1/* 2 Samba Unix/Linux SMB client library 3 Distributed SMB/CIFS Server Management Utility 4 5 Copyright (C) 2004 Stefan Metzmacher <metze@samba.org> 6 Copyright (C) 2005 Andrew Bartlett <abartlet@samba.org> 7 8 This program is free software; you can redistribute it and/or modify 9 it under the terms of the GNU General Public License as published by 10 the Free Software Foundation; either version 3 of the License, or 11 (at your option) any later version. 12 13 This program is distributed in the hope that it will be useful, 14 but WITHOUT ANY WARRANTY; without even the implied warranty of 15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 GNU General Public License for more details. 17 18 You should have received a copy of the GNU General Public License 19 along with this program. If not, see <http://www.gnu.org/licenses/>. 20*/ 21 22#include "includes.h" 23#include "utils/net/net.h" 24#include "libnet/libnet.h" 25#include "librpc/gen_ndr/samr.h" 26#include "auth/auth.h" 27#include "libcli/security/security.h" 28#include "param/param.h" 29#include "lib/events/events.h" 30 31static int net_samdump_keytab_usage(struct net_context *ctx, int argc, const char **argv) 32{ 33 d_printf("net samdump keytab <keytab>\n"); 34 return 0; 35} 36 37static int net_samdump_keytab_help(struct net_context *ctx, int argc, const char **argv) 38{ 39 d_printf("Dumps kerberos keys of a domain into a keytab.\n"); 40 return 0; 41} 42 43static int net_samdump_keytab(struct net_context *ctx, int argc, const char **argv) 44{ 45 NTSTATUS status; 46 struct libnet_context *libnetctx; 47 struct libnet_SamDump_keytab r; 48 49 switch (argc) { 50 case 0: 51 return net_samdump_keytab_usage(ctx, argc, argv); 52 break; 53 case 1: 54 r.in.keytab_name = argv[0]; 55 break; 56 } 57 58 libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); 59 if (!libnetctx) { 60 return -1; 61 } 62 libnetctx->cred = ctx->credentials; 63 64 r.out.error_string = NULL; 65 r.in.machine_account = NULL; 66 r.in.binding_string = NULL; 67 68 status = libnet_SamDump_keytab(libnetctx, ctx, &r); 69 if (!NT_STATUS_IS_OK(status)) { 70 DEBUG(0,("libnet_SamDump returned %s: %s\n", 71 nt_errstr(status), 72 r.out.error_string)); 73 return -1; 74 } 75 76 talloc_free(libnetctx); 77 78 return 0; 79} 80 81/* main function table */ 82static const struct net_functable net_samdump_functable[] = { 83 {"keytab", "dump keys into a keytab\n", net_samdump_keytab, net_samdump_keytab_usage}, 84 {NULL, NULL, NULL, NULL} 85}; 86 87int net_samdump(struct net_context *ctx, int argc, const char **argv) 88{ 89 NTSTATUS status; 90 struct libnet_context *libnetctx; 91 struct libnet_SamDump r; 92 int rc; 93 94 switch (argc) { 95 case 0: 96 break; 97 case 1: 98 default: 99 rc = net_run_function(ctx, argc, argv, net_samdump_functable, 100 net_samdump_usage); 101 return rc; 102 } 103 104 libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); 105 if (!libnetctx) { 106 return -1; 107 } 108 libnetctx->cred = ctx->credentials; 109 110 r.out.error_string = NULL; 111 r.in.machine_account = NULL; 112 r.in.binding_string = NULL; 113 114 status = libnet_SamDump(libnetctx, ctx, &r); 115 if (!NT_STATUS_IS_OK(status)) { 116 DEBUG(0,("libnet_SamDump returned %s: %s\n", 117 nt_errstr(status), 118 r.out.error_string)); 119 return -1; 120 } 121 122 talloc_free(libnetctx); 123 124 return 0; 125} 126 127int net_samdump_usage(struct net_context *ctx, int argc, const char **argv) 128{ 129 d_printf("net samdump\n"); 130 d_printf("net samdump keytab <keytab>\n"); 131 return 0; 132} 133 134int net_samdump_help(struct net_context *ctx, int argc, const char **argv) 135{ 136 d_printf("Dumps the sam of the domain we are joined to.