
722 goto done;
723 }
724
725 if (W_ERROR_IS_OK(werr)) {
726 printf("success\n");
727 }
728 done:
729 return werr;
730 }
731
732 static WERROR cmd_netlogon_dsr_getforesttrustinfo(struct rpc_pipe_client *cli,
733 TALLOC_CTX *mem_ctx, int argc,
734 const char **argv)
735 {
736 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
737 WERROR werr = WERR_GEN_FAILURE;
738 const char *server_name = cli->desthost;
739 const char *trusted_domain_name = NULL;
740 struct lsa_ForestTrustInformation *info = NULL;
741 uint32_t flags = 0;
742 struct dcerpc_binding_handle *b = cli->binding_handle;
743
744 if (argc < 1 || argc > 4) {
745 fprintf(stderr, "Usage: %s <server_name> <trusted_domain_name> "
746 "<flags>\n", argv[0]);
747 return WERR_OK;
748 }
749
750 if (argc >= 2) {
751 server_name = argv[1];
752 }
753
754 if (argc >= 3) {
755 trusted_domain_name = argv[2];
756 }
757
758 if (argc >= 4) {
759 sscanf(argv[3], "%x", &flags);
760 }
761
762 status = dcerpc_netr_DsRGetForestTrustInformation(b, mem_ctx,
763 server_name,
764 trusted_domain_name,
765 flags,
766 &info,
767 &werr);
768 if (!NT_STATUS_IS_OK(status)) {
769 werr = ntstatus_to_werror(status);
770 goto done;
771 }
772
773 if (W_ERROR_IS_OK(werr)) {
774 printf("success\n");
775 }
776 done:
777 return werr;
778 }
779
780 static NTSTATUS cmd_netlogon_enumtrusteddomains(struct rpc_pipe_client *cli,
781 TALLOC_CTX *mem_ctx, int argc,
782 const char **argv)
783 {
784 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
785 NTSTATUS result;
786 const char *server_name = cli->desthost;
787 struct netr_Blob blob;
788 struct dcerpc_binding_handle *b = cli->binding_handle;
789
790
791 if (argc < 1 || argc > 3) {
792 fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
793 return NT_STATUS_OK;
794 }
795
796 if (argc >= 2) {
797 server_name = argv[1];
798 }
799
800 status = dcerpc_netr_NetrEnumerateTrustedDomains(b, mem_ctx,
801 server_name,
802 &blob,
803 &result);
804 if (!NT_STATUS_IS_OK(status)) {
805 goto done;
806 }
807
808 if (!NT_STATUS_IS_OK(result)) {
809 status = result;
810 goto done;
811 }
812
813 printf("success\n");
814 dump_data(1, blob.data, blob.length);
815 done:
816 return status;
817 }
818
819 static WERROR cmd_netlogon_enumtrusteddomainsex(struct rpc_pipe_client *cli,
820 TALLOC_CTX *mem_ctx, int argc,
821 const char **argv)
822 {
823 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
824 WERROR werr = WERR_GEN_FAILURE;
825 const char *server_name = cli->desthost;
826 struct netr_DomainTrustList list;
827 struct dcerpc_binding_handle *b = cli->binding_handle;
828
829 if (argc < 1 || argc > 3) {
830 fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
831 return WERR_OK;
832 }
833
834 if (argc >= 2) {
835 server_name = argv[1];
836 }
837
838 status = dcerpc_netr_NetrEnumerateTrustedDomainsEx(b, mem_ctx,
839 server_name,
840 &list,
841 &werr);
842 if (!NT_STATUS_IS_OK(status)) {
843 werr = ntstatus_to_werror(status);
