00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038
00039
00040 #include "includes.h"
00041 #include "utils/net.h"
00042
00043
00044
00045
00046
00047
00048
00049
00050
00051 #define YES_STRING "Yes"
00052 #define NO_STRING "No"
00053
00054
00055
00056
00057
00058
00059 const char *opt_requester_name = NULL;
00060 const char *opt_host = NULL;
00061 const char *opt_password = NULL;
00062 const char *opt_user_name = NULL;
00063 BOOL opt_user_specified = False;
00064 const char *opt_workgroup = NULL;
00065 int opt_long_list_entries = 0;
00066 int opt_reboot = 0;
00067 int opt_force = 0;
00068 int opt_stdin = 0;
00069 int opt_port = 0;
00070 int opt_verbose = 0;
00071 int opt_maxusers = -1;
00072 const char *opt_comment = "";
00073 const char *opt_container = NULL;
00074 int opt_flags = -1;
00075 int opt_timeout = 0;
00076 const char *opt_target_workgroup = NULL;
00077 int opt_machine_pass = 0;
00078 BOOL opt_localgroup = False;
00079 BOOL opt_domaingroup = False;
00080 static BOOL do_talloc_report=False;
00081 const char *opt_newntname = "";
00082 int opt_rid = 0;
00083 int opt_acls = 0;
00084 int opt_attrs = 0;
00085 int opt_timestamps = 0;
00086 const char *opt_exclude = NULL;
00087 const char *opt_destination = NULL;
00088
00089 BOOL opt_have_ip = False;
00090 struct in_addr opt_dest_ip;
00091
00092 extern struct in_addr loopback_ip;
00093 extern BOOL AllowDebugChange;
00094
00095 uint32 get_sec_channel_type(const char *param)
00096 {
00097 if (!(param && *param)) {
00098 return get_default_sec_channel();
00099 } else {
00100 if (strequal(param, "PDC")) {
00101 return SEC_CHAN_BDC;
00102 } else if (strequal(param, "BDC")) {
00103 return SEC_CHAN_BDC;
00104 } else if (strequal(param, "MEMBER")) {
00105 return SEC_CHAN_WKSTA;
00106 #if 0
00107 } else if (strequal(param, "DOMAIN")) {
00108 return SEC_CHAN_DOMAIN;
00109 #endif
00110 } else {
00111 return get_default_sec_channel();
00112 }
00113 }
00114 }
00115
00116
00117
00118
00119
00120 int net_run_function(int argc, const char **argv, struct functable *table,
00121 int (*usage_fn)(int argc, const char **argv))
00122 {
00123 int i;
00124
00125 if (argc < 1) {
00126 d_printf("\nUsage: \n");
00127 return usage_fn(argc, argv);
00128 }
00129 for (i=0; table[i].funcname; i++) {
00130 if (StrCaseCmp(argv[0], table[i].funcname) == 0)
00131 return table[i].fn(argc-1, argv+1);
00132 }
00133 d_fprintf(stderr, "No command: %s\n", argv[0]);
00134 return usage_fn(argc, argv);
00135 }
00136
00137
00138
00139
00140 int net_run_function2(int argc, const char **argv, const char *whoami,
00141 struct functable2 *table)
00142 {
00143 int i;
00144
00145 if (argc != 0) {
00146 for (i=0; table[i].funcname; i++) {
00147 if (StrCaseCmp(argv[0], table[i].funcname) == 0)
00148 return table[i].fn(argc-1, argv+1);
00149 }
00150 }
00151
00152 for (i=0; table[i].funcname != NULL; i++) {
00153 d_printf("%s %-15s %s\n", whoami, table[i].funcname,
00154 table[i].helptext);
00155 }
00156
00157 return -1;
00158 }
00159
00160
00161
00162
00163
00164 NTSTATUS connect_to_service(struct cli_state **c, struct in_addr *server_ip,
00165 const char *server_name,
00166 const char *service_name,
00167 const char *service_type)
00168 {
00169 NTSTATUS nt_status;
00170
00171 if (!opt_password && !opt_machine_pass) {
00172 char *pass = getpass("Password:");
00173 if (pass) {
00174 opt_password = SMB_STRDUP(pass);
00175 }
00176 }
00177
