Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : RPC pipe client
4 :
5 : Copyright (C) Tim Potter 2000
6 : Copyright (C) Guenther Deschner 2008
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include "rpcclient.h"
24 : #include "../libcli/auth/libcli_auth.h"
25 : #include "../librpc/gen_ndr/ndr_netlogon.h"
26 : #include "../librpc/gen_ndr/ndr_netlogon_c.h"
27 : #include "rpc_client/cli_netlogon.h"
28 : #include "secrets.h"
29 : #include "../libcli/auth/netlogon_creds_cli.h"
30 : #include "rpc_client/util_netlogon.h"
31 :
32 0 : static WERROR cmd_netlogon_logon_ctrl2(struct rpc_pipe_client *cli,
33 : TALLOC_CTX *mem_ctx, int argc,
34 : const char **argv)
35 : {
36 0 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
37 : WERROR werr;
38 0 : const char *logon_server = cli->desthost;
39 0 : enum netr_LogonControlCode function_code = NETLOGON_CONTROL_REDISCOVER;
40 0 : uint32_t level = 1;
41 : union netr_CONTROL_DATA_INFORMATION data;
42 : union netr_CONTROL_QUERY_INFORMATION query;
43 0 : const char *domain = lp_workgroup();
44 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
45 : int i;
46 : #define fn_code_level(x, item) { x, #x, #item }
47 : struct {
48 : enum netr_LogonControlCode code;
49 : const char *name;
50 : const char *argument;
51 0 : } supported_levels[] = {
52 : fn_code_level(NETLOGON_CONTROL_REDISCOVER, domain),
53 : fn_code_level(NETLOGON_CONTROL_TC_QUERY, domain),
54 : fn_code_level(NETLOGON_CONTROL_TRANSPORT_NOTIFY, domain),
55 : fn_code_level(NETLOGON_CONTROL_FIND_USER, user),
56 : fn_code_level(NETLOGON_CONTROL_CHANGE_PASSWORD, domain),
57 : fn_code_level(NETLOGON_CONTROL_TC_VERIFY, domain),
58 : fn_code_level(NETLOGON_CONTROL_SET_DBFLAG, debug_level),
59 : {0, 0, 0}
60 : };
61 : #undef fn_code_level
62 0 : if ((argc > 5) || (argc < 2)) {
63 0 : fprintf(stderr, "Usage: %s <logon_server> <function_code> "
64 : "<level:1..4> <argument>\n", argv[0]);
65 0 : fprintf(stderr, "Supported combinations:\n");
66 0 : fprintf(stderr, "function_code\targument\n");
67 0 : for(i=0; supported_levels[i].code; i++) {
68 0 : fprintf(stderr, "%7d\t\t%s\t(%s)\n",
69 0 : supported_levels[i].code,
70 : supported_levels[i].argument,
71 : supported_levels[i].name);
72 : }
73 0 : return WERR_OK;
74 : }
75 :
76 0 : if (argc >= 2) {
77 0 : logon_server = argv[1];
78 : }
79 :
80 0 : if (argc >= 3) {
81 0 : function_code = atoi(argv[2]);
82 : }
83 :
84 0 : if (argc >= 4) {
85 0 : level = atoi(argv[3]);
86 : }
87 :
88 0 : if (argc >= 5) {
89 0 : domain = argv[4];
90 : }
91 :
92 0 : switch (function_code) {
93 0 : case NETLOGON_CONTROL_REDISCOVER:
94 : case NETLOGON_CONTROL_TC_QUERY:
95 : case NETLOGON_CONTROL_CHANGE_PASSWORD:
96 : case NETLOGON_CONTROL_TRANSPORT_NOTIFY:
97 : case NETLOGON_CONTROL_TC_VERIFY:
98 0 : data.domain = domain;
99 0 : break;
100 0 : case NETLOGON_CONTROL_FIND_USER:
101 0 : data.user = domain;
102 0 : break;
103 0 : case NETLOGON_CONTROL_SET_DBFLAG:
104 0 : data.debug_level = atoi(domain);
105 0 : break;
106 0 : default:
107 0 : break;
108 : }
109 :
110 0 : status = dcerpc_netr_LogonControl2(b, mem_ctx,
111 : logon_server,
112 : function_code,
113 : level,
114 : &data,
115 : &query,
116 : &werr);
117 0 : if (!NT_STATUS_IS_OK(status)) {
118 0 : return ntstatus_to_werror(status);
119 : }
120 :
121 0 : if (!W_ERROR_IS_OK(werr)) {
122 0 : return werr;
123 : }
124 :
125 : /* Display results */
126 :
127 0 : return werr;
128 : }
129 :
130 0 : static WERROR cmd_netlogon_getanydcname(struct rpc_pipe_client *cli,
131 : TALLOC_CTX *mem_ctx, int argc,
132 : const char **argv)
133 : {
134 0 : const char *dcname = NULL;
135 : WERROR werr;
136 : NTSTATUS status;
137 : int old_timeout;
138 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
139 :
140 0 : if (argc != 2) {
141 0 : fprintf(stderr, "Usage: %s domainname\n", argv[0]);
142 0 : return WERR_OK;
143 : }
144 :
145 : /* Make sure to wait for our DC's reply */
146 0 : old_timeout = rpccli_set_timeout(cli, 30000); /* 30 seconds. */
147 0 : rpccli_set_timeout(cli, MAX(old_timeout, 30000)); /* At least 30 sec */
148 :
149 0 : status = dcerpc_netr_GetAnyDCName(b, mem_ctx,
150 0 : cli->desthost,
151 0 : argv[1],
152 : &dcname,
153 : &werr);
154 0 : rpccli_set_timeout(cli, old_timeout);
155 :
156 0 : if (!NT_STATUS_IS_OK(status)) {
157 0 : return ntstatus_to_werror(status);
158 : }
159 :
160 0 : if (!W_ERROR_IS_OK(werr)) {
161 0 : return werr;
162 : }
163 :
164 : /* Display results */
165 :
166 0 : printf("%s\n", dcname);
167 :
168 0 : return werr;
169 : }
170 :
171 0 : static WERROR cmd_netlogon_getdcname(struct rpc_pipe_client *cli,
172 : TALLOC_CTX *mem_ctx, int argc,
173 : const char **argv)
174 : {
175 0 : const char *dcname = NULL;
176 : NTSTATUS status;
177 : WERROR werr;
178 : int old_timeout;
179 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
180 :
181 0 : if (argc != 2) {
182 0 : fprintf(stderr, "Usage: %s domainname\n", argv[0]);
183 0 : return WERR_OK;
184 : }
185 :
186 : /* Make sure to wait for our DC's reply */
187 0 : old_timeout = rpccli_set_timeout(cli, 30000); /* 30 seconds. */
188 0 : rpccli_set_timeout(cli, MAX(30000, old_timeout)); /* At least 30 sec */
189 :
190 0 : status = dcerpc_netr_GetDcName(b, mem_ctx,
191 0 : cli->desthost,
192 0 : argv[1],
193 : &dcname,
194 : &werr);
195 0 : rpccli_set_timeout(cli, old_timeout);
196 :
197 0 : if (!NT_STATUS_IS_OK(status)) {
198 0 : return ntstatus_to_werror(status);
199 : }
200 :
201 0 : if (!W_ERROR_IS_OK(werr)) {
202 0 : return werr;
203 : }
204 :
205 : /* Display results */
206 :
207 0 : printf("%s\n", dcname);
208 :
209 0 : return werr;
210 : }
211 :
212 0 : static WERROR cmd_netlogon_dsr_getdcname(struct rpc_pipe_client *cli,
213 : TALLOC_CTX *mem_ctx, int argc,
214 : const char **argv)
215 : {
216 : NTSTATUS result;
217 0 : WERROR werr = WERR_OK;
218 0 : uint32_t flags = DS_RETURN_DNS_NAME;
219 0 : const char *server_name = cli->desthost;
220 0 : const char *domain_name = NULL;
221 0 : struct GUID domain_guid = GUID_zero();
222 0 : struct GUID site_guid = GUID_zero();
223 0 : struct netr_DsRGetDCNameInfo *info = NULL;
224 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
225 :
226 0 : if (argc < 2) {
227 0 : fprintf(stderr, "Usage: %s [domain_name] [domain_guid] "
228 : "[site_guid] [flags]\n", argv[0]);
229 0 : return WERR_OK;
230 : }
231 :
232 0 : if (argc >= 2)
233 0 : domain_name = argv[1];
234 :
235 0 : if (argc >= 3) {
236 0 : if (!NT_STATUS_IS_OK(GUID_from_string(argv[2], &domain_guid))) {
237 0 : return WERR_NOT_ENOUGH_MEMORY;
238 : }
239 : }
240 :
241 0 : if (argc >= 4) {
242 0 : if (!NT_STATUS_IS_OK(GUID_from_string(argv[3], &site_guid))) {
243 0 : return WERR_NOT_ENOUGH_MEMORY;
244 : }
245 : }
246 :
247 0 : if (argc >= 5)
248 0 : sscanf(argv[4], "%x", &flags);
249 :
250 0 : result = dcerpc_netr_DsRGetDCName(b, mem_ctx,
251 : server_name,
252 : domain_name,
253 : &domain_guid,
254 : &site_guid,
255 : flags,
256 : &info,
257 : &werr);
258 0 : if (!NT_STATUS_IS_OK(result)) {
259 0 : return ntstatus_to_werror(result);
260 : }
261 :
262 0 : if (W_ERROR_IS_OK(werr)) {
263 0 : d_printf("DsGetDcName gave: %s\n",
264 : NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
265 0 : return WERR_OK;
266 : }
267 :
268 0 : printf("rpccli_netlogon_dsr_getdcname returned %s\n",
269 : win_errstr(werr));
270 :
271 0 : return werr;
272 : }
273 :
274 0 : static WERROR cmd_netlogon_dsr_getdcnameex(struct rpc_pipe_client *cli,
275 : TALLOC_CTX *mem_ctx, int argc,
276 : const char **argv)
277 : {
278 : WERROR result;
279 : NTSTATUS status;
280 0 : uint32_t flags = DS_RETURN_DNS_NAME;
281 0 : const char *server_name = cli->desthost;
282 : const char *domain_name;
283 0 : const char *site_name = NULL;
284 0 : struct GUID domain_guid = GUID_zero();
285 0 : struct netr_DsRGetDCNameInfo *info = NULL;
286 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
287 :
288 0 : if (argc < 2) {
289 0 : fprintf(stderr, "Usage: %s [domain_name] [domain_guid] "
290 : "[site_name] [flags]\n", argv[0]);
291 0 : return WERR_OK;