844 goto done;
845 }
846
847 if (W_ERROR_IS_OK(werr)) {
848 printf("success\n");
849 }
850 done:
851 return werr;
852 }
853
854 static WERROR cmd_netlogon_getdcsitecoverage(struct rpc_pipe_client *cli,
855 TALLOC_CTX *mem_ctx, int argc,
856 const char **argv)
857 {
858 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
859 WERROR werr = WERR_GEN_FAILURE;
860 const char *server_name = cli->desthost;
861 struct DcSitesCtr *ctr = NULL;
862 struct dcerpc_binding_handle *b = cli->binding_handle;
863
864 if (argc < 1 || argc > 3) {
865 fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
866 return WERR_OK;
867 }
868
869 if (argc >= 2) {
870 server_name = argv[1];
871 }
872
873 status = dcerpc_netr_DsrGetDcSiteCoverageW(b, mem_ctx,
874 server_name,
875 &ctr,
876 &werr);
877 if (!NT_STATUS_IS_OK(status)) {
878 werr = ntstatus_to_werror(status);
879 goto done;
880 }
881
882 if (W_ERROR_IS_OK(werr) && ctr->num_sites) {
883 int i;
884 printf("sites covered by this DC: %d\n", ctr->num_sites);
885 for (i=0; i<ctr->num_sites; i++) {
886 printf("%s\n", ctr->sites[i].string);
887 }
888 }
889 done:
890 return werr;
891 }
892
893 static NTSTATUS cmd_netlogon_capabilities(struct rpc_pipe_client *cli,
894 TALLOC_CTX *mem_ctx, int argc,
895 const char **argv)
896 {
897 struct netlogon_creds_cli_lck *lck;
898 union netr_Capabilities capabilities;
899 NTSTATUS status;
900
901 if (argc > 1) {
902 fprintf(stderr, "Usage: %s\n", argv[0]);
903 return NT_STATUS_OK;
904 }
905
906 status = netlogon_creds_cli_lck(rpcclient_netlogon_creds,
907 NETLOGON_CREDS_CLI_LCK_EXCLUSIVE,
908 mem_ctx, &lck);
909 if (!NT_STATUS_IS_OK(status)) {
910 fprintf(stderr, "netlogon_creds_cli_lck failed: %s\n",
911 nt_errstr(status));
912 return status;
913 }
914
915 status = netlogon_creds_cli_check(rpcclient_netlogon_creds,
916 cli->binding_handle,
917 &capabilities);
918 if (!NT_STATUS_IS_OK(status)) {
919 fprintf(stderr, "netlogon_creds_cli_check failed: %s\n",
920 nt_errstr(status));
921 return status;
922 }
923
924 TALLOC_FREE(lck);
925
926 printf("capabilities: 0x%08x\n", capabilities.server_capabilities);
927
928 return NT_STATUS_OK;
929 }
930
931 static NTSTATUS cmd_netlogon_logongetdomaininfo(struct rpc_pipe_client *cli,
932 TALLOC_CTX *mem_ctx, int argc,
933 const char **argv)
934 {
935 union netr_WorkstationInfo query;
936 struct netr_WorkstationInformation workstation_info;
937 union netr_DomainInfo *domain_info;
938 NTSTATUS status;
939 char *s;
940
941 if (argc > 1) {
942 fprintf(stderr, "Usage: %s\n", argv[0]);
943 return NT_STATUS_OK;
944 }
945
946 ZERO_STRUCT(workstation_info);
947
948 query.workstation_info = &workstation_info;
949
950 status = netlogon_creds_cli_LogonGetDomainInfo(rpcclient_netlogon_creds,
951 cli->binding_handle,
952 mem_ctx,
953 1,
954 &query,
955 &domain_info);
956 if (!NT_STATUS_IS_OK(status)) {
957 fprintf(stderr, "netlogon_creds_cli_LogonGetDomainInfo failed: %s\n",
958 nt_errstr(status));