00178 nt_status = cli_full_connection(c, NULL, server_name,
00179 server_ip, opt_port,
00180 service_name, service_type,
00181 opt_user_name, opt_workgroup,
00182 opt_password, 0, Undefined, NULL);
00183
00184 if (NT_STATUS_IS_OK(nt_status) ||
00185 NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT) ||
00186 NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_SERVER_TRUST_ACCOUNT) ||
00187 NT_STATUS_EQUAL(nt_status, NT_STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT)) {
00188 return nt_status;
00189 }
00190
00191 d_fprintf(stderr, "Could not connect to server %s\n", server_name);
00192
00193
00194
00195 if (NT_STATUS_V(nt_status) ==
00196 NT_STATUS_V(NT_STATUS_LOGON_FAILURE))
00197 d_fprintf(stderr, "The username or password was not correct.\n");
00198
00199 if (NT_STATUS_V(nt_status) ==
00200 NT_STATUS_V(NT_STATUS_ACCOUNT_LOCKED_OUT))
00201 d_fprintf(stderr, "The account was locked out.\n");
00202
00203 if (NT_STATUS_V(nt_status) ==
00204 NT_STATUS_V(NT_STATUS_ACCOUNT_DISABLED))
00205 d_fprintf(stderr, "The account was disabled.\n");
00206
00207 return nt_status;
00208 }
00209
00210
00211
00212
00213
00214 NTSTATUS connect_to_ipc(struct cli_state **c, struct in_addr *server_ip,
00215 const char *server_name)
00216 {
00217 return connect_to_service(c, server_ip, server_name, "IPC$", "IPC");
00218 }
00219
00220
00221
00222
00223 NTSTATUS connect_to_ipc_anonymous(struct cli_state **c,
00224 struct in_addr *server_ip, const char *server_name)
00225 {
00226 NTSTATUS nt_status;
00227
00228 nt_status = cli_full_connection(c, opt_requester_name, server_name,
00229 server_ip, opt_port,
00230 "IPC$", "IPC",
00231 "", "",
00232 "", 0, Undefined, NULL);
00233
00234 if (NT_STATUS_IS_OK(nt_status)) {
00235 return nt_status;
00236 } else {
00237 DEBUG(1,("Cannot connect to server (anonymously). Error was %s\n", nt_errstr(nt_status)));
00238 return nt_status;
00239 }
00240 }
00241
00242
00243
00244
00245
00246 static char *get_user_and_realm(const char *username)
00247 {
00248 char *user_and_realm = NULL;
00249
00250 if (!username) {
00251 return NULL;
00252 }
00253 if (strchr_m(username, '@')) {
00254 user_and_realm = SMB_STRDUP(username);
00255 } else {
00256 if (asprintf(&user_and_realm, "%s@%s", username, lp_realm()) == -1) {
00257 user_and_realm = NULL;
00258 }
00259 }
00260 return user_and_realm;
00261 }
00262
00263
00264
00265
00266
00267 NTSTATUS connect_to_ipc_krb5(struct cli_state **c,
00268 struct in_addr *server_ip, const char *server_name)
00269 {
00270 NTSTATUS nt_status;
00271 char *user_and_realm = NULL;
00272
00273 if (!opt_password && !opt_machine_pass) {
00274 char *pass = getpass("Password:");
00275 if (pass) {
00276 opt_password = SMB_STRDUP(pass);
00277 }
00278 }
00279
00280 user_and_realm = get_user_and_realm(opt_user_name);
00281 if (!user_and_realm) {
00282 return NT_STATUS_NO_MEMORY;
00283 }
00284
00285 nt_status = cli_full_connection(c, NULL, server_name,
00286 server_ip, opt_port,
00287 "IPC$", "IPC",
00288 user_and_realm, opt_workgroup,
00289 opt_password, CLI_FULL_CONNECTION_USE_KERBEROS,
00290 Undefined, NULL);
00291
00292 SAFE_FREE(user_and_realm);
00293
00294 if (NT_STATUS_IS_OK(nt_status)) {
00295 return nt_status;
00296 } else {
00297 DEBUG(1,("Cannot connect to server using kerberos. Error was %s\n", nt_errstr(nt_status)));
00298 return nt_status;
00299 }
00300 }
00301
00302
00303
00304
00305
00306
00307
00308
00309
00310
00311 NTSTATUS connect_dst_pipe(struct cli_state **cli_dst, struct rpc_pipe_client **pp_pipe_hnd, int pipe_num)
00312 {
00313 NTSTATUS nt_status;
00314 char *server_name = SMB_STRDUP("127.0.0.1");
00315 struct cli_state *cli_tmp = NULL;
00316 struct rpc_pipe_client *pipe_hnd = NULL;
00317
00318 if (server_name == NULL) {
00319 return NT_STATUS_NO_MEMORY;
00320 }
00321
00322 if (opt_destination) {
00323 SAFE_FREE(server_name);
00324 if ((server_name = SMB_STRDUP(opt_destination)) == NULL) {
00325 return NT_STATUS_NO_MEMORY;
00326 }
00327 }
00328
00329
00330 nt_status = connect_to_ipc(&cli_tmp, NULL, server_name);
00331 if (!NT_STATUS_IS_OK(nt_status)) {
00332 SAFE_FREE(server_name);
00333 return nt_status;
00334 }
00335
00336 pipe_hnd = cli_rpc_pipe_open_noauth(cli_tmp, pipe_num, &nt_status);
00337 if (!pipe_hnd) {
00338 DEBUG(0, ("couldn't not initialize pipe\n"));
00339 cli_shutdown(cli_tmp);
00340 SAFE_FREE(server_name);
00341 return nt_status;
00342 }
00343
00344 *cli_dst = cli_tmp;
00345 *pp_pipe_hnd = pipe_hnd;
00346 SAFE_FREE(server_name);
00347
00348 return nt_status;
00349 }
00350
00351
00352
00353
00354
00355 int net_use_krb_machine_account(void)
00356 {
00357 char *user_name = NULL;
00358
00359 if (!secrets_init()) {
00360 d_fprintf(stderr, "ERROR: Unable to open secrets database\n");
00361 exit(1);
00362 }
00363
00364 opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL);
00365 if (asprintf(&user_name, "%s$@%s", global_myname(), lp_realm()) == -1) {
00366 return -1;
00367 }
00368 opt_user_name = user_name;
00369 return 0;
00370 }
00371
00372
00373
00374
00375
00376 int net_use_machine_account(void)
00377 {
00378 char *user_name = NULL;
00379
00380 if (!secrets_init()) {
00381 d_fprintf(stderr, "ERROR: Unable to open secrets database\n");
00382 exit(1);
00383 }
00384
00385 opt_password = secrets_fetch_machine_password(opt_target_workgroup, NULL, NULL);
00386 if (asprintf(&user_name, "%s$", global_myname()) == -1) {
00387 return -1;
00388 }
00389 opt_user_name = user_name;
00390 return 0;
00391 }
00392
00393 BOOL net_find_server(const char *domain, unsigned flags, struct in_addr *server_ip, char **server_name)
00394 {
00395 const char *d = domain ? domain : opt_target_workgroup;
00396
00397 if (opt_host) {
00398 *server_name = SMB_STRDUP(opt_host);
00399 }
00400
00401 if (opt_have_ip) {
00402 *server_ip = opt_dest_ip;
00403 if (!*server_name) {
00404 *server_name = SMB_STRDUP(inet_ntoa(opt_dest_ip));
00405 }
00406 } else if (*server_name) {
00407
00408 if (!resolve_name(*server_name, server_ip, 0x20)) {
00409 DEBUG(1,("Unable to resolve server name\n"));
00410 return False;
00411 }
00412 } else if (flags & NET_FLAGS_PDC) {
00413 struct in_addr pdc_ip;
00414
00415 if (get_pdc_ip(d, &pdc_ip)) {
00416 fstring dc_name;
00417
00418 if (is_zero_ip(pdc_ip))
00419 return False;
00420
00421 if ( !name_status_find(d, 0x1b, 0x20, pdc_ip, dc_name) )
00422 return False;
00423
00424 *server_name = SMB_STRDUP(dc_name);
00425 *server_ip = pdc_ip;
00426 }
00427 } else if (flags & NET_FLAGS_DMB) {
00428 struct in_addr msbrow_ip;
00429
00430 if (!resolve_name(d, &msbrow_ip, 0x1B)) {
00431 DEBUG(1,("Unable to resolve domain browser via name lookup\n"));
00432 return False;
00433 } else {
00434 *server_ip = msbrow_ip;
00435 }
00436 *server_name = SMB_STRDUP(inet_ntoa(opt_dest_ip));
00437 } else if (flags & NET_FLAGS_MASTER) {
00438 struct in_addr brow_ips;
