static WERROR NetServerSetInfo_l_1005(struct libnetapi_ctx *ctx, struct NetServerSetInfo *r) { WERROR werr = WERR_OK; sbcErr err; struct smbconf_ctx *conf_ctx; struct srvsvc_NetSrvInfo1005 *info1005; if (!r->in.buffer) { *r->out.parm_error = 1005; /* sure here ? */ return WERR_INVALID_PARAM; } info1005 = (struct srvsvc_NetSrvInfo1005 *)r->in.buffer; if (!info1005->comment) { *r->out.parm_error = 1005; return WERR_INVALID_PARAM; } #ifdef REGISTRY_BACKEND if (!lp_config_backend_is_registry()) #endif { libnetapi_set_error_string(ctx, "Configuration manipulation requested but not " "supported by backend"); return WERR_NOT_SUPPORTED; } err = smbconf_init_reg(ctx, &conf_ctx, NULL); if (!SBC_ERROR_IS_OK(err)) { libnetapi_set_error_string(ctx, "Could not initialize backend: %s", sbcErrorString(err)); werr = WERR_NO_SUCH_SERVICE; goto done; } err = smbconf_set_global_parameter(conf_ctx, "server string", info1005->comment); if (!SBC_ERROR_IS_OK(err)) { libnetapi_set_error_string(ctx, "Could not set global parameter: %s", sbcErrorString(err)); werr = WERR_NO_SUCH_SERVICE; goto done; } done: smbconf_shutdown(conf_ctx); return werr; }
WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, const char *server_name, const struct ndr_syntax_id *interface, struct rpc_pipe_client **presult) { struct rpc_pipe_client *result = NULL; NTSTATUS status; WERROR werr; struct client_ipc_connection *ipc = NULL; if (!presult) { return WERR_INVALID_PARAM; } werr = libnetapi_open_ipc_connection(ctx, server_name, &ipc); if (!W_ERROR_IS_OK(werr)) { return werr; } status = pipe_cm_open(ctx, ipc, interface, &result); if (!NT_STATUS_IS_OK(status)) { libnetapi_set_error_string(ctx, "failed to open PIPE %s: %s", get_pipe_name_from_syntax(talloc_tos(), interface), get_friendly_nt_error_msg(status)); return WERR_DEST_NOT_FOUND; } *presult = result; return WERR_OK; }
WERROR libnetapi_open_pipe(struct libnetapi_ctx *ctx, const char *server_name, const struct ndr_interface_table *table, struct rpc_pipe_client **presult) { struct rpc_pipe_client *result = NULL; NTSTATUS status; WERROR werr; struct client_ipc_connection *ipc = NULL; if (!presult) { return WERR_INVALID_PARAMETER; } werr = libnetapi_open_ipc_connection(ctx, server_name, &ipc); if (!W_ERROR_IS_OK(werr)) { return werr; } status = pipe_cm_open(ctx, ipc, table, &result); if (!NT_STATUS_IS_OK(status)) { libnetapi_set_error_string(ctx, "failed to open PIPE %s: %s", table->name, get_friendly_nt_error_msg(status)); return WERR_NERR_DESTNOTFOUND; } *presult = result; return WERR_OK; }
static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx, const char *server_name, struct cli_state **cli) { struct user_auth_info *auth_info = NULL; struct cli_state *cli_ipc = NULL; if (!ctx || !cli || !server_name) { return WERR_INVALID_PARAM; } auth_info = user_auth_info_init(NULL); if (!auth_info) { return WERR_NOMEM; } auth_info->signing_state = Undefined; set_cmdline_auth_info_use_kerberos(auth_info, ctx->use_kerberos); set_cmdline_auth_info_username(auth_info, ctx->username); if (ctx->password) { set_cmdline_auth_info_password(auth_info, ctx->password); } else { set_cmdline_auth_info_getpass(auth_info); } if (ctx->username && ctx->username[0] && ctx->password && ctx->password[0] && ctx->use_kerberos) { set_cmdline_auth_info_fallback_after_kerberos(auth_info, true); } cli_ipc = cli_cm_open(ctx, NULL, server_name, "IPC$", auth_info, false, false, PROTOCOL_NT1, 0, 0x20); if (cli_ipc) { cli_set_username(cli_ipc, ctx->username); cli_set_password(cli_ipc, ctx->password); cli_set_domain(cli_ipc, ctx->workgroup); } TALLOC_FREE(auth_info); if (!cli_ipc) { libnetapi_set_error_string(ctx, "Failed to connect to IPC$ share on %s", server_name); return WERR_CAN_NOT_COMPLETE; } *cli = cli_ipc; return WERR_OK; }
WERROR DsGetDcName_l(struct libnetapi_ctx *ctx, struct DsGetDcName *r) { NTSTATUS status; status = dsgetdcname(ctx, NULL, r->in.domain_name, r->in.domain_guid, r->in.site_name, r->in.flags, (struct netr_DsRGetDCNameInfo **)r->out.dc_info); if (!NT_STATUS_IS_OK(status)) { libnetapi_set_error_string(ctx, "failed to find DC: %s", get_friendly_nt_error_msg(status)); } return ntstatus_to_werror(status); }
static WERROR NetServerSetInfo_l_1005(struct libnetapi_ctx *ctx, struct NetServerSetInfo *r) { WERROR werr; struct smbconf_ctx *conf_ctx; struct srvsvc_NetSrvInfo1005 *info1005; if (!r->in.buffer) { *r->out.parm_error = 1005; /* sure here ? */ return WERR_INVALID_PARAM; } info1005 = (struct srvsvc_NetSrvInfo1005 *)r->in.buffer; if (!info1005->comment) { *r->out.parm_error = 1005; return WERR_INVALID_PARAM; } if (!lp_config_backend_is_registry()) { libnetapi_set_error_string(ctx, "Configuration manipulation requested but not " "supported by backend"); return WERR_NOT_SUPPORTED; } werr = smbconf_init_reg(ctx, &conf_ctx, NULL); if (!W_ERROR_IS_OK(werr)) { goto done; } werr = smbconf_set_global_parameter(conf_ctx, "server string", info1005->comment); done: smbconf_shutdown(conf_ctx); return werr; }
WERROR DsGetDcName_l(struct libnetapi_ctx *ctx, struct DsGetDcName *r) { NTSTATUS status; struct libnetapi_private_ctx *priv; priv = talloc_get_type_abort(ctx->private_data, struct libnetapi_private_ctx); status = dsgetdcname(ctx, priv->msg_ctx, r->in.domain_name, r->in.domain_guid, r->in.site_name, r->in.flags, (struct netr_DsRGetDCNameInfo **)r->out.dc_info); if (!NT_STATUS_IS_OK(status)) { libnetapi_set_error_string(ctx, "failed to find DC: %s", get_friendly_nt_error_msg(status)); } return ntstatus_to_werror(status); }
static WERROR libnetapi_open_ipc_connection(struct libnetapi_ctx *ctx, const char *server_name, struct client_ipc_connection **pp) { struct libnetapi_private_ctx *priv_ctx; struct user_auth_info *auth_info = NULL; struct cli_state *cli_ipc = NULL; struct client_ipc_connection *p; NTSTATUS status; if (!ctx || !pp || !server_name) { return WERR_INVALID_PARAM; } priv_ctx = (struct libnetapi_private_ctx *)ctx->private_data; p = ipc_cm_find(priv_ctx, server_name); if (p) { *pp = p; return WERR_OK; } auth_info = user_auth_info_init(ctx); if (!auth_info) { return WERR_NOMEM; } auth_info->signing_state = SMB_SIGNING_DEFAULT; set_cmdline_auth_info_use_kerberos(auth_info, ctx->use_kerberos); set_cmdline_auth_info_username(auth_info, ctx->username); if (ctx->password) { set_cmdline_auth_info_password(auth_info, ctx->password); } else { set_cmdline_auth_info_getpass(auth_info); } if (ctx->username && ctx->username[0] && ctx->password && ctx->password[0] && ctx->use_kerberos) { set_cmdline_auth_info_fallback_after_kerberos(auth_info, true); } if (ctx->use_ccache) { set_cmdline_auth_info_use_ccache(auth_info, true); } status = cli_cm_open(ctx, NULL, server_name, "IPC$", auth_info, false, false, PROTOCOL_NT1, 0, 0x20, &cli_ipc); if (NT_STATUS_IS_OK(status)) { cli_set_username(cli_ipc, ctx->username); cli_set_password(cli_ipc, ctx->password); cli_set_domain(cli_ipc, ctx->workgroup); } else { cli_ipc = NULL; } TALLOC_FREE(auth_info); if (!cli_ipc) { libnetapi_set_error_string(ctx, "Failed to connect to IPC$ share on %s", server_name); return WERR_CAN_NOT_COMPLETE; } p = talloc_zero(ctx, struct client_ipc_connection); if (p == NULL) { return WERR_NOMEM; } p->cli = cli_ipc; DLIST_ADD(priv_ctx->ipc_connections, p); *pp = p; return WERR_OK; }
WERROR NetGetJoinableOUs_l(struct libnetapi_ctx *ctx, struct NetGetJoinableOUs *r) { #ifdef WITH_ADS NTSTATUS status; ADS_STATUS ads_status; ADS_STRUCT *ads = NULL; struct netr_DsRGetDCNameInfo *info = NULL; const char *dc = NULL; uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED | DS_RETURN_DNS_NAME; status = dsgetdcname(ctx, NULL, r->in.domain, NULL, NULL, flags, &info); if (!NT_STATUS_IS_OK(status)) { libnetapi_set_error_string(ctx, "%s", get_friendly_nt_error_msg(status)); return ntstatus_to_werror(status); } dc = strip_hostname(info->dc_unc); ads = ads_init(info->domain_name, info->domain_name, dc); if (!ads) { return WERR_GENERAL_FAILURE; } SAFE_FREE(ads->auth.user_name); if (r->in.account) { ads->auth.user_name = SMB_STRDUP(r->in.account); } else if (ctx->username) { ads->auth.user_name = SMB_STRDUP(ctx->username); } SAFE_FREE(ads->auth.password); if (r->in.password) { ads->auth.password = SMB_STRDUP(r->in.password); } else if (ctx->password) { ads->auth.password = SMB_STRDUP(ctx->password); } ads_status = ads_connect_user_creds(ads); if (!ADS_ERR_OK(ads_status)) { ads_destroy(&ads); return WERR_DEFAULT_JOIN_REQUIRED; } ads_status = ads_get_joinable_ous(ads, ctx, (char ***)r->out.ous, (size_t *)r->out.ou_count); if (!ADS_ERR_OK(ads_status)) { ads_destroy(&ads); return WERR_DEFAULT_JOIN_REQUIRED; } ads_destroy(&ads); return WERR_OK; #else return WERR_NOT_SUPPORTED; #endif }