292 : }
293 :
294 0 : domain_name = argv[1];
295 :
296 0 : if (argc >= 3) {
297 0 : if (!NT_STATUS_IS_OK(GUID_from_string(argv[2], &domain_guid))) {
298 0 : return WERR_NOT_ENOUGH_MEMORY;
299 : }
300 : }
301 :
302 0 : if (argc >= 4) {
303 0 : site_name = argv[3];
304 : }
305 :
306 0 : if (argc >= 5) {
307 0 : sscanf(argv[4], "%x", &flags);
308 : }
309 :
310 0 : status = dcerpc_netr_DsRGetDCNameEx(b, mem_ctx,
311 : server_name,
312 : domain_name,
313 : &domain_guid,
314 : site_name,
315 : flags,
316 : &info,
317 : &result);
318 0 : if (!NT_STATUS_IS_OK(status)) {
319 0 : return ntstatus_to_werror(status);
320 : }
321 :
322 0 : if (!W_ERROR_IS_OK(result)) {
323 0 : return result;
324 : }
325 :
326 0 : d_printf("DsRGetDCNameEx gave %s\n",
327 : NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
328 :
329 0 : return result;
330 : }
331 :
332 0 : static WERROR cmd_netlogon_dsr_getdcnameex2(struct rpc_pipe_client *cli,
333 : TALLOC_CTX *mem_ctx, int argc,
334 : const char **argv)
335 : {
336 : WERROR result;
337 : NTSTATUS status;
338 0 : uint32_t flags = DS_RETURN_DNS_NAME;
339 0 : const char *server_name = cli->desthost;
340 0 : const char *domain_name = NULL;
341 0 : const char *client_account = NULL;
342 0 : uint32_t mask = 0;
343 0 : const char *site_name = NULL;
344 0 : struct GUID domain_guid = GUID_zero();
345 0 : struct netr_DsRGetDCNameInfo *info = NULL;
346 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
347 :
348 0 : if (argc < 2) {
349 0 : fprintf(stderr, "Usage: %s [client_account] [acb_mask] "
350 : "[domain_name] [domain_guid] [site_name] "
351 : "[flags]\n", argv[0]);
352 0 : return WERR_OK;
353 : }
354 :
355 0 : if (argc >= 2) {
356 0 : client_account = argv[1];
357 : }
358 :
359 0 : if (argc >= 3) {
360 0 : mask = atoi(argv[2]);
361 : }
362 :
363 0 : if (argc >= 4) {
364 0 : domain_name = argv[3];
365 : }
366 :
367 0 : if (argc >= 5) {
368 0 : if (!NT_STATUS_IS_OK(GUID_from_string(argv[4], &domain_guid))) {
369 0 : return WERR_NOT_ENOUGH_MEMORY;
370 : }
371 : }
372 :
373 0 : if (argc >= 6) {
374 0 : site_name = argv[5];
375 : }
376 :
377 0 : if (argc >= 7) {
378 0 : sscanf(argv[6], "%x", &flags);
379 : }
380 :
381 0 : status = dcerpc_netr_DsRGetDCNameEx2(b, mem_ctx,
382 : server_name,
383 : client_account,
384 : mask,
385 : domain_name,
386 : &domain_guid,
387 : site_name,
388 : flags,
389 : &info,
390 : &result);
391 0 : if (!NT_STATUS_IS_OK(status)) {
392 0 : return ntstatus_to_werror(status);
393 : }
394 :
395 0 : if (!W_ERROR_IS_OK(result)) {
396 0 : return result;
397 : }
398 :
399 0 : d_printf("DsRGetDCNameEx2 gave %s\n",
400 : NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DsRGetDCNameInfo, info));
401 :
402 0 : return result;
403 : }
404 :
405 :
406 0 : static WERROR cmd_netlogon_dsr_getsitename(struct rpc_pipe_client *cli,
407 : TALLOC_CTX *mem_ctx, int argc,
408 : const char **argv)
409 : {
410 : WERROR werr;
411 : NTSTATUS status;
412 0 : const char *sitename = NULL;
413 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
414 :
415 0 : if (argc != 2) {
416 0 : fprintf(stderr, "Usage: %s computername\n", argv[0]);
417 0 : return WERR_OK;
418 : }
419 :
420 0 : status = dcerpc_netr_DsRGetSiteName(b, mem_ctx,
421 0 : argv[1],
422 : &sitename,
423 : &werr);
424 0 : if (!NT_STATUS_IS_OK(status)) {
425 0 : return ntstatus_to_werror(status);
426 : }
427 :
428 0 : if (!W_ERROR_IS_OK(werr)) {
429 0 : printf("rpccli_netlogon_dsr_gesitename returned %s\n",
430 : nt_errstr(werror_to_ntstatus(werr)));
431 0 : return werr;
432 : }
433 :
434 0 : printf("Computer %s is on Site: %s\n", argv[1], sitename);
435 :
436 0 : return WERR_OK;
437 : }
438 :
439 0 : static WERROR cmd_netlogon_logon_ctrl(struct rpc_pipe_client *cli,
440 : TALLOC_CTX *mem_ctx, int argc,
441 : const char **argv)
442 : {
443 0 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
444 : WERROR werr;
445 0 : const char *logon_server = cli->desthost;
446 0 : enum netr_LogonControlCode function_code = 1;
447 0 : uint32_t level = 1;