959 return status;
960 }
961
962 s = NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DomainInformation, domain_info->domain_info);
963 if (s) {
964 printf("%s\n", s);
965 TALLOC_FREE(s);
966 }
967
968 return NT_STATUS_OK;
969 }
970
971 /* List of commands exported by this module */
972
973 struct cmd_set netlogon_commands[] = {
974
975 {
976 .name = "NETLOGON",
977 },
978
979 {
980 .name = "logonctrl2",
981 .returntype = RPC_RTYPE_WERROR,
982 .ntfn = NULL,
983 .wfn = cmd_netlogon_logon_ctrl2,
984 .table = &ndr_table_netlogon,
985 .rpc_pipe = NULL,
986 .description = "Logon Control 2",
987 .usage = "",
988 },
989 {
990 .name = "getanydcname",
991 .returntype = RPC_RTYPE_WERROR,
992 .ntfn = NULL,
993 .wfn = cmd_netlogon_getanydcname,
994 .table = &ndr_table_netlogon,
995 .rpc_pipe = NULL,
996 .description = "Get trusted DC name",
997 .usage = "",
998 },
999 {
1000 .name = "getdcname",
1001 .returntype = RPC_RTYPE_WERROR,
1002 .ntfn = NULL,
1003 .wfn = cmd_netlogon_getdcname,
1004 .table = &ndr_table_netlogon,
1005 .rpc_pipe = NULL,
1006 .description = "Get trusted PDC name",
1007 .usage = "",
1008 },
1009 {
1010 .name = "dsr_getdcname",
1011 .returntype = RPC_RTYPE_WERROR,
1012 .ntfn = NULL,
1013 .wfn = cmd_netlogon_dsr_getdcname,
1014 .table = &ndr_table_netlogon,
1015 .rpc_pipe = NULL,
1016 .description = "Get trusted DC name",
1017 .usage = "",
1018 },
1019 {
1020 .name = "dsr_getdcnameex",
1021 .returntype = RPC_RTYPE_WERROR,
1022 .ntfn = NULL,
1023 .wfn = cmd_netlogon_dsr_getdcnameex,
1024 .table = &ndr_table_netlogon,
1025 .rpc_pipe = NULL,
1026 .description = "Get trusted DC name",
1027 .usage = "",
1028 },
1029 {
1030 .name = "dsr_getdcnameex2",
1031 .returntype = RPC_RTYPE_WERROR,
1032 .ntfn = NULL,
1033 .wfn = cmd_netlogon_dsr_getdcnameex2,
1034 .table = &ndr_table_netlogon,
1035 .rpc_pipe = NULL,
1036 .description = "Get trusted DC name",
1037 .usage = "",
1038 },
1039 {
1040 .name = "dsr_getsitename",
1041 .returntype = RPC_RTYPE_WERROR,
1042 .ntfn = NULL,
1043 .wfn = cmd_netlogon_dsr_getsitename,
1044 .table = &ndr_table_netlogon,
1045 .rpc_pipe = NULL,
1046 .description = "Get sitename",
1047 .usage = "",
1048 },
1049 {
1050 .name = "dsr_getforesttrustinfo",
1051 .returntype = RPC_RTYPE_WERROR,
1052 .ntfn = NULL,
1053 .wfn = cmd_netlogon_dsr_getforesttrustinfo,
1054 .table = &ndr_table_netlogon,
1055 .rpc_pipe = NULL,
1056 .description = "Get Forest Trust Info",
1057 .usage = "",
1058 },
1059 {
1060 .name = "logonctrl",
1061 .returntype = RPC_RTYPE_WERROR,
1062 .ntfn = NULL,
1063 .wfn = cmd_netlogon_logon_ctrl,
1064 .table = &ndr_table_netlogon,
1065 .rpc_pipe = NULL,
1066 .description = "Logon Control",
1067 .usage = "",
1068 },
1069 {
1070 .name = "samlogon",
1071 .returntype = RPC_RTYPE_NTSTATUS,
1072 .ntfn = cmd_netlogon_sam_logon,
1073 .wfn = NULL,
1074 .table = &ndr_table_netlogon,
1075 .rpc_pipe = NULL,
1076 .description = "Sam Logon",
1077 .usage = "",
