diff options
Diffstat (limited to 'source/rpcclient/samsync.c')
| -rw-r--r-- | source/rpcclient/samsync.c | 316 |
1 files changed, 30 insertions, 286 deletions
diff --git a/source/rpcclient/samsync.c b/source/rpcclient/samsync.c index 3a0bc2d6f69..15efc1d42bc 100644 --- a/source/rpcclient/samsync.c +++ b/source/rpcclient/samsync.c @@ -1,5 +1,6 @@ /* - Unix SMB/CIFS implementation. + Unix SMB/Netbios implementation. + Version 2.2 RPC pipe client Copyright (C) Tim Potter 2001 @@ -21,249 +22,17 @@ #include "includes.h" -static void decode_domain_info(SAM_DOMAIN_INFO *a) -{ - fstring temp; - printf("Domain Information\n"); - printf("------------------\n"); - - unistr2_to_ascii(temp, &a->uni_dom_name, sizeof(temp)-1); - printf("\tDomain :%s\n", temp); - printf("\tMin password len :%d\n", a->min_pwd_len); - printf("\tpassword history len:%d\n", a->pwd_history_len); - printf("\tcreation time :%s\n", http_timestring(nt_time_to_unix(&a->creation_time))); -} - -static void decode_sam_group_info(SAM_GROUP_INFO *a) -{ - fstring temp; - printf("\nDomain Group Information\n"); - printf("------------------------\n"); - - unistr2_to_ascii(temp, &a->uni_grp_name, sizeof(temp)-1); - printf("\tGroup name :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_grp_desc, sizeof(temp)-1); - printf("\tGroup description :%s\n", temp); - printf("\trid :%d\n", a->gid.g_rid); - printf("\tattribute :%d\n", a->gid.attr); -} - -static void decode_sam_account_info(SAM_ACCOUNT_INFO *a) -{ - fstring temp; - printf("\nUser Information\n"); - printf("----------------\n"); - - unistr2_to_ascii(temp, &a->uni_acct_name, sizeof(temp)-1); - printf("\tUser name :%s\n", temp); - printf("\tuser's rid :%d\n", a->user_rid); - printf("\tuser's primary gid :%d\n", a->group_rid); - unistr2_to_ascii(temp, &a->uni_full_name, sizeof(temp)-1); - printf("\tfull name :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_home_dir, sizeof(temp)-1); - printf("\thome directory :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_dir_drive, sizeof(temp)-1); - printf("\tdrive :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_logon_script, sizeof(temp)-1); - printf("\tlogon script :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_acct_desc, sizeof(temp)-1); - printf("\tdescription :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_workstations, sizeof(temp)-1); - printf("\tworkstations :%s\n", temp); -} - -static void decode_sam_grp_mem_info(SAM_GROUP_MEM_INFO *a) -{ - int i; - printf("\nGroup members information\n"); - printf("-------------------------\n"); - printf("\tnum members :%d\n", a->num_members); - - for (i=0; i<a->num_members; i++) { - printf("\trid, attr:%d, %d\n", a->rids[i], a->attribs[i]); - } -} - -static void decode_sam_alias_info(SAM_ALIAS_INFO *a) -{ - fstring temp; - printf("\nAlias Information\n"); - printf("-----------------\n"); - - unistr2_to_ascii(temp, &a->uni_als_name, sizeof(temp)-1); - printf("\tname :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_als_desc, sizeof(temp)-1); - printf("\tdescription :%s\n", temp); - printf("\trid :%d\n", a->als_rid); -} - -static void decode_sam_als_mem_info(SAM_ALIAS_MEM_INFO *a) -{ - int i; - fstring temp; - printf("\nAlias members Information\n"); - printf("-------------------------\n"); - printf("\tnum members :%d\n", a->num_members); - printf("\tnum sids :%d\n", a->num_sids); - for (i=0; i<a->num_sids; i++) { - printf("\tsid :%s\n", sid_to_string(temp, &a->sids[i].sid)); - } - - -} - -static void decode_sam_dom_info(SAM_DELTA_DOM *a) -{ - fstring temp; - printf("\nDomain information\n"); - printf("------------------\n"); - - unistr2_to_ascii(temp, &a->domain_name, sizeof(temp)-1); - printf("\tdomain name :%s\n", temp); - printf("\tsid :%s\n", sid_to_string(temp, &a->domain_sid.sid)); -} - -static void decode_sam_unk0e_info(SAM_DELTA_UNK0E *a) -{ - fstring temp; - printf("\nTrust information\n"); - printf("-----------------\n"); - - unistr2_to_ascii(temp, &a->domain, sizeof(temp)-1); - printf("\tdomain name :%s\n", temp); - printf("\tsid :%s\n", sid_to_string(temp, &a->sid.sid)); - display_sec_desc(a->sec_desc); -} - -static