Esempio n. 1
0
static
DWORD
VmwDeploySetupServerCommon(
    PVMW_IC_SETUP_PARAMS pParams
    )
{
    DWORD dwError = 0;
    PSTR  pszHostname = "localhost";
    PSTR  pszLdapURI = NULL;
    PSTR  pszUsername = VMW_ADMIN_NAME;
    PSTR  pszCACert = NULL;
    PSTR  pszSSLCert = NULL;
    PSTR  pszPrivateKey = NULL;
    PSTR  pszVmdirCfgPath = NULL;

    VMW_DEPLOY_LOG_INFO("Setting various configuration values");

    VMW_DEPLOY_LOG_VERBOSE(
            "Setting Domain Name to [%s]",
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszDomainName));

    dwError = VmAfdSetDomainNameA(pszHostname, pParams->pszDomainName);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_VERBOSE(
            "Setting Domain Controller Name to [%s]",
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszHostname));

    dwError = VmAfdSetDCNameA(pszHostname, pParams->pszHostname);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_VERBOSE(
            "Setting PNID to [%s]",
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszHostname));

    dwError = VmAfdSetPNID(pszHostname, pParams->pszHostname);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_VERBOSE("Setting CA Path to [%s]", VMW_DEFAULT_CA_PATH);

    dwError = VmAfdSetCAPathA(pszHostname, VMW_DEFAULT_CA_PATH);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Promoting directory service to be domain controller");

    dwError = VmAfdPromoteVmDirA(
                    pszHostname,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword,
                    pParams->pszSite,
                    pParams->pszServer);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Setting up the logical deployment unit");

    dwError = VmwDeployAllocateStringPrintf(
                    &pszLdapURI,
                    "ldap://%s",
                    pszHostname);
    BAIL_ON_DEPLOY_ERROR(dwError);

    dwError = VmDirSetupLdu(
                    pszLdapURI,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword);
    BAIL_ON_DEPLOY_ERROR(dwError);

    if (!IsNullOrEmptyString(pParams->pszDNSForwarders))
    {
        VMW_DEPLOY_LOG_INFO("Setting up DNS Forwarders [%s]",
                            pParams->pszDNSForwarders);

        dwError = VmwDeploySetForwarders(
                        pParams->pszDomainName,
                        pszUsername,
                        pParams->pszPassword,
                        pParams->pszDNSForwarders);
        BAIL_ON_DEPLOY_ERROR(dwError);
    }

    VMW_DEPLOY_LOG_INFO("Setting up VMware Certificate Authority");

    dwError = VmwDeployMakeRootCACert(
                    pParams->pszHostname,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword,
                    &pszCACert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
         "Adding VMCA's root certificate to VMware endpoint certificate store");

    dwError = VmwDeployAddTrustedRoot(pParams->pszHostname, pszCACert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Generating Machine SSL cert");

    dwError = VmwDeployCreateMachineSSLCert(
                    pszHostname,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword,
                    pParams->pszHostname,
                    pParams->pszSubjectAltName ?
                        pParams->pszSubjectAltName : pParams->pszHostname,
                    &pszPrivateKey,
                    &pszSSLCert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Setting Machine SSL certificate");

    dwError = VmAfdSetSSLCertificate(pszHostname, pszSSLCert, pszPrivateKey);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
                    "Publishing Machine SSL certificate for directory service");

    dwError = VmwDeployGetVmDirConfigPath(&pszVmdirCfgPath);
    BAIL_ON_DEPLOY_ERROR(dwError);

    dwError = VmwDeployWriteToFile(
                    pszSSLCert,
                    pszVmdirCfgPath,
                    VMW_VMDIR_SSL_CERT_FILE);
    BAIL_ON_DEPLOY_ERROR(dwError);

    dwError = VmwDeployWriteToFile(
                    pszPrivateKey,
                    pszVmdirCfgPath,
                    VMW_VMDIR_PRIV_KEY_FILE);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Restarting service [%s]", VMW_DIR_SVC_NAME);

    dwError = VmwDeployRestartService(VMW_DIR_SVC_NAME);
    BAIL_ON_DEPLOY_ERROR(dwError);

cleanup:

    if (pszVmdirCfgPath)
    {
        VmwDeployFreeMemory(pszVmdirCfgPath);
    }
    if (pszLdapURI)
    {
        VmwDeployFreeMemory(pszLdapURI);
    }
    if (pszCACert)
    {
        VmwDeployFreeMemory(pszCACert);
    }
    if (pszPrivateKey)
    {
        VmwDeployFreeMemory(pszPrivateKey);
    }
    if (pszSSLCert)
    {
        VmwDeployFreeMemory(pszSSLCert);
    }

    return dwError;

error:

    goto cleanup;
}
Esempio n. 2
0
static
DWORD
VmwDeploySetupClientWithDC(
    PVMW_IC_SETUP_PARAMS pParams
    )
{
    DWORD dwError = 0;
    PCSTR ppszServices[]=
    {
        VMW_DCERPC_SVC_NAME,
        VMW_VMAFD_SVC_NAME
    };
    PCSTR pszHostname = "localhost";
    PCSTR pszUsername = VMW_ADMIN_NAME;
    int iSvc = 0;
    PSTR pszPrivateKey = NULL;
    PSTR pszCACert = NULL;
    PSTR pszSSLCert = NULL;

    VMW_DEPLOY_LOG_INFO(
            "Joining system to domain [%s] using controller at [%s]",
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszDomainName),
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));

    if (IsNullOrEmptyString(pParams->pszServer))
    {
        dwError = ERROR_INVALID_PARAMETER;
        BAIL_ON_DEPLOY_ERROR(dwError);
    }

    dwError = VmwDeployValidateHostname(pParams->pszHostname);
    BAIL_ON_DEPLOY_ERROR(dwError);

    if (pParams->pszMachineAccount)
    {
        dwError = VmwDeployValidateHostname(pParams->pszMachineAccount);
        BAIL_ON_DEPLOY_ERROR(dwError);
    }

    if (pParams->pszOrgUnit)
    {
        dwError = VmwDeployValidateOrgUnit(pParams->pszOrgUnit);
        BAIL_ON_DEPLOY_ERROR(dwError);
    }

    dwError = VmwDeployValidatePartnerCredentials(
                    pParams->pszServer,
                    pParams->pszPassword,
                    pParams->pszDomainName);
    BAIL_ON_DEPLOY_ERROR(dwError);

    if (pParams->bDisableAfdListener)
    {
        VMW_DEPLOY_LOG_INFO("Disabling AFD Listener");

        dwError = VmwDeployDisableAfdListener();
        BAIL_ON_DEPLOY_ERROR(dwError);

        VMW_DEPLOY_LOG_INFO("Stopping the VMAFD Service...");

        dwError = VmwDeployStopService(VMW_VMAFD_SVC_NAME);
        BAIL_ON_DEPLOY_ERROR(dwError);
    }

    for (; iSvc < sizeof(ppszServices)/sizeof(ppszServices[0]); iSvc++)
    {
        PCSTR pszService = ppszServices[iSvc];

        VMW_DEPLOY_LOG_INFO("Starting service [%s]", pszService);

        dwError = VmwDeployStartService(pszService);
        BAIL_ON_DEPLOY_ERROR(dwError);
    }

    VMW_DEPLOY_LOG_INFO("Setting various configuration values");

    dwError = VmAfdSetPNID(pszHostname, pParams->pszHostname);
    BAIL_ON_DEPLOY_ERROR(dwError);

    dwError = VmAfdSetCAPathA(pszHostname, VMW_DEFAULT_CA_PATH);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
            "Joining system to directory service at [%s]",
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));

    pszUsername = (pParams->bUseMachineAccount && pParams->pszMachineAccount)
                            ? pParams->pszMachineAccount : VMW_ADMIN_NAME;

    dwError = VmAfdJoinVmDirA(
                    pParams->pszServer,
                    pszUsername,
                    pParams->pszPassword,
                    pParams->pszMachineAccount ?
                            pParams->pszMachineAccount : pParams->pszHostname,
                    pParams->pszDomainName,
                    pParams->pszOrgUnit);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
                    "Get root certificate from VMware Certificate Authority");

    dwError = VmwDeployGetRootCACert(
                    pParams->pszServer,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword,
                    &pszCACert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
         "Adding VMCA's root certificate to VMware endpoint certificate store");

    dwError = VmwDeployAddTrustedRoot(pParams->pszServer, pszCACert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Generating Machine SSL cert");

    dwError = VmwDeployCreateMachineSSLCert(
                    pParams->pszServer,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword,
                    pParams->pszHostname,
                    pParams->pszSubjectAltName ?
                        pParams->pszSubjectAltName : pParams->pszHostname,
                    &pszPrivateKey,
                    &pszSSLCert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Setting Machine SSL certificate");

