static
DWORD
VmAfdCliJoinVmDir(
PVM_AFD_CLI_CONTEXT pContext
)
{
DWORD dwError = 0;
if (!pContext)
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VmAfdJoinVmDirA(
pContext->pszServerName,
pContext->pszUserName,
pContext->pszPassword,
pContext->pszMachineName,
pContext->pszDomainName,
pContext->pszOrgUnit);
BAIL_ON_VMAFD_ERROR(dwError);
cleanup:
return dwError;
error:
goto cleanup;
}
static
DWORD
VmwDeploySetupClientWithDC(
PVMW_IC_SETUP_PARAMS pParams
)
{
DWORD dwError = 0;
PCSTR ppszServices[]=
{
VMW_DCERPC_SVC_NAME,
VMW_VMAFD_SVC_NAME
};
PCSTR pszHostname = "localhost";
PCSTR pszUsername = VMW_ADMIN_NAME;
int iSvc = 0;
PSTR pszPrivateKey = NULL;
PSTR pszCACert = NULL;
PSTR pszSSLCert = NULL;
VMW_DEPLOY_LOG_INFO(
"Joining system to domain [%s] using controller at [%s]",
VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszDomainName),
VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));
if (IsNullOrEmptyString(pParams->pszServer))
{
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_DEPLOY_ERROR(dwError);
}
dwError = VmwDeployValidateHostname(pParams->pszHostname);
BAIL_ON_DEPLOY_ERROR(dwError);
if (pParams->pszMachineAccount)
{
dwError = VmwDeployValidateHostname(pParams->pszMachineAccount);
BAIL_ON_DEPLOY_ERROR(dwError);
}
if (pParams->pszOrgUnit)
{
dwError = VmwDeployValidateOrgUnit(pParams->pszOrgUnit);
BAIL_ON_DEPLOY_ERROR(dwError);
}
dwError = VmwDeployValidatePartnerCredentials(
pParams->pszServer,
pParams->pszPassword,
pParams->pszDomainName);
BAIL_ON_DEPLOY_ERROR(dwError);
if (pParams->bDisableAfdListener)
{
VMW_DEPLOY_LOG_INFO("Disabling AFD Listener");
dwError = VmwDeployDisableAfdListener();
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO("Stopping the VMAFD Service...");
dwError = VmwDeployStopService(VMW_VMAFD_SVC_NAME);
BAIL_ON_DEPLOY_ERROR(dwError);
}
for (; iSvc < sizeof(ppszServices)/sizeof(ppszServices[0]); iSvc++)
{
PCSTR pszService = ppszServices[iSvc];
VMW_DEPLOY_LOG_INFO("Starting service [%s]", pszService);
dwError = VmwDeployStartService(pszService);
BAIL_ON_DEPLOY_ERROR(dwError);
}
VMW_DEPLOY_LOG_INFO("Setting various configuration values");
dwError = VmAfdSetPNID(pszHostname, pParams->pszHostname);
BAIL_ON_DEPLOY_ERROR(dwError);
dwError = VmAfdSetCAPathA(pszHostname, VMW_DEFAULT_CA_PATH);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO(
"Joining system to directory service at [%s]",
VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));
pszUsername = (pParams->bUseMachineAccount && pParams->pszMachineAccount)
? pParams->pszMachineAccount : VMW_ADMIN_NAME;
dwError = VmAfdJoinVmDirA(
pParams->pszServer,
pszUsername,
pParams->pszPassword,
pParams->pszMachineAccount ?
pParams->pszMachineAccount : pParams->pszHostname,
pParams->pszDomainName,
pParams->pszOrgUnit);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO(
"Get root certificate from VMware Certificate Authority");
dwError = VmwDeployGetRootCACert(
pParams->pszServer,
pParams->pszDomainName,
pszUsername,
pParams->pszPassword,
&pszCACert);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO(
"Adding VMCA's root certificate to VMware endpoint certificate store");
dwError = VmwDeployAddTrustedRoot(pParams->pszServer, pszCACert);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO("Generating Machine SSL cert");
dwError = VmwDeployCreateMachineSSLCert(
pParams->pszServer,
pParams->pszDomainName,
pszUsername,
pParams->pszPassword,
pParams->pszHostname,
pParams->pszSubjectAltName ?