448 : union netr_CONTROL_QUERY_INFORMATION info;
449 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
450 :
451 0 : if (argc > 4) {
452 0 : fprintf(stderr, "Usage: %s <logon_server> <function_code> "
453 : "<level>\n", argv[0]);
454 0 : return WERR_OK;
455 : }
456 :
457 0 : if (argc >= 2) {
458 0 : logon_server = argv[1];
459 : }
460 :
461 0 : if (argc >= 3) {
462 0 : function_code = atoi(argv[2]);
463 : }
464 :
465 0 : if (argc >= 4) {
466 0 : level = atoi(argv[3]);
467 : }
468 :
469 0 : status = dcerpc_netr_LogonControl(b, mem_ctx,
470 : logon_server,
471 : function_code,
472 : level,
473 : &info,
474 : &werr);
475 0 : if (!NT_STATUS_IS_OK(status)) {
476 0 : return ntstatus_to_werror(status);
477 : }
478 :
479 0 : if (!W_ERROR_IS_OK(werr)) {
480 0 : return werr;
481 : }
482 :
483 : /* Display results */
484 :
485 0 : return werr;
486 : }
487 :
488 : /* Log on a domain user */
489 :
490 42 : static NTSTATUS cmd_netlogon_sam_logon(struct rpc_pipe_client *cli,
491 : TALLOC_CTX *mem_ctx, int argc,
492 : const char **argv)
493 : {
494 42 : NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
495 42 : int logon_type = NetlogonNetworkInformation;
496 : const char *username, *password;
497 42 : uint32_t logon_param = 0;
498 42 : const char *workstation = NULL;
499 42 : struct netr_SamInfo3 *info3 = NULL;
500 42 : uint8_t authoritative = 1;
501 42 : uint32_t flags = 0;
502 : uint16_t validation_level;
503 42 : union netr_Validation *validation = NULL;
504 42 : uint64_t logon_id = 0;
505 :
506 : /* Check arguments */
507 :
508 42 : if (argc < 3 || argc > 6) {
509 0 : fprintf(stderr, "Usage: samlogon <username> <password> [workstation]"
510 : "[logon_type (1 or 2)] [logon_parameter]\n");
511 0 : return NT_STATUS_OK;
512 : }
513 :
514 42 : username = argv[1];
515 42 : password = argv[2];
516 :
517 42 : if (argc >= 4)
518 22 : workstation = argv[3];
519 :
520 42 : if (argc >= 5)
521 18 : sscanf(argv[4], "%i", &logon_type);
522 :
523 42 : if (argc == 6)
524 6 : sscanf(argv[5], "%x", &logon_param);
525 :
526 42 : if (rpcclient_netlogon_creds == NULL) {
527 0 : result = NT_STATUS_UNSUCCESSFUL;
528 0 : goto done;
529 : }
530 42 : logon_id = generate_random_u64();
531 :
532 : /* Perform the sam logon */
533 :
534 42 : result = rpccli_netlogon_password_logon(rpcclient_netlogon_creds,
535 : cli->binding_handle,
536 : mem_ctx,
537 : logon_param,
538 : lp_workgroup(),
539 : username,
540 : password,
541 : workstation,
542 : logon_id,
543 : logon_type,
544 : &authoritative,
545 : &flags,
546 : &validation_level,
547 : &validation);
548 42 : if (!NT_STATUS_IS_OK(result))
549 12 : goto done;
550 :
551 30 : result = map_validation_to_info3(mem_ctx,
552 : validation_level,
553 : validation,
554 : &info3);
555 30 : if (!NT_STATUS_IS_OK(result)) {
556 0 : return result;
557 : }
558 :
559 30 : done:
560 42 : return result;
561 : }
562 :
563 : /* Change the trust account password */
564 :
565 0 : static NTSTATUS cmd_netlogon_change_trust_pw(struct rpc_pipe_client *cli,
566 : TALLOC_CTX *mem_ctx, int argc,
567 : const char **argv)
568 : {
569 0 : NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
570 0 : const char *dcname = cli->desthost;
571 :
572 : /* Check arguments */
573 :
574 0 : if (argc > 1) {
575 0 : fprintf(stderr, "Usage: change_trust_pw");
576 0 : return NT_STATUS_OK;
577 : }
578 :
579 0 : result = trust_pw_change(rpcclient_netlogon_creds,
580 : rpcclient_msg_ctx,
581 : cli->binding_handle,
582 : lp_workgroup(),
583 : dcname,
584 : true); /* force */
585 0 : if (!NT_STATUS_IS_OK(result))
586 0 : goto done;
587 :
588 0 : done:
589 0 : return result;
590 : }
591 :
592 0 : static WERROR cmd_netlogon_gettrustrid(struct rpc_pipe_client *cli,
593 : TALLOC_CTX *mem_ctx, int argc,
594 : const char **argv)
595 : {
596 0 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
597 0 : WERROR werr = WERR_GEN_FAILURE;
598 0 : const char *server_name = cli->desthost;
599 0 : const char *domain_name = lp_workgroup();
600 0 : uint32_t rid = 0;
