関数 | |
static NTSTATUS | just_change_the_password (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const unsigned char orig_trust_passwd_hash[16], const char *new_trust_pwd_cleartext, const unsigned char new_trust_passwd_hash[16], uint32 sec_channel_type) |
NTSTATUS | trust_pw_change_and_store_it (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *domain, unsigned char orig_trust_passwd_hash[16], uint32 sec_channel_type) |
NTSTATUS | trust_pw_find_change_and_store_it (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *domain) |
BOOL | enumerate_domain_trusts (TALLOC_CTX *mem_ctx, const char *domain, char ***domain_names, uint32 *num_domains, DOM_SID **sids) |
static NTSTATUS just_change_the_password | ( | struct rpc_pipe_client * | cli, | |
TALLOC_CTX * | mem_ctx, | |||
const unsigned char | orig_trust_passwd_hash[16], | |||
const char * | new_trust_pwd_cleartext, | |||
const unsigned char | new_trust_passwd_hash[16], | |||
uint32 | sec_channel_type | |||
) | [static] |
trusts_util.c の 33 行で定義されています。
参照先 cli・cli_state::desthost・global_myname・lp_workgroup()・nt_errstr()・result・rpccli_net_srv_pwset()・rpccli_net_srv_pwset2()・rpccli_netlogon_setup_creds().
参照元 trust_pw_change_and_store_it().
00038 { 00039 NTSTATUS result; 00040 uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; 00041 00042 result = rpccli_netlogon_setup_creds(cli, 00043 cli->cli->desthost, /* server name */ 00044 lp_workgroup(), /* domain */ 00045 global_myname(), /* client name */ 00046 global_myname(), /* machine account name */ 00047 orig_trust_passwd_hash, 00048 sec_channel_type, 00049 &neg_flags); 00050 00051 if (!NT_STATUS_IS_OK(result)) { 00052 DEBUG(3,("just_change_the_password: unable to setup creds (%s)!\n", 00053 nt_errstr(result))); 00054 return result; 00055 } 00056 00057 if (neg_flags & NETLOGON_NEG_PASSWORD_SET2) { 00058 result = rpccli_net_srv_pwset2(cli, mem_ctx, global_myname(), 00059 new_trust_pwd_cleartext); 00060 } else { 00061 result = rpccli_net_srv_pwset(cli, mem_ctx, global_myname(), 00062 new_trust_passwd_hash); 00063 } 00064 00065 if (!NT_STATUS_IS_OK(result)) { 00066 DEBUG(0,("just_change_the_password: unable to change password (%s)!\n", 00067 nt_errstr(result))); 00068 } 00069 return result; 00070 }
NTSTATUS trust_pw_change_and_store_it | ( | struct rpc_pipe_client * | cli, | |
TALLOC_CTX * | mem_ctx, | |||
const char * | domain, | |||
unsigned char | orig_trust_passwd_hash[16], | |||
uint32 | sec_channel_type | |||
) |
trusts_util.c の 78 行で定義されています。
参照先 cli・current_timestring()・E_md4hash()・generate_random_str()・just_change_the_password()・secrets_store_machine_password()・talloc_strdup().
参照元 rpc_oldjoin_internals()・trust_pw_find_change_and_store_it().
00082 { 00083 unsigned char new_trust_passwd_hash[16]; 00084 char *new_trust_passwd; 00085 char *str; 00086 NTSTATUS nt_status; 00087 00088 /* Create a random machine account password */ 00089 str = generate_random_str(DEFAULT_TRUST_ACCOUNT_PASSWORD_LENGTH); 00090 00091 if ((new_trust_passwd = talloc_strdup(mem_ctx, str)) == NULL) { 00092 DEBUG(0, ("talloc_strdup failed\n")); 00093 return NT_STATUS_NO_MEMORY; 00094 } 00095 00096 E_md4hash(new_trust_passwd, new_trust_passwd_hash); 00097 00098 nt_status = just_change_the_password(cli, mem_ctx, orig_trust_passwd_hash, 00099 new_trust_passwd, 00100 new_trust_passwd_hash, sec_channel_type); 00101 00102 if (NT_STATUS_IS_OK(nt_status)) { 00103 DEBUG(3,("%s : trust_pw_change_and_store_it: Changed password.\n", 00104 current_timestring(False))); 00105 /* 00106 * Return the result of trying to write the new password 00107 * back into the trust account file. 00108 */ 00109 if (!secrets_store_machine_password(new_trust_passwd, domain, sec_channel_type)) { 00110 nt_status = NT_STATUS_UNSUCCESSFUL; 00111 } 00112 } 00113 00114 return nt_status; 00115 }
NTSTATUS trust_pw_find_change_and_store_it | ( | struct rpc_pipe_client * | cli, | |
TALLOC_CTX * | mem_ctx, | |||
const char * | domain | |||
) |
trusts_util.c の 123 行で定義されています。
参照先 cli・secrets_fetch_trust_account_password()・trust_pw_change_and_store_it().
