2 Unix SMB/CIFS implementation.
3 dump the remote SAM using rpc samsync operations
5 Copyright (C) Andrew Tridgell 2002
6 Copyright (C) Tim Potter 2001,2002
7 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2005
8 Modified by Volker Lendecke 2002
9 Copyright (C) Jeremy Allison 2005.
10 Copyright (C) Guenther Deschner 2008.
12 This program is free software; you can redistribute it and/or modify
13 it under the terms of the GNU General Public License as published by
14 the Free Software Foundation; either version 3 of the License, or
15 (at your option) any later version.
17 This program is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 GNU General Public License for more details.
22 You should have received a copy of the GNU General Public License
23 along with this program. If not, see <http://www.gnu.org/licenses/>.
27 #include "utils/net.h"
29 /* dump sam database via samsync rpc calls */
30 NTSTATUS
rpc_samdump_internals(struct net_context
*c
,
31 const DOM_SID
*domain_sid
,
32 const char *domain_name
,
33 struct cli_state
*cli
,
34 struct rpc_pipe_client
*pipe_hnd
,
39 struct samsync_context
*ctx
= NULL
;
42 status
= libnet_samsync_init_context(mem_ctx
,
45 if (!NT_STATUS_IS_OK(status
)) {
49 ctx
->mode
= NET_SAMSYNC_MODE_DUMP
;
51 ctx
->delta_fn
= display_sam_entries
;
52 ctx
->domain_name
= domain_name
;
54 libnet_samsync(SAM_DATABASE_DOMAIN
, ctx
);
56 libnet_samsync(SAM_DATABASE_BUILTIN
, ctx
);
58 libnet_samsync(SAM_DATABASE_PRIVS
, ctx
);
66 * Basic usage function for 'net rpc vampire'
68 * @param c A net_context structure
69 * @param argc Standard main() style argc
70 * @param argc Standard main() style argv. Initial components are already
74 int rpc_vampire_usage(struct net_context
*c
, int argc
, const char **argv
)
76 d_printf("net rpc vampire ([ldif [<ldif-filename>] | [keytab] [<keytab-filename]) [options]\n"
77 "\t to pull accounts from a remote PDC where we are a BDC\n"
78 "\t\t no args puts accounts in local passdb from smb.conf\n"
79 "\t\t ldif - put accounts in ldif format (file defaults to "
81 "\t\t keytab - put account passwords in krb5 keytab (defaults "
82 "to system keytab)\n");
84 net_common_flags_usage(c
, argc
, argv
);
89 /* dump sam database via samsync rpc calls */
90 NTSTATUS
rpc_vampire_internals(struct net_context
*c
,
91 const DOM_SID
*domain_sid
,
92 const char *domain_name
,
93 struct cli_state
*cli
,
94 struct rpc_pipe_client
*pipe_hnd
,
100 struct samsync_context
*ctx
= NULL
;
102 if (!sid_equal(domain_sid
, get_global_sam_sid())) {
103 d_printf("Cannot import users from %s at this time, "
104 "as the current domain:\n\t%s: %s\nconflicts "
105 "with the remote domain\n\t%s: %s\n"
106 "Perhaps you need to set: \n\n\tsecurity=user\n\t"
107 "workgroup=%s\n\n in your smb.conf?\n",
109 get_global_sam_name(),
110 sid_string_dbg(get_global_sam_sid()),
112 sid_string_dbg(domain_sid
),
114 return NT_STATUS_UNSUCCESSFUL
;
117 result
= libnet_samsync_init_context(mem_ctx
,
120 if (!NT_STATUS_IS_OK(result
)) {
124 ctx
->mode
= NET_SAMSYNC_MODE_FETCH_PASSDB
;
126 ctx
->delta_fn
= fetch_sam_entries
;
127 ctx
->domain_name
= domain_name
;
130 result
= libnet_samsync(SAM_DATABASE_DOMAIN
, ctx
);
132 if (!NT_STATUS_IS_OK(result
) && ctx
->error_message
) {
133 d_fprintf(stderr
, "%s\n", ctx
->error_message
);
137 if (ctx
->result_message
) {
138 d_fprintf(stdout
, "%s\n", ctx
->result_message
);
142 ctx
->domain_sid
= sid_dup_talloc(mem_ctx
, &global_sid_Builtin
);
143 ctx
->domain_sid_str
= sid_string_talloc(mem_ctx
, ctx
->domain_sid
);
144 result
= libnet_samsync(SAM_DATABASE_BUILTIN
, ctx
);
146 if (!NT_STATUS_IS_OK(result
) && ctx
->error_message
) {
147 d_fprintf(stderr
, "%s\n", ctx
->error_message
);
151 if (ctx
->result_message
) {
