Fix bug #5568 net rpc trustdom add broken !

net rpc trustdom add was broken. The default 10second timeout can be too short
to create an account on a Samba DC (calling out to a script), error message
reporting was poor, and more importantly the new marshalling code for
user_info23 was broken (maps onto a user_info21 but doesn't clear the
user_info23 struct before marshalling, leaving an uninitialized size field -
give "alloc failure").
Jeremy.
(cherry picked from commit 52552623277726c2f28a992f68d8bc22982bab28)

2 files changed, 24 insertions, 3 deletions

diff --git a/source/rpc_client/init_samr.c b/source/rpc_client/init_samr.c
index 3b62e7effb1..c5d7dcdb132 100644
--- a/source/rpc_client/init_samr.c
+++ b/source/rpc_client/init_samr.c
@@ -413,6 +413,7 @@ void init_samr_user_info23(struct samr_UserInfo23 *r,
 			   uint8_t data[516],
 			   uint8_t pw_len)
 {
+	memset(r, '\0', sizeof(*r));
 	init_samr_user_info21(&r->info,
 			      last_logon,
 			      last_logoff,
diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c
index a24aa8bdad6..a5c2de0df32 100644
--- a/source/utils/net_rpc.c
+++ b/source/utils/net_rpc.c
@@ -5355,6 +5355,7 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 	uint32 user_rid;
 	uint32_t access_granted = 0;
 	union samr_UserInfo info;
+	unsigned int orig_timeout;
 
 	if (argc != 2) {
 		d_printf("Usage: net rpc trustdom add <domain_name> <trust password>\n");
@@ -5392,6 +5393,11 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 		goto done;
 	}
 
+        /* This call can take a long time - allow the server to time out.
+	 * 35 seconds should do it. */
+
+        orig_timeout = cli_set_timeout(pipe_hnd->cli, 35000);
+
 	/* Create trusting domain's account */
 	acb_info = ACB_NORMAL;
 	acct_flags = SEC_GENERIC_READ | SEC_GENERIC_WRITE | SEC_GENERIC_EXECUTE |
@@ -5408,7 +5414,13 @@ static NTSTATUS rpc_trustdom_add_internals(const DOM_SID *domain_sid,
 					 &user_pol,
 					 &access_granted,
 					 &user_rid);
+
+	/* And restore our original timeout. */
+	cli_set_timeout(pipe_hnd->cli, orig_timeout);
+
 	if (!NT_STATUS_IS_OK(result)) {
+		d_printf("net rpc trustdom add: create user %s failed %s\n",
+			acct_name, nt_errstr(result));
 		goto done;
 	}
 
@@ -5558,6 +5570,8 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
 					 &name_types);
 
 	if (!NT_STATUS_IS_OK(result)) {
+		d_printf("net rpc trustdom del: LookupNames on user %s failed %s\n",
+			acct_name, nt_errstr(result) );
 		goto done;
 	}
 
@@ -5568,6 +5582,8 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
 				      &user_pol);
 
 	if (!NT_STATUS_IS_OK(result)) {
+		d_printf("net rpc trustdom del: OpenUser on user %s failed %s\n",
+			acct_name, nt_errstr(result) );
 		goto done;
 	}
 
@@ -5583,6 +5599,8 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
 							   &user_pol,
 							   &trust_acct_sid);
 	if (!NT_STATUS_IS_OK(result)) {
+		d_printf("net rpc trustdom del: RemoveMemberFromForeignDomain on user %s failed %s\n",
+			acct_name, nt_errstr(result) );
 		goto done;
 	}
 
@@ -5592,13 +5610,15 @@ static NTSTATUS rpc_trustdom_del_internals(const DOM_SID *domain_sid,
 					&user_pol);
 
 	if (!NT_STATUS_IS_OK(result)) {
+		d_printf("net rpc trustdom del: DeleteUser on user %s failed %s\n",
+			acct_name, nt_errstr(result) );
 		goto done;
 	}
 
 	if (!NT_STATUS_IS_OK(result)) {
-	  DEBUG(0,("Could not set trust account password: %s\n",
-		   nt_errstr(result)));
-	  goto done;
+		d_printf("Could not set trust account password: %s\n",
+		   nt_errstr(result));
+		goto done;
 	}
 
  done: