diff options
author | Gerald Carter <jerry@samba.org> | 2007-03-20 16:56:16 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2007-03-20 16:56:16 +0000 |
commit | 651d5a89c59c107c05e789358624058e16af1b66 (patch) | |
tree | dfd29754255ea87b30eb16a06c505e42f98b9be3 /source/utils/net_ads.c | |
parent | 0f475ed1a387e37d477fd434c06ad5783c58adea (diff) | |
download | samba-651d5a89c59c107c05e789358624058e16af1b66.tar.gz samba-651d5a89c59c107c05e789358624058e16af1b66.tar.xz samba-651d5a89c59c107c05e789358624058e16af1b66.zip |
r21889: * Pull from SAMBA-3_0_25 svn r21888
* Set version to 3.0.25pre2
Diffstat (limited to 'source/utils/net_ads.c')
-rw-r--r-- | source/utils/net_ads.c | 125 |
1 files changed, 123 insertions, 2 deletions
diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c index 02a0b68932c..52af6e68d77 100644 --- a/source/utils/net_ads.c +++ b/source/utils/net_ads.c @@ -1118,6 +1118,72 @@ done: } /******************************************************************* + Set a machines dNSHostName and servicePrincipalName attributes + ********************************************************************/ + +static ADS_STATUS net_set_os_attributes(TALLOC_CTX *ctx, ADS_STRUCT *ads_s, + const char *os_name, const char *os_version ) +{ + ADS_STATUS status = ADS_ERROR(LDAP_SERVER_DOWN); + char *new_dn; + ADS_MODLIST mods; + LDAPMessage *res = NULL; + char *dn_string = NULL; + const char *machine_name = global_myname(); + int count; + char *os_sp = NULL; + + if ( !os_name || !os_version ) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + /* Find our DN */ + + status = ads_find_machine_acct(ads_s, &res, machine_name); + if (!ADS_ERR_OK(status)) + return status; + + if ( (count = ads_count_replies(ads_s, res)) != 1 ) { + DEBUG(1,("net_set_machine_spn: %d entries returned!\n", count)); + return ADS_ERROR(LDAP_NO_MEMORY); + } + + if ( (dn_string = ads_get_dn(ads_s, res)) == NULL ) { + DEBUG(1, ("ads_add_machine_acct: ads_get_dn returned NULL (malloc failure?)\n")); + goto done; + } + + new_dn = talloc_strdup(ctx, dn_string); + ads_memfree(ads_s, dn_string); + if (!new_dn) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + /* now do the mods */ + + if (!(mods = ads_init_mods(ctx))) { + goto done; + } + + os_sp = talloc_asprintf( ctx, "Samba %s", SAMBA_VERSION_STRING ); + + /* fields of primary importance */ + + ads_mod_str(ctx, &mods, "operatingSystem", os_name); + ads_mod_str(ctx, &mods, "operatingSystemVersion", os_version); + if ( os_sp ) + ads_mod_str(ctx, &mods, "operatingSystemServicePack", os_sp); + + status = ads_gen_mod(ads_s, new_dn, mods); + +done: + ads_msgfree(ads_s, res); + TALLOC_FREE( os_sp ); + + return status; +} + +/******************************************************************* join a domain using ADS (LDAP mods) ********************************************************************/ @@ -1386,6 +1452,8 @@ int net_ads_join(int argc, const char **argv) int i; fstring dc_name; struct in_addr dcip; + const char *os_name = NULL; + const char *os_version = NULL; nt_status = check_ads_config(); if (!NT_STATUS_IS_OK(nt_status)) { @@ -1427,7 +1495,21 @@ int net_ads_join(int argc, const char **argv) } else if ( !StrnCaseCmp(argv[i], "createcomputer", strlen("createcomputer")) ) { if ( (create_in_ou = get_string_param(argv[i])) == NULL ) { - d_fprintf(stderr, "Please supply a valid OU path\n"); + d_fprintf(stderr, "Please supply a valid OU path.\n"); + nt_status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + } + else if ( !StrnCaseCmp(argv[i], "osName", strlen("osName")) ) { + if ( (os_name = get_string_param(argv[i])) == NULL ) { + d_fprintf(stderr, "Please supply a operating system name.