pParams->pszSubjectAltName : pParams->pszHostname,
&pszPrivateKey,
&pszSSLCert);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO("Setting Machine SSL certificate");
dwError = VmAfdSetSSLCertificate(pszHostname, pszSSLCert, pszPrivateKey);
BAIL_ON_DEPLOY_ERROR(dwError);
cleanup:
if (pszPrivateKey)
{
VmwDeployFreeMemory(pszPrivateKey);
}
if (pszSSLCert)
{
VmwDeployFreeMemory(pszSSLCert);
}
if (pszCACert)
{
VmwDeployFreeMemory(pszCACert);
}
return dwError;
error:
goto cleanup;
}
static
DWORD
VmwDeploySetupClient(
PVMW_IC_SETUP_PARAMS pParams
)
{
DWORD dwError = 0;
PCSTR ppszServices[]=
{
VMW_DCERPC_SVC_NAME,
VMW_VMAFD_SVC_NAME
};
PCSTR pszHostname = "localhost";
PCSTR pszUsername = VMW_ADMIN_NAME;
int iSvc = 0;
PSTR pszPrivateKey = NULL;
PSTR pszCACert = NULL;
PSTR pszSSLCert = NULL;
VMW_DEPLOY_LOG_INFO(
"Setting up system as client to Infrastructure node at [%s]",
VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));
dwError = VmwDeployValidatePartnerCredentials(
pParams->pszServer,
pParams->pszPassword,
pParams->pszDomainName);
BAIL_ON_DEPLOY_ERROR(dwError);
for (; iSvc < sizeof(ppszServices)/sizeof(ppszServices[0]); iSvc++)
{
PCSTR pszService = ppszServices[iSvc];
VMW_DEPLOY_LOG_INFO("Starting service [%s]", pszService);
dwError = VmwDeployStartService(pszService);
BAIL_ON_DEPLOY_ERROR(dwError);
}
VMW_DEPLOY_LOG_INFO("Setting various configuration values");
dwError = VmAfdSetDomainNameA(pszHostname, pParams->pszDomainName);
BAIL_ON_DEPLOY_ERROR(dwError);
dwError = VmAfdSetDCNameA(pszHostname, pParams->pszServer);
BAIL_ON_DEPLOY_ERROR(dwError);
dwError = VmAfdSetPNID(pszHostname, pParams->pszHostname);
BAIL_ON_DEPLOY_ERROR(dwError);
dwError = VmAfdSetCAPathA(pszHostname, VMW_DEFAULT_CA_PATH);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO(
"Joining system to directory service at [%s]",
VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));
dwError = VmAfdJoinVmDirA(
pParams->pszServer,
pszUsername,
pParams->pszPassword,
pParams->pszHostname,
pParams->pszDomainName,
NULL /* Org Unit */);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO(
"Get root certificate from VMware Certificate Authority");
dwError = VmwDeployGetRootCACert(
pParams->pszServer,
pParams->pszDomainName,
pszUsername,
pParams->pszPassword,
&pszCACert);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO(
"Adding VMCA's root certificate to VMware endpoint certificate store");
dwError = VmwDeployAddTrustedRoot(pParams->pszServer, pszCACert);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO("Generating Machine SSL cert");
dwError = VmwDeployCreateMachineSSLCert(
pParams->pszServer,
pParams->pszDomainName,
pszUsername,
pParams->pszPassword,
pParams->pszHostname,
&pszPrivateKey,
&pszSSLCert);
BAIL_ON_DEPLOY_ERROR(dwError);
VMW_DEPLOY_LOG_INFO("Setting Machine SSL certificate");
dwError = VmAfdSetSSLCertificate(pszHostname, pszSSLCert, pszPrivateKey);
BAIL_ON_DEPLOY_ERROR(dwError);
cleanup:
if (pszPrivateKey)
{
VmwDeployFreeMemory(pszPrivateKey);
}
if (pszSSLCert)
{
VmwDeployFreeMemory(pszSSLCert);
}
if (pszCACert)
{
VmwDeployFreeMemory(pszCACert);
}
return dwError;
error:
goto cleanup;
}