WERROR NetJoinDomain_l(struct libnetapi_ctx *mem_ctx, struct NetJoinDomain *r) { struct libnet_JoinCtx *j = NULL; WERROR werr; if (!r->in.domain) { return WERR_INVALID_PARAM; } werr = libnet_init_JoinCtx(mem_ctx, &j); W_ERROR_NOT_OK_RETURN(werr); j->in.domain_name = talloc_strdup(mem_ctx, r->in.domain); W_ERROR_HAVE_NO_MEMORY(j->in.domain_name); if (r->in.join_flags & WKSSVC_JOIN_FLAGS_JOIN_TYPE) { NTSTATUS status; struct netr_DsRGetDCNameInfo *info = NULL; const char *dc = NULL; uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED | DS_WRITABLE_REQUIRED | DS_RETURN_DNS_NAME; status = dsgetdcname(mem_ctx, NULL, r->in.domain, NULL, NULL, flags, &info); if (!NT_STATUS_IS_OK(status)) { libnetapi_set_error_string(mem_ctx, "%s", get_friendly_nt_error_msg(status)); return ntstatus_to_werror(status); } dc = strip_hostname(info->dc_unc); j->in.dc_name = talloc_strdup(mem_ctx, dc); W_ERROR_HAVE_NO_MEMORY(j->in.dc_name); } if (r->in.account_ou) { j->in.account_ou = talloc_strdup(mem_ctx, r->in.account_ou); W_ERROR_HAVE_NO_MEMORY(j->in.account_ou); } if (r->in.account) { j->in.admin_account = talloc_strdup(mem_ctx, r->in.account); W_ERROR_HAVE_NO_MEMORY(j->in.admin_account); } if (r->in.password) { j->in.admin_password = talloc_strdup(mem_ctx, r->in.password); W_ERROR_HAVE_NO_MEMORY(j->in.admin_password); } j->in.join_flags = r->in.join_flags; j->in.modify_config = true; j->in.debug = true; werr = libnet_Join(mem_ctx, j); if (!W_ERROR_IS_OK(werr) && j->out.error_string) { libnetapi_set_error_string(mem_ctx, "%s", j->out.error_string); } TALLOC_FREE(j); return werr; }
WERROR NetUnjoinDomain_l(struct libnetapi_ctx *mem_ctx, struct NetUnjoinDomain *r) { struct libnet_UnjoinCtx *u = NULL; struct dom_sid domain_sid; const char *domain = NULL; WERROR werr; if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { return WERR_SETUP_NOT_JOINED; } werr = libnet_init_UnjoinCtx(mem_ctx, &u); W_ERROR_NOT_OK_RETURN(werr); if (lp_realm()) { domain = lp_realm(); } else { domain = lp_workgroup(); } if (r->in.server_name) { u->in.dc_name = talloc_strdup(mem_ctx, r->in.server_name); W_ERROR_HAVE_NO_MEMORY(u->in.dc_name); } else { NTSTATUS status; struct netr_DsRGetDCNameInfo *info = NULL; const char *dc = NULL; uint32_t flags = DS_DIRECTORY_SERVICE_REQUIRED | DS_WRITABLE_REQUIRED | DS_RETURN_DNS_NAME; status = dsgetdcname(mem_ctx, NULL, domain, NULL, NULL, flags, &info); if (!NT_STATUS_IS_OK(status)) { libnetapi_set_error_string(mem_ctx, "failed to find DC for domain %s: %s", domain, get_friendly_nt_error_msg(status)); return ntstatus_to_werror(status); } dc = strip_hostname(info->dc_unc); u->in.dc_name = talloc_strdup(mem_ctx, dc); W_ERROR_HAVE_NO_MEMORY(u->in.dc_name); u->in.domain_name = domain; } if (r->in.account) { u->in.admin_account = talloc_strdup(mem_ctx, r->in.account); W_ERROR_HAVE_NO_MEMORY(u->in.admin_account); } if (r->in.password) { u->in.admin_password = talloc_strdup(mem_ctx, r->in.password); W_ERROR_HAVE_NO_MEMORY(u->in.admin_password); } u->in.domain_name = domain; u->in.unjoin_flags = r->in.unjoin_flags; u->in.delete_machine_account = false; u->in.modify_config = true; u->in.debug = true; u->in.domain_sid = &domain_sid; werr = libnet_Unjoin(mem_ctx, u); if (!W_ERROR_IS_OK(werr) && u->out.error_string) { libnetapi_set_error_string(mem_ctx, "%s", u->out.error_string); } TALLOC_FREE(u); return werr; }