\n"); + nt_status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + } + else if ( !StrnCaseCmp(argv[i], "osVer", strlen("osVer")) ) { + if ( (os_version = get_string_param(argv[i])) == NULL ) { + d_fprintf(stderr, "Please supply a valid operating system version.\n"); nt_status = NT_STATUS_INVALID_PARAMETER; goto fail; } @@ -1546,7 +1628,18 @@ int net_ads_join(int argc, const char **argv) } } + /* Try to set the operatingSystem attributes if asked */ + + if ( os_name && os_version ) { + status = net_set_os_attributes( ctx, ads, os_name, os_version ); + if ( !ADS_ERR_OK(status) ) { + d_fprintf(stderr, "Failed to set operatingSystem attributes. " + "Are you a Domain Admin?\n"); + } + } + /* Now build the keytab, using the same ADS connection */ + if (lp_use_kerberos_keytab() && ads_keytab_create_default(ads)) { DEBUG(1,("Error creating host keytab!\n")); } @@ -1819,13 +1912,16 @@ static int net_ads_printer_publish(int argc, const char **argv) TALLOC_CTX *mem_ctx = talloc_init("net_ads_printer_publish"); ADS_MODLIST mods = ads_init_mods(mem_ctx); char *prt_dn, *srv_dn, **srv_cn; + char *srv_cn_escaped = NULL, *printername_escaped = NULL; LDAPMessage *res = NULL; if (!ADS_ERR_OK(ads_startup(True, &ads))) { + talloc_destroy(mem_ctx); return -1; } if (argc < 1) { + talloc_destroy(mem_ctx); return net_ads_printer_usage(argc, argv); } @@ -1853,6 +1949,7 @@ static int net_ads_printer_publish(int argc, const char **argv) d_fprintf(stderr, "Unable to open a connnection to %s to obtain data " "for %s\n", servername, printername); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } @@ -1864,37 +1961,60 @@ static int net_ads_printer_publish(int argc, const char **argv) d_fprintf(stderr, "Could not find machine account for server %s\n", servername); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } srv_dn = ldap_get_dn((LDAP *)ads->ld, (LDAPMessage *)res); srv_cn = ldap_explode_dn(srv_dn, 1); - asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn[0], printername, srv_dn); + srv_cn_escaped = escape_rdn_val_string_alloc(srv_cn[0]); + printername_escaped = escape_rdn_val_string_alloc(printername); + if (!srv_cn_escaped || !printername_escaped) { + SAFE_FREE(srv_cn_escaped); + SAFE_FREE(printername_escaped); + d_fprintf(stderr, "Internal error, out of memory!"); + ads_destroy(&ads); + talloc_destroy(mem_ctx); + return -1; + } + + asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn_escaped, printername_escaped, srv_dn); + + SAFE_FREE(srv_cn_escaped); + SAFE_FREE(printername_escaped); pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SPOOLSS, &nt_status); if (!pipe_hnd) { d_fprintf(stderr, "Unable to open a connnection to the spoolss pipe on %s\n", servername); + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } if (!W_ERROR_IS_OK(get_remote_printer_publishing_data(pipe_hnd, mem_ctx, &mods, printername))) { + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } rc = ads_add_printer_entry(ads, prt_dn, mem_ctx, &mods); if (!ADS_ERR_OK(rc)) { d_fprintf(stderr, "ads_publish_printer: %s\n", ads_errstr(rc)); + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } d_printf("published printer\n"); + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return 0; } @@ -2158,6 +2278,7 @@ static int net_ads_dn_usage(int argc, const char **argv) "The DN standard LDAP DN, and the attributes are a list of LDAP fields \n"\ "to show in the results\n\n"\ "Example: net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' sAMAccountName\n\n" + "Note: the DN must be provided properly escaped. See RFC 4514 for details\n\n" ); net_common_flags_usage(argc, argv); return -1; |