参照元 change_trust_account_password()・cmd_netlogon_change_trust_pw()・rpc_changetrustpw_internals().
00126 { 00127 unsigned char old_trust_passwd_hash[16]; 00128 uint32 sec_channel_type = 0; 00129 00130 if (!secrets_fetch_trust_account_password(domain, 00131 old_trust_passwd_hash, 00132 NULL, &sec_channel_type)) { 00133 DEBUG(0, ("could not fetch domain secrets for domain %s!\n", domain)); 00134 return NT_STATUS_UNSUCCESSFUL; 00135 } 00136 00137 return trust_pw_change_and_store_it(cli, mem_ctx, domain, 00138 old_trust_passwd_hash, 00139 sec_channel_type); 00140 }
BOOL enumerate_domain_trusts | ( | TALLOC_CTX * | mem_ctx, | |
const char * | domain, | |||
char *** | domain_names, | |||
uint32 * | num_domains, | |||
DOM_SID ** | sids | |||
) |
trusts_util.c の 146 行で定義されています。
参照先 cli・cli_full_connection()・cli_rpc_pipe_open_noauth()・cli_shutdown()・get_dc_name()・global_myname・pol・result・rpccli_lsa_enum_trust_dom()・rpccli_lsa_open_policy().
00149 { 00150 POLICY_HND pol; 00151 NTSTATUS result = NT_STATUS_UNSUCCESSFUL; 00152 fstring dc_name; 00153 struct in_addr dc_ip; 00154 uint32 enum_ctx = 0; 00155 struct cli_state *cli = NULL; 00156 struct rpc_pipe_client *lsa_pipe; 00157 BOOL retry; 00158 00159 *domain_names = NULL; 00160 *num_domains = 0; 00161 *sids = NULL; 00162 00163 /* lookup a DC first */ 00164 00165 if ( !get_dc_name(domain, NULL, dc_name, &dc_ip) ) { 00166 DEBUG(3,("enumerate_domain_trusts: can't locate a DC for domain %s\n", 00167 domain)); 00168 return False; 00169 } 00170 00171 /* setup the anonymous connection */ 00172 00173 result = cli_full_connection( &cli, global_myname(), dc_name, &dc_ip, 0, "IPC$", "IPC", 00174 "", "", "", 0, Undefined, &retry); 00175 if ( !NT_STATUS_IS_OK(result) ) 00176 goto done; 00177 00178 /* open the LSARPC_PIPE */ 00179 00180 lsa_pipe = cli_rpc_pipe_open_noauth( cli, PI_LSARPC, &result ); 00181 if ( !lsa_pipe) { 00182 goto done; 00183 } 00184 00185 /* get a handle */ 00186 00187 result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, True, 00188 POLICY_VIEW_LOCAL_INFORMATION, &pol); 00189 if ( !NT_STATUS_IS_OK(result) ) 00190 goto done; 00191 00192 /* Lookup list of trusted domains */ 00193 00194 result = rpccli_lsa_enum_trust_dom(lsa_pipe, mem_ctx, &pol, &enum_ctx, 00195 num_domains, domain_names, sids); 00196 if ( !NT_STATUS_IS_OK(result) ) 00197 goto done; 00198 00199 done: 00200 /* cleanup */ 00201 if (cli) { 00202 DEBUG(10,("enumerate_domain_trusts: shutting down connection...\n")); 00203 cli_shutdown( cli ); 00204 } 00205 00206 return NT_STATUS_IS_OK(result); 00207 }