    dwError = VmAfdSetSSLCertificate(pszHostname, pszSSLCert, pszPrivateKey);
    BAIL_ON_DEPLOY_ERROR(dwError);

cleanup:

    if (pszPrivateKey)
    {
        VmwDeployFreeMemory(pszPrivateKey);
    }
    if (pszSSLCert)
    {
        VmwDeployFreeMemory(pszSSLCert);
    }
    if (pszCACert)
    {
        VmwDeployFreeMemory(pszCACert);
    }

    return dwError;

error:

    goto cleanup;
}
Esempio n. 3
0
static
DWORD
VmwDeploySetupClient(
    PVMW_IC_SETUP_PARAMS pParams
    )
{
    DWORD dwError = 0;
    PCSTR ppszServices[]=
    {
        VMW_DCERPC_SVC_NAME,
        VMW_VMAFD_SVC_NAME
    };
    PCSTR pszHostname = "localhost";
    PCSTR pszUsername = VMW_ADMIN_NAME;
    int iSvc = 0;
    PSTR pszPrivateKey = NULL;
    PSTR pszCACert = NULL;
    PSTR pszSSLCert = NULL;

    VMW_DEPLOY_LOG_INFO(
            "Setting up system as client to Infrastructure node at [%s]",
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));

    dwError = VmwDeployValidatePartnerCredentials(
                    pParams->pszServer,
                    pParams->pszPassword,
                    pParams->pszDomainName);
    BAIL_ON_DEPLOY_ERROR(dwError);

    for (; iSvc < sizeof(ppszServices)/sizeof(ppszServices[0]); iSvc++)
    {
        PCSTR pszService = ppszServices[iSvc];

        VMW_DEPLOY_LOG_INFO("Starting service [%s]", pszService);

        dwError = VmwDeployStartService(pszService);
        BAIL_ON_DEPLOY_ERROR(dwError);
    }

    VMW_DEPLOY_LOG_INFO("Setting various configuration values");

    dwError = VmAfdSetDomainNameA(pszHostname, pParams->pszDomainName);
    BAIL_ON_DEPLOY_ERROR(dwError);

    dwError = VmAfdSetDCNameA(pszHostname, pParams->pszServer);
    BAIL_ON_DEPLOY_ERROR(dwError);

    dwError = VmAfdSetPNID(pszHostname, pParams->pszHostname);
    BAIL_ON_DEPLOY_ERROR(dwError);

    dwError = VmAfdSetCAPathA(pszHostname, VMW_DEFAULT_CA_PATH);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
            "Joining system to directory service at [%s]",
            VMW_DEPLOY_SAFE_LOG_STRING(pParams->pszServer));

    dwError = VmAfdJoinVmDirA(
                    pParams->pszServer,
                    pszUsername,
                    pParams->pszPassword,
                    pParams->pszHostname,
                    pParams->pszDomainName,
                    NULL /* Org Unit */);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
                    "Get root certificate from VMware Certificate Authority");

    dwError = VmwDeployGetRootCACert(
                    pParams->pszServer,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword,
                    &pszCACert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO(
         "Adding VMCA's root certificate to VMware endpoint certificate store");

    dwError = VmwDeployAddTrustedRoot(pParams->pszServer, pszCACert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Generating Machine SSL cert");

    dwError = VmwDeployCreateMachineSSLCert(
                    pParams->pszServer,
                    pParams->pszDomainName,
                    pszUsername,
                    pParams->pszPassword,
                    pParams->pszHostname,
                    &pszPrivateKey,
                    &pszSSLCert);
    BAIL_ON_DEPLOY_ERROR(dwError);

    VMW_DEPLOY_LOG_INFO("Setting Machine SSL certificate");

    dwError = VmAfdSetSSLCertificate(pszHostname, pszSSLCert, pszPrivateKey);
    BAIL_ON_DEPLOY_ERROR(dwError);

cleanup:

    if (pszPrivateKey)
    {
        VmwDeployFreeMemory(pszPrivateKey);
    }
    if (pszSSLCert)
    {
        VmwDeployFreeMemory(pszSSLCert);
    }
    if (pszCACert)
    {
        VmwDeployFreeMemory(pszCACert);
    }

    return dwError;

error:

    goto cleanup;
}