152 d_fprintf(stdout
, "%s\n", ctx
->result_message
);
160 NTSTATUS
rpc_vampire_ldif_internals(struct net_context
*c
,
161 const DOM_SID
*domain_sid
,
162 const char *domain_name
,
163 struct cli_state
*cli
,
164 struct rpc_pipe_client
*pipe_hnd
,
170 struct samsync_context
*ctx
= NULL
;
172 status
= libnet_samsync_init_context(mem_ctx
,
175 if (!NT_STATUS_IS_OK(status
)) {
180 ctx
->output_filename
= argv
[0];
183 ctx
->mode
= NET_SAMSYNC_MODE_FETCH_LDIF
;
185 ctx
->delta_fn
= fetch_sam_entries_ldif
;
186 ctx
->domain_name
= domain_name
;
189 status
= libnet_samsync(SAM_DATABASE_DOMAIN
, ctx
);
191 if (!NT_STATUS_IS_OK(status
) && ctx
->error_message
) {
192 d_fprintf(stderr
, "%s\n", ctx
->error_message
);
196 if (ctx
->result_message
) {
197 d_fprintf(stdout
, "%s\n", ctx
->result_message
);
201 ctx
->domain_sid
= sid_dup_talloc(mem_ctx
, &global_sid_Builtin
);
202 ctx
->domain_sid_str
= sid_string_talloc(mem_ctx
, ctx
->domain_sid
);
203 status
= libnet_samsync(SAM_DATABASE_BUILTIN
, ctx
);
205 if (!NT_STATUS_IS_OK(status
) && ctx
->error_message
) {
206 d_fprintf(stderr
, "%s\n", ctx
->error_message
);
210 if (ctx
->result_message
) {
211 d_fprintf(stdout
, "%s\n", ctx
->result_message
);
219 int rpc_vampire_ldif(struct net_context
*c
, int argc
, const char **argv
)
221 if (c
->display_usage
) {
223 "net rpc vampire ldif\n"
224 " Dump remote SAM database to LDIF file or stdout\n");
228 return run_rpc_command(c
, NULL
, &ndr_table_netlogon
.syntax_id
, 0,
229 rpc_vampire_ldif_internals
, argc
, argv
);
233 NTSTATUS
rpc_vampire_keytab_internals(struct net_context
*c
,
234 const DOM_SID
*domain_sid
,
235 const char *domain_name
,
236 struct cli_state
*cli
,
237 struct rpc_pipe_client
*pipe_hnd
,
243 struct samsync_context
*ctx
= NULL
;
245 status
= libnet_samsync_init_context(mem_ctx
,
248 if (!NT_STATUS_IS_OK(status
)) {
253 ctx
->output_filename
= argv
[0];
256 ctx
->mode
= NET_SAMSYNC_MODE_FETCH_KEYTAB
;
258 ctx
->delta_fn
= fetch_sam_entries_keytab
;
259 ctx
->domain_name
= domain_name
;
260 ctx
->username
= c
->opt_user_name
;
261 ctx
->password
= c
->opt_password
;
264 status
= libnet_samsync(SAM_DATABASE_DOMAIN
, ctx
);
266 if (!NT_STATUS_IS_OK(status
) && ctx
->error_message
) {
267 d_fprintf(stderr
, "%s\n", ctx
->error_message
);
271 if (ctx
->result_message
) {
272 d_fprintf(stdout
, "%s\n", ctx
->result_message
);
281 static NTSTATUS
rpc_vampire_keytab_ds_internals(struct net_context
*c
,
282 const DOM_SID
*domain_sid
,
283 const char *domain_name
,
284 struct cli_state
*cli
,
285 struct rpc_pipe_client
*pipe_hnd
,
291 struct dssync_context
*ctx
= NULL
;
293 status
= libnet_dssync_init_context(mem_ctx
,
295 if (!NT_STATUS_IS_OK(status
)) {
300 ctx
->output_filename
= argv
[0];
303 ctx
->object_dn
= argv
[1];
308 ctx
->domain_name
= domain_name
;
309 ctx
->ops
= &libnet_dssync_keytab_ops
;
311 status
= libnet_dssync(mem_ctx
, ctx
);
312 if (!NT_STATUS_IS_OK(status
) && ctx
->error_message
) {
313 d_fprintf(stderr
, "%s\n", ctx
->error_message
);
317 if (ctx
->result_message
) {
318 d_fprintf(stdout
, "%s\n", ctx
->result_message
);
328 * Basic function for 'net rpc vampire keytab'
330 * @param c A net_context structure
331 * @param argc Standard main() style argc
332 * @param argc Standard main() style argv. Initial components are already
336 int rpc_vampire_keytab(struct net_context
*c
, int argc
, const char **argv
)
340 if (c
->display_usage
) {
342 "net rpc vampire keytab\n"
343 " Dump remote SAM database to Kerberos keytab file\n");
347 ret
= run_rpc_command(c
, NULL
, &ndr_table_drsuapi
.syntax_id
,
349 rpc_vampire_keytab_ds_internals
, argc
, argv
);
354 return run_rpc_command(c
, NULL
, &ndr_table_netlogon
.syntax_id
, 0,
355 rpc_vampire_keytab_internals
,