static NTSTATUS cmd_netlogon_database_redo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { NTSTATUS status = NT_STATUS_UNSUCCESSFUL; NTSTATUS result; const char *server_name = cli->desthost; struct netr_Authenticator clnt_creds, srv_cred; struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; struct netr_ChangeLogEntry e; uint32_t rid = 500; struct dcerpc_binding_handle *b = cli->binding_handle; struct netlogon_creds_CredentialState *creds = NULL; if (argc > 2) { fprintf(stderr, "Usage: %s <user rid>\n", argv[0]); return NT_STATUS_OK; } if (argc == 2) { sscanf(argv[1], "%d", &rid); } if (rpcclient_netlogon_creds == NULL) { return NT_STATUS_UNSUCCESSFUL; } status = netlogon_creds_cli_lock(rpcclient_netlogon_creds, mem_ctx, &creds); if (!NT_STATUS_IS_OK(status)) { return status; } netlogon_creds_client_authenticator(creds, &clnt_creds); ZERO_STRUCT(e); e.object_rid = rid; e.db_index = SAM_DATABASE_DOMAIN; e.delta_type = NETR_DELTA_USER; status = dcerpc_netr_DatabaseRedo(b, mem_ctx, server_name, lp_netbios_name(), &clnt_creds, &srv_cred, e, 0, /* is calculated automatically */ &delta_enum_array, &result); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(creds); return status; } if (!netlogon_creds_client_check(creds, &srv_cred.cred)) { DEBUG(0,("credentials chain check failed\n")); TALLOC_FREE(creds); return NT_STATUS_ACCESS_DENIED; } TALLOC_FREE(creds); return result; }
static NTSTATUS cmd_netlogon_database_redo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, int argc, const char **argv) { NTSTATUS status = NT_STATUS_UNSUCCESSFUL; NTSTATUS result; const char *server_name = cli->desthost; uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; struct netr_Authenticator clnt_creds, srv_cred; struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL; unsigned char trust_passwd_hash[16]; enum netr_SchannelType sec_channel_type = 0; struct netr_ChangeLogEntry e; uint32_t rid = 500; struct dcerpc_binding_handle *b = cli->binding_handle; if (argc > 2) { fprintf(stderr, "Usage: %s <user rid>\n", argv[0]); return NT_STATUS_OK; } if (argc == 2) { sscanf(argv[1], "%d", &rid); } if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, NULL, &sec_channel_type)) { return NT_STATUS_UNSUCCESSFUL; } status = rpccli_netlogon_setup_creds(cli, server_name, /* server name */ lp_workgroup(), /* domain */ lp_netbios_name(), /* client name */ lp_netbios_name(), /* machine account name */ trust_passwd_hash, sec_channel_type, &neg_flags); if (!NT_STATUS_IS_OK(status)) { return status; } netlogon_creds_client_authenticator(cli->dc, &clnt_creds); ZERO_STRUCT(e); e.object_rid = rid; e.db_index = SAM_DATABASE_DOMAIN; e.delta_type = NETR_DELTA_USER; status = dcerpc_netr_DatabaseRedo(b, mem_ctx, server_name, lp_netbios_name(), &clnt_creds, &srv_cred, e, 0, /* is calculated automatically */ &delta_enum_array, &result); if (!NT_STATUS_IS_OK(status)) { return status; } if (!netlogon_creds_client_check(cli->dc, &srv_cred.cred)) { DEBUG(0,("credentials chain check failed\n")); return NT_STATUS_ACCESS_DENIED; } return result; }