static NTSTATUS cmd_netlogon_sam_sync(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 database_id = 0, num_deltas;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
if (argc > 2) {
fprintf(stderr, "Usage: %s [database_id]\n", argv[0]);
return NT_STATUS_OK;
}
if (argc == 2)
database_id = atoi(argv[1]);
/* Synchronise sam database */
result = rpccli_netlogon_sam_sync(cli, mem_ctx, database_id,
0, &num_deltas, &hdr_deltas, &deltas);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
display_sam_sync(num_deltas, hdr_deltas, deltas);
done:
return result;
}
static NTSTATUS cmd_netlogon_sam_deltas(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 database_id, num_deltas, tmp;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
uint64 seqnum;
if (argc != 3) {
fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]);
return NT_STATUS_OK;
}
database_id = atoi(argv[1]);
tmp = atoi(argv[2]);
seqnum = tmp & 0xffff;
result = rpccli_netlogon_sam_deltas(cli, mem_ctx, database_id,
seqnum, &num_deltas,
&hdr_deltas, &deltas);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
display_sam_sync(num_deltas, hdr_deltas, deltas);
done:
return result;
}
static NTSTATUS cmd_netlogon_sam_deltas(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
unsigned char trust_passwd[16];
uint32 database_id, num_deltas, tmp;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
UINT64_S seqnum;
if (argc != 3) {
fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]);
return NT_STATUS_OK;
}
database_id = atoi(argv[1]);
tmp = atoi(argv[2]);
seqnum.low = tmp & 0xffff;
seqnum.high = 0;
if (!secrets_init()) {
fprintf(stderr, "Unable to initialise secrets database\n");
goto done;
}
/* Initialise session credentials */
if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd,
NULL)) {
fprintf(stderr, "could not fetch trust account password\n");
goto done;
}
result = cli_nt_setup_creds(cli, trust_passwd);
if (!NT_STATUS_IS_OK(result)) {
fprintf(stderr, "Error initialising session creds\n");
goto done;
}
/* Synchronise sam database */
result = cli_netlogon_sam_deltas(cli, mem_ctx, database_id,
seqnum, &num_deltas,
&hdr_deltas, &deltas);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
display_sam_sync(num_deltas, hdr_deltas, deltas);
done:
return result;
}
static NTSTATUS cmd_netlogon_sam_sync(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
unsigned char trust_passwd[16];
uint32 database_id = 0, num_deltas;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
DOM_CRED ret_creds;
if (argc > 2) {
fprintf(stderr, "Usage: %s [database_id]\n", argv[0]);
return NT_STATUS_OK;
}
if (argc == 2)
database_id = atoi(argv[1]);
if (!secrets_init()) {
fprintf(stderr, "Unable to initialise secrets database\n");
return result;
}
/* Initialise session credentials */
if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd,
NULL)) {
fprintf(stderr, "could not fetch trust account password\n");
goto done;
}
result = cli_nt_setup_creds(cli, trust_passwd);
if (!NT_STATUS_IS_OK(result)) {
fprintf(stderr, "Error initialising session creds\n");
goto done;
}
/* on first call the returnAuthenticator is empty */
memset(&ret_creds, 0, sizeof(ret_creds));
/* Synchronise sam database */
result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, database_id,
&num_deltas, &hdr_deltas, &deltas);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
display_sam_sync(num_deltas, hdr_deltas, deltas);
done:
return result;
}
static NTSTATUS cmd_netlogon_sam_sync(struct cli_state *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
uint32 database_id = 0, num_deltas;
SAM_DELTA_HDR *hdr_deltas;
SAM_DELTA_CTR *deltas;
DOM_CRED ret_creds;
if (argc > 2) {
fprintf(stderr, "Usage: %s [database_id]\n", argv[0]);
return NT_STATUS_OK;
}
if (argc == 2)
database_id = atoi(argv[1]);
/* on first call the returnAuthenticator is empty */
memset(&ret_creds, 0, sizeof(ret_creds));
/* Synchronise sam database */
result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, database_id,
0, &num_deltas, &hdr_deltas, &deltas);
if (!NT_STATUS_IS_OK(result))
goto done;
/* Display results */
display_sam_sync(num_deltas, hdr_deltas, deltas);
done:
return result;
}
static NTSTATUS cmd_netlogon_sam_deltas(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
NTSTATUS status;
uint32_t tmp;
const char *logon_server = cli->desthost;
const char *computername = lp_netbios_name();
struct netr_Authenticator credential;
struct netr_Authenticator return_authenticator;
enum netr_SamDatabaseID database_id = SAM_DATABASE_DOMAIN;
uint64_t sequence_num;
struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc != 3) {
fprintf(stderr, "Usage: %s database_id seqnum\n", argv[0]);
return NT_STATUS_OK;
}
database_id = atoi(argv[1]);
tmp = atoi(argv[2]);
sequence_num = tmp & 0xffff;
do {
struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
struct netlogon_creds_CredentialState *creds = NULL;
if (rpcclient_netlogon_creds == NULL) {
return NT_STATUS_UNSUCCESSFUL;
}
status = netlogon_creds_cli_lock(rpcclient_netlogon_creds,
mem_ctx, &creds);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
netlogon_creds_client_authenticator(creds, &credential);
status = dcerpc_netr_DatabaseDeltas(b, mem_ctx,
logon_server,
computername,
&credential,
&return_authenticator,
database_id,
&sequence_num,
&delta_enum_array,
0xffff,
&result);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(creds);
return status;
}
/* Check returned credentials. */
if (!netlogon_creds_client_check(creds,
&return_authenticator.cred)) {
DEBUG(0,("credentials chain check failed\n"));
TALLOC_FREE(creds);
return NT_STATUS_ACCESS_DENIED;
}
TALLOC_FREE(creds);
if (NT_STATUS_IS_ERR(result)) {
break;
}
/* Display results */
display_sam_sync(delta_enum_array);
TALLOC_FREE(delta_enum_array);
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
return result;
}
static NTSTATUS cmd_netlogon_sam_sync(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, int argc,
const char **argv)
{
NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
NTSTATUS status;
const char *logon_server = cli->desthost;
const char *computername = lp_netbios_name();
struct netr_Authenticator credential;
struct netr_Authenticator return_authenticator;
enum netr_SamDatabaseID database_id = SAM_DATABASE_DOMAIN;
uint16_t restart_state = 0;
uint32_t sync_context = 0;
struct dcerpc_binding_handle *b = cli->binding_handle;
if (argc > 2) {
fprintf(stderr, "Usage: %s [database_id]\n", argv[0]);
return NT_STATUS_OK;
}
if (argc == 2) {
database_id = atoi(argv[1]);
}
/* Synchronise sam database */
do {
struct netr_DELTA_ENUM_ARRAY *delta_enum_array = NULL;
netlogon_creds_client_authenticator(cli->dc, &credential);
status = dcerpc_netr_DatabaseSync2(b, mem_ctx,
logon_server,
computername,
&credential,
&return_authenticator,
database_id,
restart_state,
&sync_context,
&delta_enum_array,
0xffff,
&result);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
/* Check returned credentials. */
if (!netlogon_creds_client_check(cli->dc,
&return_authenticator.cred)) {
DEBUG(0,("credentials chain check failed\n"));
return NT_STATUS_ACCESS_DENIED;
}
if (NT_STATUS_IS_ERR(result)) {
break;
}
/* Display results */
display_sam_sync(delta_enum_array);
TALLOC_FREE(delta_enum_array);
} while (NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES));
return result;
}