1078 .use_netlogon_creds = true,
1079 },
1080 {
1081 .name = "change_trust_pw",
1082 .returntype = RPC_RTYPE_NTSTATUS,
1083 .ntfn = cmd_netlogon_change_trust_pw,
1084 .wfn = NULL,
1085 .table = &ndr_table_netlogon,
1086 .rpc_pipe = NULL,
1087 .description = "Change Trust Account Password",
1088 .usage = "",
1089 .use_netlogon_creds = true,
1090 },
1091 {
1092 .name = "gettrustrid",
1093 .returntype = RPC_RTYPE_WERROR,
1094 .ntfn = NULL,
1095 .wfn = cmd_netlogon_gettrustrid,
1096 .table = &ndr_table_netlogon,
1097 .rpc_pipe = NULL,
1098 .description = "Get trust rid",
1099 .usage = "",
1100 },
1101 {
1102 .name = "dsr_enumtrustdom",
1103 .returntype = RPC_RTYPE_WERROR,
1104 .ntfn = NULL,
1105 .wfn = cmd_netlogon_dsr_enumtrustdom,
1106 .table = &ndr_table_netlogon,
1107 .rpc_pipe = NULL,
1108 .description = "Enumerate trusted domains",
1109 .usage = "",
1110 },
1111 {
1112 .name = "dsenumdomtrusts",
1113 .returntype = RPC_RTYPE_WERROR,
1114 .ntfn = NULL,
1115 .wfn = cmd_netlogon_dsr_enumtrustdom,
1116 .table = &ndr_table_netlogon,
1117 .rpc_pipe = NULL,
1118 .description = "Enumerate all trusted domains in an AD forest",
1119 .usage = "",
1120 },
1121 {
1122 .name = "deregisterdnsrecords",
1123 .returntype = RPC_RTYPE_WERROR,
1124 .ntfn = NULL,
1125 .wfn = cmd_netlogon_deregisterdnsrecords,
1126 .table = &ndr_table_netlogon,
1127 .rpc_pipe = NULL,
1128 .description = "Deregister DNS records",
1129 .usage = "",
1130 },
1131 {
1132 .name = "netrenumtrusteddomains",
1133 .returntype = RPC_RTYPE_NTSTATUS,
1134 .ntfn = cmd_netlogon_enumtrusteddomains,
1135 .wfn = NULL,
1136 .table = &ndr_table_netlogon,
1137 .rpc_pipe = NULL,
1138 .description = "Enumerate trusted domains",
1139 .usage = "",
1140 },
1141 {
1142 .name = "netrenumtrusteddomainsex",
1143 .returntype = RPC_RTYPE_WERROR,
1144 .ntfn = NULL,
1145 .wfn = cmd_netlogon_enumtrusteddomainsex,
1146 .table = &ndr_table_netlogon,
1147 .rpc_pipe = NULL,
1148 .description = "Enumerate trusted domains",
1149 .usage = "",
1150 },
1151 {
1152 .name = "getdcsitecoverage",
1153 .returntype = RPC_RTYPE_WERROR,
1154 .ntfn = NULL,
1155 .wfn = cmd_netlogon_getdcsitecoverage,
1156 .table = &ndr_table_netlogon,
1157 .rpc_pipe = NULL,
1158 .description = "Get the Site-Coverage from a DC",
1159 .usage = "",
1160 },
1161 {
1162 .name = "capabilities",
1163 .returntype = RPC_RTYPE_NTSTATUS,
1164 .ntfn = cmd_netlogon_capabilities,
1165 .wfn = NULL,
1166 .table = &ndr_table_netlogon,
1167 .rpc_pipe = NULL,
1168 .description = "Return Capabilities",
1169 .usage = "",
1170 .use_netlogon_creds = true,
1171 },
1172 {
1173 .name = "logongetdomaininfo",
1174 .returntype = RPC_RTYPE_NTSTATUS,
1175 .ntfn = cmd_netlogon_logongetdomaininfo,
1176 .wfn = NULL,
1177 .table = &ndr_table_netlogon,
1178 .rpc_pipe = NULL,
1179 .description = "Return LogonGetDomainInfo",
1180 .usage = "",
1181 .use_netlogon_creds = true,
1182 },
1183 {
1184 .name = NULL,
1185 }
1186 };
Samba GIT mirror