void decode_sam_privs_info(SAM_DELTA_PRIVS *a) -{ - int i; - fstring temp; - printf("\nSID and privileges information\n"); - printf("------------------------------\n"); - printf("\tsid :%s\n", sid_to_string(temp, &a->sid.sid)); - display_sec_desc(a->sec_desc); - printf("\tprivileges count :%d\n", a->privlist_count); - for (i=0; i<a->privlist_count; i++) { - unistr2_to_ascii(temp, &a->uni_privslist[i], sizeof(temp)-1); - printf("\tprivilege name :%s\n", temp); - printf("\tattribute :%d\n", a->attributes[i]); - } -} - -static void decode_sam_unk12_info(SAM_DELTA_UNK12 *a) -{ - fstring temp; - printf("\nTrusted information\n"); - printf("-------------------\n"); - - unistr2_to_ascii(temp, &a->secret, sizeof(temp)-1); - printf("\tsecret name :%s\n", temp); - display_sec_desc(a->sec_desc); - - printf("\ttime 1 :%s\n", http_timestring(nt_time_to_unix(&a->time1))); - printf("\ttime 2 :%s\n", http_timestring(nt_time_to_unix(&a->time2))); - - display_sec_desc(a->sec_desc2); -} - -static void decode_sam_stamp(SAM_DELTA_STAMP *a) -{ - printf("\nStamp information\n"); - printf("-----------------\n"); - printf("\tsequence number :%d\n", a->seqnum); -} - -static void decode_sam_deltas(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas) -{ - int i; - for (i = 0; i < num_deltas; i++) { - switch (hdr_deltas[i].type) { - case SAM_DELTA_DOMAIN_INFO: { - SAM_DOMAIN_INFO *a; - a = &deltas[i].domain_info; - decode_domain_info(a); - break; - } - case SAM_DELTA_GROUP_INFO: { - SAM_GROUP_INFO *a; - a = &deltas[i].group_info; - decode_sam_group_info(a); - break; - } - case SAM_DELTA_ACCOUNT_INFO: { - SAM_ACCOUNT_INFO *a; - a = &deltas[i].account_info; - decode_sam_account_info(a); - break; - } - case SAM_DELTA_GROUP_MEM: { - SAM_GROUP_MEM_INFO *a; - a = &deltas[i].grp_mem_info; - decode_sam_grp_mem_info(a); - break; - } - case SAM_DELTA_ALIAS_INFO: { - SAM_ALIAS_INFO *a; - a = &deltas[i].alias_info; - decode_sam_alias_info(a); - break; - } - case SAM_DELTA_ALIAS_MEM: { - SAM_ALIAS_MEM_INFO *a; - a = &deltas[i].als_mem_info; - decode_sam_als_mem_info(a); - break; - } - case SAM_DELTA_DOM_INFO: { - SAM_DELTA_DOM *a; - a = &deltas[i].dom_info; - decode_sam_dom_info(a); - break; - } - case SAM_DELTA_UNK0E_INFO: { - SAM_DELTA_UNK0E *a; - a = &deltas[i].unk0e_info; - decode_sam_unk0e_info(a); - break; - } - case SAM_DELTA_PRIVS_INFO: { - SAM_DELTA_PRIVS *a; - a = &deltas[i].privs_info; - decode_sam_privs_info(a); - break; - } - case SAM_DELTA_UNK12_INFO: { - SAM_DELTA_UNK12 *a; - a = &deltas[i].unk12_info; - decode_sam_unk12_info(a); - break; - } - case SAM_DELTA_SAM_STAMP: { - SAM_DELTA_STAMP *a; - a = &deltas[i].stamp; - decode_sam_stamp(a); - break; - } - default: - DEBUG(0,("unknown delta type: %d\n", hdr_deltas[i].type)); - break; - } - } -} - /* Synchronise sam database */ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], - BOOL do_smbpasswd_output, BOOL verbose) + BOOL do_smbpasswd_output) { TALLOC_CTX *mem_ctx; - SAM_DELTA_HDR *hdr_deltas_0, *hdr_deltas_1, *hdr_deltas_2; - SAM_DELTA_CTR *deltas_0, *deltas_1, *deltas_2; - uint32 num_deltas_0, num_deltas_1, num_deltas_2; + SAM_DELTA_HDR *hdr_deltas; + SAM_DELTA_CTR *deltas; + uint32 database_id = 0, num_deltas; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - DOM_CRED ret_creds; /* Initialise */ if (!(mem_ctx = talloc_init())) { @@ -283,55 +52,31 @@ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], goto done; } - /* on first call the returnAuthenticator is empty */ - memset(&ret_creds, 0, sizeof(ret_creds)); - - /* Do sam synchronisation on the SAM database*/ + /* Do sam synchronisation */ - result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, 0, &num_deltas_0, &hdr_deltas_0, &deltas_0); + result = cli_netlogon_sam_sync(cli, mem_ctx, database_id, + &num_deltas, &hdr_deltas, &deltas); - if (!NT_STATUS_IS_OK(result)) - goto done; - - /* verbose mode */ - if (verbose) - decode_sam_deltas(num_deltas_0, hdr_deltas_0, deltas_0); - - - /* - * we can't yet do several sam_sync in a raw, it's a credential problem - * we must chain the credentials - */ - -#if 1 - /* Do sam synchronisation