601 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
602 :
603 0 : if (argc < 1 || argc > 3) {
604 0 : fprintf(stderr, "Usage: %s <server_name> <domain_name>\n",
605 : argv[0]);
606 0 : return WERR_OK;
607 : }
608 :
609 0 : if (argc >= 2) {
610 0 : server_name = argv[1];
611 : }
612 :
613 0 : if (argc >= 3) {
614 0 : domain_name = argv[2];
615 : }
616 :
617 0 : status = dcerpc_netr_LogonGetTrustRid(b, mem_ctx,
618 : server_name,
619 : domain_name,
620 : &rid,
621 : &werr);
622 0 : if (!NT_STATUS_IS_OK(status)) {
623 0 : werr = ntstatus_to_werror(status);
624 0 : goto done;
625 : }
626 :
627 0 : if (W_ERROR_IS_OK(werr)) {
628 0 : printf("Rid: %d\n", rid);
629 : }
630 0 : done:
631 0 : return werr;
632 : }
633 :
634 5 : static WERROR cmd_netlogon_dsr_enumtrustdom(struct rpc_pipe_client *cli,
635 : TALLOC_CTX *mem_ctx, int argc,
636 : const char **argv)
637 : {
638 5 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
639 5 : WERROR werr = WERR_GEN_FAILURE;
640 5 : const char *server_name = cli->desthost;
641 5 : uint32_t trust_flags = NETR_TRUST_FLAG_IN_FOREST;
642 : struct netr_DomainTrustList trusts;
643 5 : struct dcerpc_binding_handle *b = cli->binding_handle;
644 :
645 5 : if (argc < 1 || argc > 3) {
646 0 : fprintf(stderr, "Usage: %s <server_name> <trust_flags>\n",
647 : argv[0]);
648 0 : return WERR_OK;
649 : }
650 :
651 5 : if (argc >= 2) {
652 0 : server_name = argv[1];
653 : }
654 :
655 5 : if (argc >= 3) {
656 0 : sscanf(argv[2], "%x", &trust_flags);
657 : }
658 :
659 5 : status = dcerpc_netr_DsrEnumerateDomainTrusts(b, mem_ctx,
660 : server_name,
661 : trust_flags,
662 : &trusts,
663 : &werr);
664 5 : if (!NT_STATUS_IS_OK(status)) {
665 0 : werr = ntstatus_to_werror(status);
666 0 : goto done;
667 : }
668 :
669 5 : if (W_ERROR_IS_OK(werr)) {
670 : int i;
671 :
672 5 : printf("%d domains returned\n", trusts.count);
673 :
674 10 : for (i=0; i<trusts.count; i++ ) {
675 5 : printf("%s (%s)\n",
676 5 : trusts.array[i].dns_name,
677 5 : trusts.array[i].netbios_name);
678 : }
679 : }
680 5 : done:
681 5 : return werr;
682 : }
683 :
684 0 : static WERROR cmd_netlogon_deregisterdnsrecords(struct rpc_pipe_client *cli,
685 : TALLOC_CTX *mem_ctx, int argc,
686 : const char **argv)
687 : {
688 0 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
689 0 : WERROR werr = WERR_GEN_FAILURE;
690 0 : const char *server_name = cli->desthost;
691 0 : const char *domain = lp_workgroup();
692 0 : const char *dns_host = NULL;
693 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
694 :
695 0 : if (argc < 1 || argc > 4) {
696 0 : fprintf(stderr, "Usage: %s <server_name> <domain_name> "
697 : "<dns_host>\n", argv[0]);
698 0 : return WERR_OK;
699 : }
700 :
701 0 : if (argc >= 2) {
702 0 : server_name = argv[1];
703 : }
704 :
705 0 : if (argc >= 3) {
706 0 : domain = argv[2];
707 : }
708 :
709 0 : if (argc >= 4) {
710 0 : dns_host = argv[3];
711 : }
712 :
713 0 : status = dcerpc_netr_DsrDeregisterDNSHostRecords(b, mem_ctx,
714 : server_name,
715 : domain,
716 : NULL,
717 : NULL,
718 : dns_host,
719 : &werr);
720 0 : if (!NT_STATUS_IS_OK(status)) {
721 0 : werr = ntstatus_to_werror(status);
722 0 : goto done;
723 : }
724 :
725 0 : if (W_ERROR_IS_OK(werr)) {
726 0 : printf("success\n");
727 : }
728 0 : done:
729 0 : return werr;
730 : }
731 :
732 0 : static WERROR cmd_netlogon_dsr_getforesttrustinfo(struct rpc_pipe_client *cli,
733 : TALLOC_CTX *mem_ctx, int argc,
734 : const char **argv)
735 : {
736 0 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
737 0 : WERROR werr = WERR_GEN_FAILURE;
738 0 : const char *server_name = cli->desthost;
739 0 : const char *trusted_domain_name = NULL;
740 0 : struct lsa_ForestTrustInformation *info = NULL;
741 0 : uint32_t flags = 0;
742 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
743 :
744 0 : if (argc < 1 || argc > 4) {
745 0 : fprintf(stderr, "Usage: %s <server_name> <trusted_domain_name> "
746 : "<flags>\n", argv[0]);
747 0 : return WERR_OK;
748 : }
749 :
750 0 : if (argc >= 2) {
751 0 : server_name = argv[1];
752 : }
753 :
754 0 : if (argc >= 3) {
755 0 : trusted_domain_name = argv[2];
756 : }
757 :
758 0 : if (argc >= 4) {
759 0 : sscanf(argv[3], "%x", &flags);
760 : }
761 :
762 0 : status = dcerpc_netr_DsRGetForestTrustInformation(b, mem_ctx,
763 : server_name,
764 : trusted_domain_name,
765 : flags,
766 : &info,
767 : &werr);
768 0 : if (!NT_STATUS_IS_OK(status)) {
769 0 : werr = ntstatus_to_werror(status);
770 0 : goto done;
771 : }
772 :
773 0 : if (W_ERROR_IS_OK(werr)) {
774 0 : printf("success\n");
775 : }
776 0 : done:
777 0 : return werr;
778 : }
779 :
780 0 : static NTSTATUS cmd_netlogon_enumtrusteddomains(struct rpc_pipe_client *cli,
781 : TALLOC_CTX *mem_ctx, int argc,
782 : const char **argv)
783 : {
784 0 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
785 : NTSTATUS result;
786 0 : const char *server_name = cli->desthost;
787 : struct netr_Blob blob;
788 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
789 :
790 :
791 0 : if (argc < 1 || argc > 3) {
792 0 : fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
793 0 : return NT_STATUS_OK;
794 : }
795 :
796 0 : if (argc >= 2) {
797 0 : server_name = argv[1];
798 : }
799 :
800 0 : status = dcerpc_netr_NetrEnumerateTrustedDomains(b, mem_ctx,
801 : server_name,
802 : &blob,
803 : &result);
804 0 : if (!NT_STATUS_IS_OK(status)) {
805 0 : goto done;
806 : }
807 :
808 0 : if (!NT_STATUS_IS_OK(result)) {
809 0 : status = result;
810 0 : goto done;
811 : }
812 :
813 0 : printf("success\n");
814 0 : dump_data(1, blob.data, blob.length);
815 0 : done:
816 0 : return status;
817 : }
818 :
819 0 : static WERROR cmd_netlogon_enumtrusteddomainsex(struct rpc_pipe_client *cli,
820 : TALLOC_CTX *mem_ctx, int argc,
821 : const char **argv)
822 : {
823 0 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
824 0 : WERROR werr = WERR_GEN_FAILURE;
825 0 : const char *server_name = cli->desthost;
826 : struct netr_DomainTrustList list;
827 0 : struct dcerpc_binding_handle *b = cli->binding_handle;
828 :
829 0 : if (argc < 1 || argc > 3) {
830 0 : fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
831 0 : return WERR_OK;
832 : }
833 :
834 0 : if (argc >= 2) {
835 0 : server_name = argv[1];
836 : }
837 :
838 0 : status = dcerpc_netr_NetrEnumerateTrustedDomainsEx(b, mem_ctx,
839 : server_name,
840 : &list,
841 : &werr);
842 0 : if (!NT_STATUS_IS_OK(status)) {
843 0 : werr = ntstatus_to_werror(status);
844 0 : goto done;
845 : }
846 :
847 0 : if (W_ERROR_IS_OK(werr)) {
848 0 : printf("success\n");
849 : }
850 0 : done:
851 0 : return werr;
852 : }
853 :
854 5 : static WERROR cmd_netlogon_getdcsitecoverage(struct rpc_pipe_client *cli,
855 : TALLOC_CTX *mem_ctx, int argc,
856 : const char **argv)
857 : {
858 5 : NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
859 5 : WERROR werr = WERR_GEN_FAILURE;
860 5 : const char *server_name = cli->desthost;
861 5 : struct DcSitesCtr *ctr = NULL;
862 5 : struct dcerpc_binding_handle *b = cli->binding_handle;
863 :
864 5 : if (argc < 1 || argc > 3) {
865 0 : fprintf(stderr, "Usage: %s <server_name>\n", argv[0]);
866 0 : return WERR_OK;
867 : }
868 :
869 5 : if (argc >= 2) {
870 0 : server_name = argv[1];
871 : }
872 :
873 5 : status = dcerpc_netr_DsrGetDcSiteCoverageW(b, mem_ctx,
874 : server_name,
875 : &ctr,
876 : &werr);
877 5 : if (!NT_STATUS_IS_OK(status)) {
878 0 : werr = ntstatus_to_werror(status);
879 0 : goto done;
880 : }
881 :
882 5 : if (W_ERROR_IS_OK(werr) && ctr->num_sites) {
883 : int i;
884 5 : printf("sites covered by this DC: %d\n", ctr->num_sites);
885 10 : for (i=0; i<ctr->num_sites; i++) {
886 5 : printf("%s\n", ctr->sites[i].string);
887 : }
888 : }
889 5 : done:
890 5 : return werr;
891 : }
892 :
893 0 : static NTSTATUS cmd_netlogon_capabilities(struct rpc_pipe_client *cli,
894 : TALLOC_CTX *mem_ctx, int argc,
895 : const char **argv)
896 : {
897 : struct netlogon_creds_cli_lck *lck;
898 : union netr_Capabilities capabilities;
899 : NTSTATUS status;
900 :
901 0 : if (argc > 1) {
