1/*
2   Samba Unix/Linux SMB client library
3   Distributed SMB/CIFS Server Management Utility
4
5   Copyright (C) 2004 Stefan Metzmacher <metze@samba.org>
6   Copyright (C) 2005 Andrew Bartlett <abartlet@samba.org>
7
8   This program is free software; you can redistribute it and/or modify
9   it under the terms of the GNU General Public License as published by
10   the Free Software Foundation; either version 3 of the License, or
11   (at your option) any later version.
12
13   This program is distributed in the hope that it will be useful,
14   but WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
16   GNU General Public License for more details.
17
18   You should have received a copy of the GNU General Public License
19   along with this program.  If not, see <http://www.gnu.org/licenses/>.
20*/
21
22#include "includes.h"
23#include "utils/net/net.h"
24#include "libnet/libnet.h"
25#include "librpc/gen_ndr/samr.h"
26#include "auth/auth.h"
27#include "libcli/security/security.h"
28#include "param/param.h"
29#include "lib/events/events.h"
30
31static int net_samdump_keytab_usage(struct net_context *ctx, int argc, const char **argv)
32{
33	d_printf("net samdump keytab <keytab>\n");
34	return 0;
35}
36
37static int net_samdump_keytab_help(struct net_context *ctx, int argc, const char **argv)
38{
39	d_printf("Dumps kerberos keys of a domain into a keytab.\n");
40	return 0;
41}
42
43static int net_samdump_keytab(struct net_context *ctx, int argc, const char **argv)
44{
45	NTSTATUS status;
46	struct libnet_context *libnetctx;
47	struct libnet_SamDump_keytab r;
48
49	switch (argc) {
50	case 0:
51		return net_samdump_keytab_usage(ctx, argc, argv);
52		break;
53	case 1:
54		r.in.keytab_name = argv[0];
55		break;
56	}
57
58	libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx);
59	if (!libnetctx) {
60		return -1;
61	}
62	libnetctx->cred = ctx->credentials;
63
64	r.out.error_string = NULL;
65	r.in.machine_account = NULL;
66	r.in.binding_string = NULL;
67
68	status = libnet_SamDump_keytab(libnetctx, ctx, &r);
69	if (!NT_STATUS_IS_OK(status)) {
70		DEBUG(0,("libnet_SamDump returned %s: %s\n",
71			 nt_errstr(status),
72			 r.out.error_string));
73		return -1;
74	}
75
76	talloc_free(libnetctx);
77
78	return 0;
79}
80
81/* main function table */
82static const struct net_functable net_samdump_functable[] = {
83	{"keytab", "dump keys into a keytab\n", net_samdump_keytab, net_samdump_keytab_usage},
84	{NULL, NULL, NULL, NULL}
85};
86
87int net_samdump(struct net_context *ctx, int argc, const char **argv)
88{
89	NTSTATUS status;
90	struct libnet_context *libnetctx;
91	struct libnet_SamDump r;
92	int rc;
93
94	switch (argc) {
95	case 0:
96		break;
97	case 1:
98	default:
99		rc = net_run_function(ctx, argc, argv, net_samdump_functable,
100				      net_samdump_usage);
101		return rc;
102	}
103
104	libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx);
105	if (!libnetctx) {
106		return -1;
107	}
108	libnetctx->cred = ctx->credentials;
109
110	r.out.error_string = NULL;
111	r.in.machine_account = NULL;
112	r.in.binding_string = NULL;
113
114	status = libnet_SamDump(libnetctx, ctx, &r);
115	if (!NT_STATUS_IS_OK(status)) {
116		DEBUG(0,("libnet_SamDump returned %s: %s\n",
117			 nt_errstr(status),
118			 r.out.error_string));
119		return -1;
120	}
121
122	talloc_free(libnetctx);
123
124	return 0;
125}
126