00439 if (!resolve_name(d, &brow_ips, 0x1D)) {
00440
00441 DEBUG(1,("Unable to resolve master browser via name lookup\n"));
00442 return False;
00443 } else {
00444 *server_ip = brow_ips;
00445 }
00446 *server_name = SMB_STRDUP(inet_ntoa(opt_dest_ip));
00447 } else if (!(flags & NET_FLAGS_LOCALHOST_DEFAULT_INSANE)) {
00448 *server_ip = loopback_ip;
00449 *server_name = SMB_STRDUP("127.0.0.1");
00450 }
00451
00452 if (!server_name || !*server_name) {
00453 DEBUG(1,("no server to connect to\n"));
00454 return False;
00455 }
00456
00457 return True;
00458 }
00459
00460
00461 BOOL net_find_pdc(struct in_addr *server_ip, fstring server_name, const char *domain_name)
00462 {
00463 if (get_pdc_ip(domain_name, server_ip)) {
00464 if (is_zero_ip(*server_ip))
00465 return False;
00466
00467 if (!name_status_find(domain_name, 0x1b, 0x20, *server_ip, server_name))
00468 return False;
00469
00470 return True;
00471 }
00472 else
00473 return False;
00474 }
00475
00476 struct cli_state *net_make_ipc_connection( unsigned flags )
00477 {
00478 return net_make_ipc_connection_ex( NULL, NULL, NULL, flags );
00479 }
00480
00481 struct cli_state *net_make_ipc_connection_ex( const char *domain, const char *server,
00482 struct in_addr *ip, unsigned flags)
00483 {
00484 char *server_name = NULL;
00485 struct in_addr server_ip;
00486 struct cli_state *cli = NULL;
00487 NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
00488
00489 if ( !server || !ip ) {
00490 if (!net_find_server(domain, flags, &server_ip, &server_name)) {
00491 d_fprintf(stderr, "Unable to find a suitable server\n");
00492 return NULL;
00493 }
00494 } else {
00495 server_name = SMB_STRDUP( server );
00496 server_ip = *ip;
00497 }
00498
00499 if (opt_user_name) {
00500 nt_status = connect_to_ipc(&cli, &server_ip, server_name);
00501 if (NT_STATUS_IS_OK(nt_status)) {
00502 goto connected;
00503 }
00504 }
00505 if (flags & NET_FLAGS_ANONYMOUS) {
00506 nt_status = connect_to_ipc_anonymous(&cli, &server_ip, server_name);
00507 if (NT_STATUS_IS_OK(nt_status)) {
00508 goto connected;
00509 }
00510 }
00511
00512 SAFE_FREE(server_name);
00513 d_fprintf(stderr, "Connection failed: %s\n",
00514 nt_errstr(nt_status));
00515 return NULL;
00516
00517 connected:
00518
00519
00520 if ( (flags & NET_FLAGS_PDC) && NT_STATUS_IS_OK(nt_status) )
00521 saf_store( cli->server_domain, cli->desthost );
00522
00523 return cli;
00524 }
00525
00526 static int net_user(int argc, const char **argv)
00527 {
00528 if (net_ads_check() == 0)
00529 return net_ads_user(argc, argv);
00530
00531
00532 if (net_rpc_check(NET_FLAGS_PDC))
00533 return net_rpc_user(argc, argv);
00534
00535 return net_rap_user(argc, argv);
00536 }
00537
00538 static int net_group(int argc, const char **argv)
00539 {
00540 if (net_ads_check() == 0)
00541 return net_ads_group(argc, argv);
00542
00543 if (argc == 0 && net_rpc_check(NET_FLAGS_PDC))
00544 return net_rpc_group(argc, argv);
00545
00546 return net_rap_group(argc, argv);
00547 }
00548
00549 static int net_join(int argc, const char **argv)
00550 {
00551 if (net_ads_check_our_domain() == 0) {
00552 if (net_ads_join(argc, argv) == 0)
00553 return 0;
00554 else
00555 d_fprintf(stderr, "ADS join did not work, falling back to RPC...\n");
00556 }
00557 return net_rpc_join(argc, argv);
00558 }
00559
00560 static int net_changetrustpw(int argc, const char **argv)
00561 {
00562 if (net_ads_check_our_domain() == 0)