902 0 : fprintf(stderr, "Usage: %s\n", argv[0]);
903 0 : return NT_STATUS_OK;
904 : }
905 :
906 0 : status = netlogon_creds_cli_lck(rpcclient_netlogon_creds,
907 : NETLOGON_CREDS_CLI_LCK_EXCLUSIVE,
908 : mem_ctx, &lck);
909 0 : if (!NT_STATUS_IS_OK(status)) {
910 0 : fprintf(stderr, "netlogon_creds_cli_lck failed: %s\n",
911 : nt_errstr(status));
912 0 : return status;
913 : }
914 :
915 0 : status = netlogon_creds_cli_check(rpcclient_netlogon_creds,
916 : cli->binding_handle,
917 : &capabilities);
918 0 : if (!NT_STATUS_IS_OK(status)) {
919 0 : fprintf(stderr, "netlogon_creds_cli_check failed: %s\n",
920 : nt_errstr(status));
921 0 : return status;
922 : }
923 :
924 0 : TALLOC_FREE(lck);
925 :
926 0 : printf("capabilities: 0x%08x\n", capabilities.server_capabilities);
927 :
928 0 : return NT_STATUS_OK;
929 : }
930 :
931 0 : static NTSTATUS cmd_netlogon_logongetdomaininfo(struct rpc_pipe_client *cli,
932 : TALLOC_CTX *mem_ctx, int argc,
933 : const char **argv)
934 : {
935 : union netr_WorkstationInfo query;
936 : struct netr_WorkstationInformation workstation_info;
937 : union netr_DomainInfo *domain_info;
938 : NTSTATUS status;
939 : char *s;
940 :
941 0 : if (argc > 1) {
942 0 : fprintf(stderr, "Usage: %s\n", argv[0]);
943 0 : return NT_STATUS_OK;
944 : }
945 :
946 0 : ZERO_STRUCT(workstation_info);
947 :
948 0 : query.workstation_info = &workstation_info;
949 :
950 0 : status = netlogon_creds_cli_LogonGetDomainInfo(rpcclient_netlogon_creds,
951 : cli->binding_handle,
952 : mem_ctx,
953 : 1,
954 : &query,
955 : &domain_info);
956 0 : if (!NT_STATUS_IS_OK(status)) {
957 0 : fprintf(stderr, "netlogon_creds_cli_LogonGetDomainInfo failed: %s\n",
958 : nt_errstr(status));
959 0 : return status;
960 : }
961 :
962 0 : s = NDR_PRINT_STRUCT_STRING(mem_ctx, netr_DomainInformation, domain_info->domain_info);
963 0 : if (s) {
964 0 : printf("%s\n", s);
965 0 : TALLOC_FREE(s);
966 : }
967 :
968 0 : return NT_STATUS_OK;
969 : }
970 :
971 : /* List of commands exported by this module */
972 :
973 : struct cmd_set netlogon_commands[] = {
974 :
975 : {
976 : .name = "NETLOGON",
977 : },
978 :
979 : {
980 : .name = "logonctrl2",
981 : .returntype = RPC_RTYPE_WERROR,
982 : .ntfn = NULL,
983 : .wfn = cmd_netlogon_logon_ctrl2,
984 : .table = &ndr_table_netlogon,
985 : .rpc_pipe = NULL,
986 : .description = "Logon Control 2",
987 : .usage = "",
988 : },
989 : {
990 : .name = "getanydcname",
991 : .returntype = RPC_RTYPE_WERROR,
992 : .ntfn = NULL,
993 : .wfn = cmd_netlogon_getanydcname,
994 : .table = &ndr_table_netlogon,
995 : .rpc_pipe = NULL,
996 : .description = "Get trusted DC name",
997 : .usage = "",
998 : },
999 : {
1000 : .name = "getdcname",
1001 : .returntype = RPC_RTYPE_WERROR,
1002 : .ntfn = NULL,
1003 : .wfn = cmd_netlogon_getdcname,
1004 : .table = &ndr_table_netlogon,
1005 : .rpc_pipe = NULL,
1006 : .description = "Get trusted PDC name",
1007 : .usage = "",
1008 : },
1009 : {
1010 : .name = "dsr_getdcname",
1011 : .returntype = RPC_RTYPE_WERROR,
1012 : .ntfn = NULL,
1013 : .wfn = cmd_netlogon_dsr_getdcname,
1014 : .table = &ndr_table_netlogon,
1015 : .rpc_pipe = NULL,
1016 : .description = "Get trusted DC name",
1017 : .usage = "",
1018 : },
1019 : {
1020 : .name = "dsr_getdcnameex",
1021 : .returntype = RPC_RTYPE_WERROR,
1022 : .ntfn = NULL,
1023 : .wfn = cmd_netlogon_dsr_getdcnameex,
1024 : .table = &ndr_table_netlogon,
1025 : .rpc_pipe = NULL,
1026 : .description = "Get trusted DC name",
1027 : .usage = "",
1028 : },
1029 : {
1030 : .name = "dsr_getdcnameex2",
1031 : .returntype = RPC_RTYPE_WERROR,
1032 : .ntfn = NULL,
1033 : .wfn = cmd_netlogon_dsr_getdcnameex2,
1034 : .table = &ndr_table_netlogon,
1035 : .rpc_pipe = NULL,
1036 : .description = "Get trusted DC name",
1037 : .usage = "",
1038 : },
1039 : {
1040 : .name = "dsr_getsitename",
1041 : .returntype = RPC_RTYPE_WERROR,
1042 : .ntfn = NULL,
1043 : .wfn = cmd_netlogon_dsr_getsitename,
1044 : .table = &ndr_table_netlogon,
1045 : .rpc_pipe = NULL,
1046 : .description = "Get sitename",