on the LSA database */ - - result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, 2, &num_deltas_2, &hdr_deltas_2, &deltas_2); - - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { goto done; - - /* verbose mode */ - if (verbose) - decode_sam_deltas(num_deltas_2, hdr_deltas_2, deltas_2); -#endif + } /* Produce smbpasswd output - good for migrating from NT! */ if (do_smbpasswd_output) { int i; - for (i = 0; i < num_deltas_0; i++) { + for (i = 0; i < num_deltas; i++) { SAM_ACCOUNT_INFO *a; fstring acct_name, hex_nt_passwd, hex_lm_passwd; uchar lm_passwd[16], nt_passwd[16]; /* Skip non-user accounts */ - if (hdr_deltas_0[i].type != SAM_DELTA_ACCOUNT_INFO) + if (hdr_deltas[i].type != SAM_DELTA_ACCOUNT_INFO) continue; - a = &deltas_0[i].account_info; + a = &deltas[i].account_info; unistr2_to_ascii(acct_name, &a->uni_acct_name, sizeof(acct_name) - 1); @@ -354,7 +99,8 @@ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], printf("%s:%d:%s:%s:%s:LCT-0\n", acct_name, a->user_rid, hex_lm_passwd, hex_nt_passwd, - smbpasswd_encode_acb_info(a->acb_info)); + smbpasswd_encode_acb_info( + deltas[i].account_info.acb_info)); } goto done; @@ -392,7 +138,6 @@ static void usage(void) printf("\t-R replicate sam deltas\n"); printf("\t-U username username and password\n"); printf("\t-p produce smbpasswd output\n"); - printf("\t-V verbose output\n"); printf("\n"); } @@ -449,8 +194,8 @@ static struct cli_state *init_connection(struct cli_state *cli, return NULL; } - if (!lookup_dc_name(global_myname, lp_workgroup(), dest_ip, - dest_host)) { + if (!lookup_pdc_name(global_myname, lp_workgroup(), dest_ip, + dest_host)) { DEBUG(0, ("Could not lookup up PDC name for domain %s\n", lp_workgroup())); return NULL; @@ -477,12 +222,12 @@ static struct cli_state *init_connection(struct cli_state *cli, int main(int argc, char **argv) { BOOL do_sam_sync = False, do_sam_repl = False; + pstring servicesf = CONFIGFILE; struct cli_state cli; NTSTATUS result; int opt; pstring logfile; BOOL interactive = False, do_smbpasswd_output = False; - BOOL verbose = False; uint32 low_serial = 0; unsigned char trust_passwd[16]; fstring username, domain, password; @@ -498,10 +243,10 @@ static struct cli_state *init_connection(struct cli_state *cli, /* Parse command line options */ - while((opt = getopt(argc, argv, "s:d:SR:hiU:W:pV")) != EOF) { + while((opt = getopt(argc, argv, "s:d:SR:hiU:W:p")) != EOF) { switch (opt) { case 's': - pstrcpy(dyn_CONFIGFILE, optarg); + pstrcpy(servicesf, optarg); break; case 'd': DEBUGLEVEL = atoi(optarg); @@ -520,10 +265,10 @@ static struct cli_state *init_connection(struct cli_state *cli, char *lp; fstrcpy(username,optarg); - if ((lp=strchr_m(username,'%'))) { + if ((lp=strchr(username,'%'))) { *lp = 0; fstrcpy(password,lp+1); - memset(strchr_m(optarg, '%') + 1, 'X', + memset(strchr(optarg, '%') + 1, 'X', strlen(password)); } break; @@ -534,10 +279,7 @@ static struct cli_state *init_connection(struct cli_state *cli, case 'p': do_smbpasswd_output = True; break; - case 'V': - verbose = True; - break; - case 'h': + case 'h': default: usage(); exit(1); @@ -553,7 +295,7 @@ static struct cli_state *init_connection(struct cli_state *cli, /* Initialise samba */ - slprintf(logfile, sizeof(logfile) - 1, "%s/log.%s", dyn_LOGFILEBASE, + slprintf(logfile, sizeof(logfile) - 1, "%s/log.%s", LOGFILEBASE, "samsync"); lp_set_logfile(logfile); @@ -562,12 +304,14 @@ static struct cli_state *init_connection(struct cli_state *cli, if (!interactive) reopen_logs(); - if (!lp_load(dyn_CONFIGFILE, True, False, False)) { - fprintf(stderr, "Can't load %s\n", dyn_CONFIGFILE); + if (!lp_load(servicesf, True, False, False)) { + fprintf(stderr, "Can't load %s\n", servicesf); } load_interfaces(); + TimeInit(); + /* Check arguments make sense */ if (do_sam_sync && do_sam_repl) { @@ -605,7 +349,7 @@ static struct cli_state *init_connection(struct cli_state *cli, return 1; if (do_sam_sync) - result = sam_sync(&cli, trust_passwd, do_smbpasswd_output, verbose); + result = sam_sync(&cli, trust_passwd, do_smbpasswd_output); if (do_sam_repl) result = sam_repl(&cli, trust_passwd, low_serial); |