00563 return net_ads_changetrustpw(argc, argv);
00564
00565 return net_rpc_changetrustpw(argc, argv);
00566 }
00567
00568 static void set_line_buffering(FILE *f)
00569 {
00570 setvbuf(f, NULL, _IOLBF, 0);
00571 }
00572
00573 static int net_changesecretpw(int argc, const char **argv)
00574 {
00575 char *trust_pw;
00576 uint32 sec_channel_type = SEC_CHAN_WKSTA;
00577
00578 if(opt_force) {
00579 if (opt_stdin) {
00580 set_line_buffering(stdin);
00581 set_line_buffering(stdout);
00582 set_line_buffering(stderr);
00583 }
00584
00585 trust_pw = get_pass("Enter machine password: ", opt_stdin);
00586
00587 if (!secrets_store_machine_password(trust_pw, lp_workgroup(), sec_channel_type)) {
00588 d_fprintf(stderr, "Unable to write the machine account password in the secrets database");
00589 return 1;
00590 }
00591 else {
00592 d_printf("Modified trust account password in secrets database\n");
00593 }
00594 }
00595 else {
00596 d_printf("Machine account password change requires the -f flag.\n");
00597 d_printf("Do NOT use this function unless you know what it does!\n");
00598 d_printf("This function will change the ADS Domain member machine account password in the secrets.tdb file!\n");
00599 }
00600
00601 return 0;
00602 }
00603
00604 static int net_share(int argc, const char **argv)
00605 {
00606 if (net_rpc_check(0))
00607 return net_rpc_share(argc, argv);
00608 return net_rap_share(argc, argv);
00609 }
00610
00611 static int net_file(int argc, const char **argv)
00612 {
00613 if (net_rpc_check(0))
00614 return net_rpc_file(argc, argv);
00615 return net_rap_file(argc, argv);
00616 }
00617
00618
00619
00620
00621 static int net_getlocalsid(int argc, const char **argv)
00622 {
00623 DOM_SID sid;
00624 const char *name;
00625 fstring sid_str;
00626
00627 if (argc >= 1) {
00628 name = argv[0];
00629 }
00630 else {
00631 name = global_myname();
00632 }
00633
00634 if(!initialize_password_db(False)) {
00635 DEBUG(0, ("WARNING: Could not open passdb - local sid may not reflect passdb\n"
00636 "backend knowlege (such as the sid stored in LDAP)\n"));
00637 }
00638
00639
00640
00641
00642 if (!secrets_init()) {
00643 d_fprintf(stderr, "Unable to open secrets.tdb. Can't fetch domain SID for name: %s\n", name);
00644 return 1;
00645 }
00646
00647
00648 get_global_sam_sid();
00649
00650 if (!secrets_fetch_domain_sid(name, &sid)) {
00651 DEBUG(0, ("Can't fetch domain SID for name: %s\n", name));
00652 return 1;
00653 }
00654 sid_to_string(sid_str, &sid);
00655 d_printf("SID for domain %s is: %s\n", name, sid_str);
00656 return 0;
00657 }
00658
00659 static int net_setlocalsid(int argc, const char **argv)
00660 {
00661 DOM_SID sid;
00662
00663 if ( (argc != 1)
00664 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
00665 || (!string_to_sid(&sid, argv[0]))
00666 || (sid.num_auths != 4)) {
00667 d_printf("usage: net setlocalsid S-1-5-21-x-y-z\n");
00668 return 1;
00669 }
00670
00671 if (!secrets_store_domain_sid(global_myname(), &sid)) {
00672 DEBUG(0,("Can't store domain SID as a pdc/bdc.\n"));
00673 return 1;
00674 }
00675
00676 return 0;
00677 }
00678
00679 static int net_setdomainsid(int argc, const char **argv)
00680 {
00681 DOM_SID sid;
00682
00683 if ( (argc != 1)
00684 || (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
00685 || (!string_to_sid(&sid, argv[0]))
00686 || (sid.num_auths != 4)) {
00687 d_printf("usage: net setdomainsid S-1-5-21-x-y-z\n");
00688 return 1;
00689 }
00690
00691 if (!secrets_store_domain_sid(lp_workgroup(), &sid)) {
00692 DEBUG(0,("Can't store domain SID.\n"));
00693 return 1;
00694 }
00695
00696 return 0;
00697 }
00698
00699 static int net_getdomainsid(int argc, const char **argv)
00700 {
00701 DOM_SID domain_sid;
00702 fstring sid_str;
00703
00704 if(!initialize_password_db(False)) {
00705 DEBUG(0, ("WARNING: Could not open passdb - domain sid may not reflect passdb\n"
00706 "backend knowlege (such as the sid stored in LDAP)\n"));
00707 }
00708
00709
00710
00711
00712 if (!secrets_init()) {
00713 d_fprintf(stderr, "Unable to open secrets.tdb. "
00714 "Can't fetch domainSID for name: %s\n",
00715 get_global_sam_name());
00716 return 1;
00717 }
00718
00719
00720 get_global_sam_sid();
00721
00722 if (!secrets_fetch_domain_sid(global_myname(), &domain_sid)) {
00723 d_fprintf(stderr, "Could not fetch local SID\n");
00724 return 1;
00725 }
00726 sid_to_string(sid_str, &domain_sid);
00727 d_printf("SID for domain %s is: %s\n", global_myname(), sid_str);
00728
00729 if (!secrets_fetch_domain_sid(opt_workgroup, &domain_sid)) {
00730 d_fprintf(stderr, "Could not fetch domain SID\n");
00731 return 1;
00732 }
00733
00734 sid_to_string(sid_str, &domain_sid);
00735 d_printf("SID for domain %s is: %s\n", opt_workgroup, sid_str);
00736
00737 return 0;
00738 }
00739
00740 #ifdef WITH_FAKE_KASERVER
00741
00742 int net_help_afs(int argc, const char **argv)
00743 {
00744 d_printf(" net afs key filename\n"
00745 "\tImports a OpenAFS KeyFile into our secrets.tdb\n\n");
00746 d_printf(" net afs impersonate <user> <cell>\n"
00747 "\tCreates a token for user@cell\n\n");
00748 return -1;
00749 }
00750
00751 static int net_afs_key(int argc, const char **argv)
00752 {
00753 int fd;
00754 struct afs_keyfile keyfile;
00755
00756 if (argc != 2) {
00757 d_printf("usage: 'net afs key <keyfile> cell'\n");
00758 return -1;
00759 }
00760
00761 if (!secrets_init()) {
00762 d_fprintf(stderr, "Could not open secrets.tdb\n");
00763 return -1;
00764 }
00765
00766 if ((fd = open(argv[0], O_RDONLY, 0)) < 0) {
00767 d_fprintf(stderr, "Could not open %s\n", argv[0]);
00768 return -1;
00769 }
00770
00771 if (read(fd, &keyfile, sizeof(keyfile)) != sizeof(keyfile)) {
00772 d_fprintf(stderr, "Could not read keyfile\n");
00773 return -1;
00774 }
00775
00776 if (!secrets_store_afs_keyfile(argv[1], &keyfile)) {
00777 d_fprintf(stderr, "Could not write keyfile to secrets.tdb\n");
00778 return -1;
00779 }
00780
00781 return 0;
00782 }
00783
00784 static int net_afs_impersonate(int argc, const char **argv)
00785 {
00786 char *token;
00787
00788 if (argc != 2) {
00789 fprintf(stderr, "Usage: net afs impersonate <user> <cell>\n");
00790 exit(1);
00791 }
00792
00793 token = afs_createtoken_str(argv[0], argv[1]);
00794
00795 if (token == NULL) {
00796 fprintf(stderr, "Could not create token\n");
00797 exit(1);
00798 }
00799
00800 if (!afs_settoken_str(token)) {
00801 fprintf(stderr, "Could not set token into kernel\n");
00802 exit(1);
00803 }
00804
00805 printf("Success: %s@%s\n", argv[0], argv[1]);
00806 return 0;
00807 }
00808
00809 static int net_afs(int argc, const char **argv)
00810 {
00811 struct functable func[] = {
00812 {"key", net_afs_key},
00813 {"impersonate", net_afs_impersonate},
00814 {"help", net_help_afs},
00815 {NULL, NULL}
00816 };
00817 return net_run_function(argc, argv, func, net_help_afs);
00818 }
00819