1047 : .usage = "",
1048 : },
1049 : {
1050 : .name = "dsr_getforesttrustinfo",
1051 : .returntype = RPC_RTYPE_WERROR,
1052 : .ntfn = NULL,
1053 : .wfn = cmd_netlogon_dsr_getforesttrustinfo,
1054 : .table = &ndr_table_netlogon,
1055 : .rpc_pipe = NULL,
1056 : .description = "Get Forest Trust Info",
1057 : .usage = "",
1058 : },
1059 : {
1060 : .name = "logonctrl",
1061 : .returntype = RPC_RTYPE_WERROR,
1062 : .ntfn = NULL,
1063 : .wfn = cmd_netlogon_logon_ctrl,
1064 : .table = &ndr_table_netlogon,
1065 : .rpc_pipe = NULL,
1066 : .description = "Logon Control",
1067 : .usage = "",
1068 : },
1069 : {
1070 : .name = "samlogon",
1071 : .returntype = RPC_RTYPE_NTSTATUS,
1072 : .ntfn = cmd_netlogon_sam_logon,
1073 : .wfn = NULL,
1074 : .table = &ndr_table_netlogon,
1075 : .rpc_pipe = NULL,
1076 : .description = "Sam Logon",
1077 : .usage = "",
1078 : .use_netlogon_creds = true,
1079 : },
1080 : {
1081 : .name = "change_trust_pw",
1082 : .returntype = RPC_RTYPE_NTSTATUS,
1083 : .ntfn = cmd_netlogon_change_trust_pw,
1084 : .wfn = NULL,
1085 : .table = &ndr_table_netlogon,
1086 : .rpc_pipe = NULL,
1087 : .description = "Change Trust Account Password",
1088 : .usage = "",
1089 : .use_netlogon_creds = true,
1090 : },
1091 : {
1092 : .name = "gettrustrid",
1093 : .returntype = RPC_RTYPE_WERROR,
1094 : .ntfn = NULL,
1095 : .wfn = cmd_netlogon_gettrustrid,
1096 : .table = &ndr_table_netlogon,
1097 : .rpc_pipe = NULL,
1098 : .description = "Get trust rid",
1099 : .usage = "",
1100 : },
1101 : {
1102 : .name = "dsr_enumtrustdom",
1103 : .returntype = RPC_RTYPE_WERROR,
1104 : .ntfn = NULL,
1105 : .wfn = cmd_netlogon_dsr_enumtrustdom,
1106 : .table = &ndr_table_netlogon,
1107 : .rpc_pipe = NULL,
1108 : .description = "Enumerate trusted domains",
1109 : .usage = "",
1110 : },
1111 : {
1112 : .name = "dsenumdomtrusts",
1113 : .returntype = RPC_RTYPE_WERROR,
1114 : .ntfn = NULL,
1115 : .wfn = cmd_netlogon_dsr_enumtrustdom,
1116 : .table = &ndr_table_netlogon,
1117 : .rpc_pipe = NULL,
1118 : .description = "Enumerate all trusted domains in an AD forest",
1119 : .usage = "",
1120 : },
1121 : {
1122 : .name = "deregisterdnsrecords",
1123 : .returntype = RPC_RTYPE_WERROR,
1124 : .ntfn = NULL,
1125 : .wfn = cmd_netlogon_deregisterdnsrecords,
1126 : .table = &ndr_table_netlogon,
1127 : .rpc_pipe = NULL,
1128 : .description = "Deregister DNS records",
1129 : .usage = "",
1130 : },
1131 : {
1132 : .name = "netrenumtrusteddomains",
1133 : .returntype = RPC_RTYPE_NTSTATUS,
1134 : .ntfn = cmd_netlogon_enumtrusteddomains,
1135 : .wfn = NULL,
1136 : .table = &ndr_table_netlogon,
1137 : .rpc_pipe = NULL,
1138 : .description = "Enumerate trusted domains",
1139 : .usage = "",
1140 : },
1141 : {
1142 : .name = "netrenumtrusteddomainsex",
1143 : .returntype = RPC_RTYPE_WERROR,
1144 : .ntfn = NULL,
1145 : .wfn = cmd_netlogon_enumtrusteddomainsex,
1146 : .table = &ndr_table_netlogon,
1147 : .rpc_pipe = NULL,
1148 : .description = "Enumerate trusted domains",
1149 : .usage = "",
1150 : },
1151 : {
1152 : .name = "getdcsitecoverage",
1153 : .returntype = RPC_RTYPE_WERROR,
1154 : .ntfn = NULL,
1155 : .wfn = cmd_netlogon_getdcsitecoverage,
1156 : .table = &ndr_table_netlogon,
1157 : .rpc_pipe = NULL,
1158 : .description = "Get the Site-Coverage from a DC",
1159 : .usage = "",
1160 : },
1161 : {
1162 : .name = "capabilities",
1163 : .returntype = RPC_RTYPE_NTSTATUS,
1164 : .ntfn = cmd_netlogon_capabilities,
1165 : .wfn = NULL,
1166 : .table = &ndr_table_netlogon,
1167 : .rpc_pipe = NULL,
1168 : .description = "Return Capabilities",
1169 : .usage = "",
1170 : .use_netlogon_creds = true,
1171 : },
1172 : {
1173 : .name = "logongetdomaininfo",
1174 : .returntype = RPC_RTYPE_NTSTATUS,
1175 : .ntfn = cmd_netlogon_logongetdomaininfo,
1176 : .wfn = NULL,
1177 : .table = &ndr_table_netlogon,
1178 : .rpc_pipe = NULL,
1179 : .description = "Return LogonGetDomainInfo",
1180 : .usage = "",
1181 : .use_netlogon_creds = true,
1182 : },
1183 : {
1184 : .name = NULL,
1185 : }
1186 : };
|