127int net_samdump_usage(struct net_context *ctx, int argc, const char **argv)
128{
129	d_printf("net samdump\n");
130	d_printf("net samdump keytab <keytab>\n");
131	return 0;
132}
133
134int net_samdump_help(struct net_context *ctx, int argc, const char **argv)
135{
136	d_printf("Dumps the sam of the domain we are joined to.\n");
137	return 0;
138}
139
140int net_samsync_ldb(struct net_context *ctx, int argc, const char **argv)
141{
142	NTSTATUS status;
143	struct libnet_context *libnetctx;
144	struct libnet_samsync_ldb r;
145
146	libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx);
147	if (!libnetctx) {
148		return -1;
149	}
150	libnetctx->cred = ctx->credentials;
151
152	r.out.error_string = NULL;
153	r.in.machine_account = NULL;
154	r.in.binding_string = NULL;
155
156	/* Needed to override the ACLs on ldb */
157	r.in.session_info = system_session(libnetctx, ctx->lp_ctx);
158
159	status = libnet_samsync_ldb(libnetctx, libnetctx, &r);
160	if (!NT_STATUS_IS_OK(status)) {
161		DEBUG(0,("libnet_samsync_ldb returned %s: %s\n",
162			 nt_errstr(status),
163			 r.out.error_string));
164		return -1;
165	}
166
167	talloc_free(libnetctx);
168
169	return 0;
170}
171
172int net_samsync_ldb_usage(struct net_context *ctx, int argc, const char **argv)
173{
174	d_printf("net samsync\n");
175	return 0;
176}
177
178int net_samsync_ldb_help(struct net_context *ctx, int argc, const char **argv)
179{
180	d_printf("Synchronise into the local ldb the SAM of a domain.\n");
181	return 0;
182}
183
184int net_vampire(struct net_context *ctx, int argc, const char **argv)
185{
186	NTSTATUS status;
187	struct libnet_context *libnetctx;
188	struct libnet_Vampire *r;
189	char *tmp, *targetdir = NULL;
190	const char *domain_name;
191
192	switch (argc) {
193		case 0: /* no args -> fail */
194			return net_vampire_usage(ctx, argc, argv);
195		case 1: /* only DOMAIN */
196			tmp = talloc_strdup(ctx, argv[0]);
197			break;
198		case 2: /* domain and target dir */
199			tmp = talloc_strdup(ctx, argv[0]);
200			targetdir = talloc_strdup(ctx, argv[1]);
201			break;
202		default: /* too many args -> fail */
203			return net_vampire_usage(ctx, argc, argv);
204	}
205
206	domain_name = tmp;
207
208	libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx);
209	if (!libnetctx) {
210		return -1;
211	}
212	libnetctx->cred = ctx->credentials;
213	r = talloc(ctx, struct libnet_Vampire);
214	if (!r) {
215		return -1;
216	}
217	/* prepare parameters for the vampire */
218	r->in.netbios_name  = lp_netbios_name(ctx->lp_ctx);
219	r->in.domain_name   = domain_name;
220	r->in.targetdir	    = targetdir;
221	r->out.error_string = NULL;
222
223	/* do the domain vampire */
224	status = libnet_Vampire(libnetctx, r, r);
225
226	if (!NT_STATUS_IS_OK(status)) {
227		d_fprintf(stderr, "Vampire of domain failed: %s\n",
228			  r->out.error_string ? r->out.error_string : nt_errstr(status));
229		talloc_free(r);
230		talloc_free(libnetctx);
231		return -1;
232	}
233	d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx, r->out.domain_sid));
234
235	talloc_free(libnetctx);
236	return 0;
237}
238
239int net_vampire_usage(struct net_context *ctx, int argc, const char **argv)
240{
241	d_printf("net vampire <domain> [options]\n");
242	return 0;
243}
244
245int net_vampire_help(struct net_context *ctx, int argc, const char **argv)
246{
247	d_printf("Join and synchronise a remote AD domain to the local server.\n");
248	return 0;
249}
250