00820 #endif
00821
00822 static BOOL search_maxrid(struct pdb_search *search, const char *type,
00823 uint32 *max_rid)
00824 {
00825 struct samr_displayentry *entries;
00826 uint32 i, num_entries;
00827
00828 if (search == NULL) {
00829 d_fprintf(stderr, "get_maxrid: Could not search %s\n", type);
00830 return False;
00831 }
00832
00833 num_entries = pdb_search_entries(search, 0, 0xffffffff, &entries);
00834 for (i=0; i<num_entries; i++)
00835 *max_rid = MAX(*max_rid, entries[i].rid);
00836 pdb_search_destroy(search);
00837 return True;
00838 }
00839
00840 static uint32 get_maxrid(void)
00841 {
00842 uint32 max_rid = 0;
00843
00844 if (!search_maxrid(pdb_search_users(0), "users", &max_rid))
00845 return 0;
00846
00847 if (!search_maxrid(pdb_search_groups(), "groups", &max_rid))
00848 return 0;
00849
00850 if (!search_maxrid(pdb_search_aliases(get_global_sam_sid()),
00851 "aliases", &max_rid))
00852 return 0;
00853
00854 return max_rid;
00855 }
00856
00857 static int net_maxrid(int argc, const char **argv)
00858 {
00859 uint32 rid;
00860
00861 if (argc != 0) {
00862 DEBUG(0, ("usage: net maxrid\n"));
00863 return 1;
00864 }
00865
00866 if ((rid = get_maxrid()) == 0) {
00867 DEBUG(0, ("can't get current maximum rid\n"));
00868 return 1;
00869 }
00870
00871 d_printf("Currently used maximum rid: %d\n", rid);
00872
00873 return 0;
00874 }
00875
00876
00877 static struct functable net_func[] = {
00878 {"RPC", net_rpc},
00879 {"RAP", net_rap},
00880 {"ADS", net_ads},
00881
00882
00883 {"FILE", net_file},
00884 {"SHARE", net_share},
00885 {"SESSION", net_rap_session},
00886 {"SERVER", net_rap_server},
00887 {"DOMAIN", net_rap_domain},
00888 {"PRINTQ", net_rap_printq},
00889 {"USER", net_user},
00890 {"GROUP", net_group},
00891 {"GROUPMAP", net_groupmap},
00892 {"SAM", net_sam},
00893 {"VALIDATE", net_rap_validate},
00894 {"GROUPMEMBER", net_rap_groupmember},
00895 {"ADMIN", net_rap_admin},
00896 {"SERVICE", net_rap_service},
00897 {"PASSWORD", net_rap_password},
00898 {"CHANGETRUSTPW", net_changetrustpw},
00899 {"CHANGESECRETPW", net_changesecretpw},
00900 {"TIME", net_time},
00901 {"LOOKUP", net_lookup},
00902 {"JOIN", net_join},
00903 {"CACHE", net_cache},
00904 {"GETLOCALSID", net_getlocalsid},
00905 {"SETLOCALSID", net_setlocalsid},
00906 {"SETDOMAINSID", net_setdomainsid},
00907 {"GETDOMAINSID", net_getdomainsid},
00908 {"MAXRID", net_maxrid},
00909 {"IDMAP", net_idmap},
00910 {"STATUS", net_status},
00911 {"USERSHARE", net_usershare},
00912 {"USERSIDLIST", net_usersidlist},
00913 #ifdef WITH_FAKE_KASERVER
00914 {"AFS", net_afs},
00915 #endif
00916
00917 {"HELP", net_help},
00918 {NULL, NULL}
00919 };
00920
00921
00922
00923
00924
00925 int main(int argc, const char **argv)
00926 {
00927 int opt,i;
00928 char *p;
00929 int rc = 0;
00930 int argc_new = 0;
00931 const char ** argv_new;
00932 poptContext pc;
00933
00934 struct poptOption long_options[] = {
00935 {"help", 'h', POPT_ARG_NONE, 0, 'h'},
00936 {"workgroup", 'w', POPT_ARG_STRING, &opt_target_workgroup},
00937 {"user", 'U', POPT_ARG_STRING, &opt_user_name, 'U'},
00938 {"ipaddress", 'I', POPT_ARG_STRING, 0,'I'},
00939 {"port", 'p', POPT_ARG_INT, &opt_port},
00940 {"myname", 'n', POPT_ARG_STRING, &opt_requester_name},
00941 {"server", 'S', POPT_ARG_STRING, &opt_host},
00942 {"container", 'c', POPT_ARG_STRING, &opt_container},
00943 {"comment", 'C', POPT_ARG_STRING, &opt_comment},
