WERROR NetJoinDomain_r(struct libnetapi_ctx *ctx, struct NetJoinDomain *r) { struct rpc_pipe_client *pipe_cli = NULL; struct wkssvc_PasswordBuffer *encrypted_password = NULL; NTSTATUS status; WERROR werr; unsigned int old_timeout = 0; struct dcerpc_binding_handle *b; DATA_BLOB session_key; if (IS_DC) { return WERR_NERR_SETUPDOMAINCONTROLLER; } werr = libnetapi_open_pipe(ctx, r->in.server, &ndr_table_wkssvc, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } b = pipe_cli->binding_handle; if (r->in.password) { status = cli_get_session_key(talloc_tos(), pipe_cli, &session_key); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } encode_wkssvc_join_password_buffer(ctx, r->in.password, &session_key, &encrypted_password); } old_timeout = rpccli_set_timeout(pipe_cli, 600000); status = dcerpc_wkssvc_NetrJoinDomain2(b, talloc_tos(), r->in.server, r->in.domain, r->in.account_ou, r->in.account, encrypted_password, r->in.join_flags, &werr); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } done: if (pipe_cli && old_timeout) { rpccli_set_timeout(pipe_cli, old_timeout); } return werr; }
WERROR NetJoinDomain_r(struct libnetapi_ctx *ctx, struct NetJoinDomain *r) { struct cli_state *cli = NULL; struct rpc_pipe_client *pipe_cli = NULL; struct wkssvc_PasswordBuffer *encrypted_password = NULL; NTSTATUS status; WERROR werr; unsigned int old_timeout = 0; werr = libnetapi_open_pipe(ctx, r->in.server, &ndr_table_wkssvc.syntax_id, &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } if (r->in.password) { encode_wkssvc_join_password_buffer(ctx, r->in.password, &cli->user_session_key, &encrypted_password); } old_timeout = cli_set_timeout(cli, 600000); status = rpccli_wkssvc_NetrJoinDomain2(pipe_cli, ctx, r->in.server, r->in.domain, r->in.account_ou, r->in.account, encrypted_password, r->in.join_flags, &werr); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } done: if (cli) { if (old_timeout) { cli_set_timeout(cli, old_timeout); } } return werr; }
WERROR NetGetJoinableOUs_r(struct libnetapi_ctx *ctx, struct NetGetJoinableOUs *r) { struct rpc_pipe_client *pipe_cli = NULL; struct wkssvc_PasswordBuffer *encrypted_password = NULL; NTSTATUS status; WERROR werr; struct dcerpc_binding_handle *b; DATA_BLOB session_key; werr = libnetapi_open_pipe(ctx, r->in.server_name, &ndr_table_wkssvc, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } b = pipe_cli->binding_handle; if (r->in.password) { status = cli_get_session_key(talloc_tos(), pipe_cli, &session_key); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } encode_wkssvc_join_password_buffer(ctx, r->in.password, &session_key, &encrypted_password); } status = dcerpc_wkssvc_NetrGetJoinableOus2(b, talloc_tos(), r->in.server_name, r->in.domain, r->in.account, encrypted_password, r->out.ou_count, r->out.ous, &werr); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } done: return werr; }
WERROR NetGetJoinableOUs_r(struct libnetapi_ctx *ctx, struct NetGetJoinableOUs *r) { struct cli_state *cli = NULL; struct rpc_pipe_client *pipe_cli = NULL; struct wkssvc_PasswordBuffer *encrypted_password = NULL; NTSTATUS status; WERROR werr; werr = libnetapi_open_pipe(ctx, r->in.server_name, &ndr_table_wkssvc.syntax_id, &cli, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } if (r->in.password) { encode_wkssvc_join_password_buffer(ctx, r->in.password, &cli->user_session_key, &encrypted_password); } status = rpccli_wkssvc_NetrGetJoinableOus2(pipe_cli, ctx, r->in.server_name, r->in.domain, r->in.account, encrypted_password, r->out.ou_count, r->out.ous, &werr); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } done: return werr; }
WERROR NetRenameMachineInDomain_r(struct libnetapi_ctx *ctx, struct NetRenameMachineInDomain *r) { struct rpc_pipe_client *pipe_cli = NULL; struct wkssvc_PasswordBuffer *encrypted_password = NULL; NTSTATUS status; WERROR werr; werr = libnetapi_open_pipe(ctx, r->in.server_name, &ndr_table_wkssvc.syntax_id, &pipe_cli); if (!W_ERROR_IS_OK(werr)) { goto done; } if (r->in.password) { encode_wkssvc_join_password_buffer(ctx, r->in.password, &pipe_cli->auth->user_session_key, &encrypted_password); } status = rpccli_wkssvc_NetrRenameMachineInDomain2(pipe_cli, talloc_tos(), r->in.server_name, r->in.new_machine_name, r->in.account, encrypted_password, r->in.rename_options, &werr); if (!NT_STATUS_IS_OK(status)) { werr = ntstatus_to_werror(status); goto done; } done: return werr; }
static bool test_NetrUnjoinDomain2(struct torture_context *tctx, struct dcerpc_pipe *p) { NTSTATUS status; struct wkssvc_NetrUnjoinDomain2 r; const char *domain_admin_account = NULL; const char *domain_admin_password = NULL; struct wkssvc_PasswordBuffer *pwd_buf; enum wkssvc_NetJoinStatus join_status; const char *join_name = NULL; WERROR expected_err; DATA_BLOB session_key; struct dcerpc_binding_handle *b = p->binding_handle; /* FIXME: this test assumes to join workstations / servers and does not * handle DCs (WERR_SETUP_DOMAIN_CONTROLLER) */ if (!test_GetJoinInformation(tctx, p, &join_status, &join_name)) { return false; } switch (join_status) { case NET_SETUP_UNJOINED: expected_err = WERR_SETUP_NOT_JOINED; break; case NET_SETUP_DOMAIN_NAME: case NET_SETUP_UNKNOWN_STATUS: case NET_SETUP_WORKGROUP_NAME: default: expected_err = WERR_OK; break; } domain_admin_account = torture_setting_string(tctx, "domain_admin_account", NULL); domain_admin_password = torture_setting_string(tctx, "domain_admin_password", NULL); if ((domain_admin_account == NULL) || (domain_admin_password == NULL)) { torture_comment(tctx, "not enough input parameter\n"); return false; } status = dcerpc_fetch_session_key(p, &session_key); if (!NT_STATUS_IS_OK(status)) { return false; } encode_wkssvc_join_password_buffer(tctx, domain_admin_password, &session_key, &pwd_buf); r.in.server_name = dcerpc_server_name(p); r.in.account = domain_admin_account; r.in.encrypted_password = pwd_buf; r.in.unjoin_flags = 0; torture_comment(tctx, "Testing NetrUnjoinDomain2 (assuming non-DC)\n"); status = dcerpc_wkssvc_NetrUnjoinDomain2_r(b, tctx, &r); torture_assert_ntstatus_ok(tctx, status, "NetrUnjoinDomain2 failed"); torture_assert_werr_equal(tctx, r.out.result, expected_err, "NetrUnjoinDomain2 failed"); if (!test_GetJoinInformation(tctx, p, &join_status, &join_name)) { return false; } switch (join_status) { case NET_SETUP_UNJOINED: case NET_SETUP_WORKGROUP_NAME: break; case NET_SETUP_UNKNOWN_STATUS: case NET_SETUP_DOMAIN_NAME: default: torture_comment(tctx, "Unjoin verify failed: got %d\n", join_status); return false; } return true; }