\n"); 137 return 0; 138} 139 140int net_samsync_ldb(struct net_context *ctx, int argc, const char **argv) 141{ 142 NTSTATUS status; 143 struct libnet_context *libnetctx; 144 struct libnet_samsync_ldb r; 145 146 libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); 147 if (!libnetctx) { 148 return -1; 149 } 150 libnetctx->cred = ctx->credentials; 151 152 r.out.error_string = NULL; 153 r.in.machine_account = NULL; 154 r.in.binding_string = NULL; 155 156 /* Needed to override the ACLs on ldb */ 157 r.in.session_info = system_session(libnetctx, ctx->lp_ctx); 158 159 status = libnet_samsync_ldb(libnetctx, libnetctx, &r); 160 if (!NT_STATUS_IS_OK(status)) { 161 DEBUG(0,("libnet_samsync_ldb returned %s: %s\n", 162 nt_errstr(status), 163 r.out.error_string)); 164 return -1; 165 } 166 167 talloc_free(libnetctx); 168 169 return 0; 170} 171 172int net_samsync_ldb_usage(struct net_context *ctx, int argc, const char **argv) 173{ 174 d_printf("net samsync\n"); 175 return 0; 176} 177 178int net_samsync_ldb_help(struct net_context *ctx, int argc, const char **argv) 179{ 180 d_printf("Synchronise into the local ldb the SAM of a domain.\n"); 181 return 0; 182} 183 184int net_vampire(struct net_context *ctx, int argc, const char **argv) 185{ 186 NTSTATUS status; 187 struct libnet_context *libnetctx; 188 struct libnet_Vampire *r; 189 char *tmp, *targetdir = NULL; 190 const char *domain_name; 191 192 switch (argc) { 193 case 0: /* no args -> fail */ 194 return net_vampire_usage(ctx, argc, argv); 195 case 1: /* only DOMAIN */ 196 tmp = talloc_strdup(ctx, argv[0]); 197 break; 198 case 2: /* domain and target dir */ 199 tmp = talloc_strdup(ctx, argv[0]); 200 targetdir = talloc_strdup(ctx, argv[1]); 201 break; 202 default: /* too many args -> fail */ 203 return net_vampire_usage(ctx, argc, argv); 204 } 205 206 domain_name = tmp; 207 208 libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx); 209 if (!libnetctx) { 210 return -1; 211 } 212 libnetctx->cred = ctx->credentials; 213 r = talloc(ctx, struct libnet_Vampire); 214 if (!r) { 215 return -1; 216 } 217 /* prepare parameters for the vampire */ 218 r->in.netbios_name = lp_netbios_name(ctx->lp_ctx); 219 r->in.domain_name = domain_name; 220 r->in.targetdir = targetdir; 221 r->out.error_string = NULL; 222 223 /* do the domain vampire */ 224 status = libnet_Vampire(libnetctx, r, r); 225 226 if (!NT_STATUS_IS_OK(status)) { 227 d_fprintf(stderr, "Vampire of domain failed: %s\n", 228 r->out.error_string ? r->out.error_string : nt_errstr(status)); 229 talloc_free(r); 230 talloc_free(libnetctx); 231 return -1; 232 } 233 d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx, r->out.domain_sid)); 234 235 talloc_free(libnetctx); 236 return 0; 237} 238 239int net_vampire_usage(struct net_context *ctx, int argc, const char **argv) 240{ 241 d_printf("net vampire <domain> [options]\n"); 242 return 0; 243} 244 245int net_vampire_help(struct net_context *ctx, int argc, const char **argv) 246{ 247 d_printf("Join and synchronise a remote AD domain to the local server.\n"); 248 return 0; 249} 250