00944 {"maxusers", 'M', POPT_ARG_INT, &opt_maxusers},
00945 {"flags", 'F', POPT_ARG_INT, &opt_flags},
00946 {"long", 'l', POPT_ARG_NONE, &opt_long_list_entries},
00947 {"reboot", 'r', POPT_ARG_NONE, &opt_reboot},
00948 {"force", 'f', POPT_ARG_NONE, &opt_force},
00949 {"stdin", 'i', POPT_ARG_NONE, &opt_stdin},
00950 {"timeout", 't', POPT_ARG_INT, &opt_timeout},
00951 {"machine-pass",'P', POPT_ARG_NONE, &opt_machine_pass},
00952 {"myworkgroup", 'W', POPT_ARG_STRING, &opt_workgroup},
00953 {"verbose", 'v', POPT_ARG_NONE, &opt_verbose},
00954
00955 {"local", 'L', POPT_ARG_NONE, &opt_localgroup},
00956 {"domain", 'D', POPT_ARG_NONE, &opt_domaingroup},
00957 {"ntname", 'N', POPT_ARG_STRING, &opt_newntname},
00958 {"rid", 'R', POPT_ARG_INT, &opt_rid},
00959
00960 {"acls", 0, POPT_ARG_NONE, &opt_acls},
00961 {"attrs", 0, POPT_ARG_NONE, &opt_attrs},
00962 {"timestamps", 0, POPT_ARG_NONE, &opt_timestamps},
00963 {"exclude", 'e', POPT_ARG_STRING, &opt_exclude},
00964 {"destination", 0, POPT_ARG_STRING, &opt_destination},
00965 {"tallocreport", 0, POPT_ARG_NONE, &do_talloc_report},
00966
00967 POPT_COMMON_SAMBA
00968 { 0, 0, 0, 0}
00969 };
00970
00971 zero_ip(&opt_dest_ip);
00972
00973 load_case_tables();
00974
00975
00976 DEBUGLEVEL_CLASS[DBGC_ALL] = 0;
00977 dbf = x_stderr;
00978
00979 pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
00980 POPT_CONTEXT_KEEP_FIRST);
00981
00982 while((opt = poptGetNextOpt(pc)) != -1) {
00983 switch (opt) {
00984 case 'h':
00985 net_help(argc, argv);
00986 exit(0);
00987 break;
00988 case 'I':
00989 opt_dest_ip = *interpret_addr2(poptGetOptArg(pc));
00990 if (is_zero_ip(opt_dest_ip))
00991 d_fprintf(stderr, "\nInvalid ip address specified\n");
00992 else
00993 opt_have_ip = True;
00994 break;
00995 case 'U':
00996 opt_user_specified = True;
00997 opt_user_name = SMB_STRDUP(opt_user_name);
00998 p = strchr(opt_user_name,'%');
00999 if (p) {
01000 *p = 0;
01001 opt_password = p+1;
01002 }
01003 break;
01004 default:
01005 d_fprintf(stderr, "\nInvalid option %s: %s\n",
01006 poptBadOption(pc, 0), poptStrerror(opt));
01007 net_help(argc, argv);
01008 exit(1);
01009 }
01010 }
01011
01012
01013
01014
01015
01016 AllowDebugChange = False;
01017 lp_load(dyn_CONFIGFILE,True,False,False,True);
01018
01019 argv_new = (const char **)poptGetArgs(pc);
01020
01021 argc_new = argc;
01022 for (i=0; i<argc; i++) {
01023 if (argv_new[i] == NULL) {
01024 argc_new = i;
01025 break;
01026 }
01027 }
01028
01029 if (do_talloc_report) {
01030 talloc_enable_leak_report();
01031 }
01032
01033 if (opt_requester_name) {
01034 set_global_myname(opt_requester_name);
01035 }
01036
01037 if (!opt_user_name && getenv("LOGNAME")) {
01038 opt_user_name = getenv("LOGNAME");
01039 }
01040
01041 if (!opt_user_name) {
01042 opt_user_name = "";
01043 }
01044
01045 if (!opt_workgroup) {
01046 opt_workgroup = smb_xstrdup(lp_workgroup());
01047 }
01048
01049 if (!opt_target_workgroup) {
01050 opt_target_workgroup = smb_xstrdup(lp_workgroup());
01051 }
01052
01053 if (!init_names())
01054 exit(1);
01055
01056 load_interfaces();
01057
01058
01059
01060 sec_init();
01061
01062 if (opt_machine_pass) {
01063
01064
01065
01066 net_use_krb_machine_account();
01067 }
01068
01069 if (!opt_password) {
01070 opt_password = getenv("PASSWD");
01071 }
01072
01073 rc = net_run_function(argc_new-1, argv_new+1, net_func, net_help);
01074
01075 DEBUG(2,("return code = %d\n", rc));
01076 return rc;
01077 }