diff options
Diffstat (limited to 'source/rpcclient/samsync.c')
-rw-r--r-- | source/rpcclient/samsync.c | 740 |
1 files changed, 165 insertions, 575 deletions
diff --git a/source/rpcclient/samsync.c b/source/rpcclient/samsync.c index 7124f9416ad..c1be521c553 100644 --- a/source/rpcclient/samsync.c +++ b/source/rpcclient/samsync.c @@ -1,8 +1,9 @@ /* - Unix SMB/CIFS implementation. - SAM synchronisation and replication + Unix SMB/Netbios implementation. + Version 2.2 + RPC pipe client - Copyright (C) Tim Potter 2001,2002 + Copyright (C) Tim Potter 2001 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -21,358 +22,19 @@ #include "includes.h" -DOM_SID domain_sid; - -static void decode_domain_info(SAM_DOMAIN_INFO *a) -{ - fstring temp; - printf("Domain Information\n"); - printf("------------------\n"); - - unistr2_to_ascii(temp, &a->uni_dom_name, sizeof(temp)-1); - printf("\tDomain :%s\n", temp); - printf("\tMin password len :%d\n", a->min_pwd_len); - printf("\tpassword history len:%d\n", a->pwd_history_len); - printf("\tcreation time :%s\n", http_timestring(nt_time_to_unix(&a->creation_time))); -} - -static void decode_sam_group_info(SAM_GROUP_INFO *a) -{ - fstring temp; - printf("\nDomain Group Information\n"); - printf("------------------------\n"); - - unistr2_to_ascii(temp, &a->uni_grp_name, sizeof(temp)-1); - printf("\tGroup name :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_grp_desc, sizeof(temp)-1); - printf("\tGroup description :%s\n", temp); - printf("\trid :%d\n", a->gid.g_rid); - printf("\tattribute :%d\n", a->gid.attr); -} - -static void decode_sam_account_info(SAM_ACCOUNT_INFO *a) -{ - fstring temp; - printf("\nUser Information\n"); - printf("----------------\n"); - - unistr2_to_ascii(temp, &a->uni_acct_name, sizeof(temp)-1); - printf("\tUser name :%s\n", temp); - printf("\tuser's rid :%d\n", a->user_rid); - printf("\tuser's primary gid :%d\n", a->group_rid); - unistr2_to_ascii(temp, &a->uni_full_name, sizeof(temp)-1); - printf("\tfull name :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_home_dir, sizeof(temp)-1); - printf("\thome directory :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_dir_drive, sizeof(temp)-1); - printf("\tdrive :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_logon_script, sizeof(temp)-1); - printf("\tlogon script :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_acct_desc, sizeof(temp)-1); - printf("\tdescription :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_workstations, sizeof(temp)-1); - printf("\tworkstations :%s\n", temp); -} - -static void decode_sam_grp_mem_info(SAM_GROUP_MEM_INFO *a) -{ - int i; - printf("\nGroup members information\n"); - printf("-------------------------\n"); - printf("\tnum members :%d\n", a->num_members); - - for (i=0; i<a->num_members; i++) { - printf("\trid, attr:%d, %d\n", a->rids[i], a->attribs[i]); - } -} - -static void decode_sam_alias_info(SAM_ALIAS_INFO *a) -{ - fstring temp; - printf("\nAlias Information\n"); - printf("-----------------\n"); - - unistr2_to_ascii(temp, &a->uni_als_name, sizeof(temp)-1); - printf("\tname :%s\n", temp); - unistr2_to_ascii(temp, &a->uni_als_desc, sizeof(temp)-1); - printf("\tdescription :%s\n", temp); - printf("\trid :%d\n", a->als_rid); -} - -static void decode_sam_als_mem_info(SAM_ALIAS_MEM_INFO *a) -{ - int i; - fstring temp; - printf("\nAlias members Information\n"); - printf("-------------------------\n"); - printf("\tnum members :%d\n", a->num_members); - printf("\tnum sids :%d\n", a->num_sids); - for (i=0; i<a->num_sids; i++) { - printf("\tsid :%s\n", sid_to_string(temp, &a->sids[i].sid)); - } - - -} - -static void decode_sam_dom_info(SAM_DELTA_DOM *a) -{ - fstring temp; - printf("\nDomain information\n"); - printf("------------------\n"); - - unistr2_to_ascii(temp, &a->domain_name, sizeof(temp)-1); - printf("\tdomain name :%s\n", temp); - printf("\tsid :%s\n", sid_to_string(temp, &a->domain_sid.sid)); -} - -static void decode_sam_unk0e_info(SAM_DELTA_UNK0E *a) -{ - fstring temp; - printf("\nTrust information\n"); - printf("-----------------\n"); - - unistr2_to_ascii(temp, &a->domain, sizeof(temp)-1); - printf("\tdomain name :%s\n", temp); - printf("\tsid :%s\n", sid_to_string(temp, &a->sid.sid)); - display_sec_desc(a->sec_desc); -} - -static void decode_sam_privs_info(SAM_DELTA_PRIVS *a) -{ - int i; - fstring temp; - printf("\nSID and privileges information\n"); - printf("------------------------------\n"); - printf("\tsid :%s\n", sid_to_string(temp, &a->sid.sid)); - display_sec_desc(a->sec_desc); - printf("\tprivileges count :%d\n", a->privlist_count); - for (i=0; i<a->privlist_count; i++) { - unistr2_to_ascii(temp, &a->uni_privslist[i], sizeof(temp)-1); - printf("\tprivilege name :%s\n", temp); - printf("\tattribute :%d\n", a->attributes[i]); - } -} - -static void decode_sam_unk12_info(SAM_DELTA_UNK12 *a) -{ - fstring temp; - printf("\nTrusted information\n"); - printf("-------------------\n"); - - unistr2_to_ascii(temp, &a->secret, sizeof(temp)-1); - printf("\tsecret name :%s\n", temp); - display_sec_desc(a->sec_desc); - - printf("\ttime 1 :%s\n", http_timestring(nt_time_to_unix(&a->time1))); - printf("\ttime 2 :%s\n", http_timestring(nt_time_to_unix(&a->time2))); - - display_sec_desc(a->sec_desc2); -} - -static void decode_sam_stamp(SAM_DELTA_STAMP *a) -{ - printf("\nStamp information\n"); - printf("-----------------\n"); - printf("\tsequence number :%d\n", a->seqnum); -} - -static void decode_sam_deltas(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas, SAM_DELTA_CTR *deltas) -{ - int i; - for (i = 0; i < num_deltas; i++) { - switch (hdr_deltas[i].type) { - case SAM_DELTA_DOMAIN_INFO: { - SAM_DOMAIN_INFO *a; - a = &deltas[i].domain_info; - decode_domain_info(a); - break; - } - case SAM_DELTA_GROUP_INFO: { - SAM_GROUP_INFO *a; - a = &deltas[i].group_info; - decode_sam_group_info(a); - break; - } - case SAM_DELTA_ACCOUNT_INFO: { - SAM_ACCOUNT_INFO *a; - a = &deltas[i].account_info; - decode_sam_account_info(a); - break; - } - case SAM_DELTA_GROUP_MEM: { - SAM_GROUP_MEM_INFO *a; - a = &deltas[i].grp_mem_info; - decode_sam_grp_mem_info(a); - break; - } - case SAM_DELTA_ALIAS_INFO: { - SAM_ALIAS_INFO *a; - a = &deltas[i].alias_info; - decode_sam_alias_info(a); - break; - } - case SAM_DELTA_ALIAS_MEM: { - SAM_ALIAS_MEM_INFO *a; - a = &deltas[i].als_mem_info; - decode_sam_als_mem_info(a); - break; - } - case SAM_DELTA_POLICY_INFO: { - SAM_DELTA_POLICY *a; - a = &deltas[i].dom_info; - decode_sam_dom_info(a); - break; - } - case SAM_DELTA_UNK0E_INFO: { - SAM_DELTA_UNK0E *a; - a = &deltas[i].unk0e_info; - decode_sam_unk0e_info(a); - break; - } - case SAM_DELTA_PRIVS_INFO: { - SAM_DELTA_PRIVS *a; - a = &deltas[i].privs_info; - decode_sam_privs_info(a); - break; - } - case SAM_DELTA_UNK12_INFO: { - SAM_DELTA_UNK12 *a; - a = &deltas[i].unk12_info; - decode_sam_unk12_info(a); - break; - } - case SAM_DELTA_SAM_STAMP: { - SAM_DELTA_STAMP *a; - a = &deltas[i].stamp; - decode_sam_stamp(a); - break; - } - default: - DEBUG(0,("unknown delta type: %d\n", hdr_deltas[i].type)); - break; - } - } -} - -/* Convert a SAM_ACCOUNT_DELTA to a SAM_ACCOUNT. */ - -static void sam_account_from_delta(SAM_ACCOUNT *account, - SAM_ACCOUNT_INFO *delta) -{ - DOM_SID sid; - fstring s; - - /* Username, fullname, home dir, dir drive, logon script, acct - desc, workstations, profile. */ - - unistr2_to_ascii(s, &delta->uni_acct_name, sizeof(s) - 1); - pdb_set_nt_username(account, s); - - /* Unix username is the same - for sainity */ - pdb_set_username(account, s); - - unistr2_to_ascii(s, &delta->uni_full_name, sizeof(s) - 1); - pdb_set_fullname(account, s); - - unistr2_to_ascii(s, &delta->uni_home_dir, sizeof(s) - 1); - pdb_set_homedir(account, s, True); - - unistr2_to_ascii(s, &delta->uni_dir_drive, sizeof(s) - 1); - pdb_set_dir_drive(account, s, True); - - unistr2_to_ascii(s, &delta->uni_logon_script, sizeof(s) - 1); - pdb_set_logon_script(account, s, True); - - unistr2_to_ascii(s, &delta->uni_acct_desc, sizeof(s) - 1); - pdb_set_acct_desc(account, s); - - unistr2_to_ascii(s, &delta->uni_workstations, sizeof(s) - 1); - pdb_set_workstations(account, s); - - unistr2_to_ascii(s, &delta->uni_profile, sizeof(s) - 1); - pdb_set_profile_path(account, s, True); - - /* User and group sid */ - - sid_copy(&sid, &domain_sid); - sid_append_rid(&sid, delta->user_rid); - pdb_set_user_sid(account, &sid); - - sid_copy(&sid, &domain_sid); - sid_append_rid(&sid, delta->group_rid); - pdb_set_group_sid(account, &sid); - - /* Logon and password information */ - - pdb_set_logon_time(account, nt_time_to_unix(&delta->logon_time), True); - pdb_set_logoff_time(account, nt_time_to_unix(&delta->logoff_time), - True); - - pdb_set_logon_divs(account, delta->logon_divs); - - /* TODO: logon hours */ - /* TODO: bad password count */ - /* TODO: logon count */ - - pdb_set_pass_last_set_time( - account, nt_time_to_unix(&delta->pwd_last_set_time)); - - /* TODO: account expiry time */ - - pdb_set_acct_ctrl(account, delta->acb_info); -} - -static void apply_account_info(SAM_ACCOUNT_INFO *sam_acct_delta) -{ - SAM_ACCOUNT *sam_acct; - BOOL result; - - if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_acct))) { - return; - } - - sam_account_from_delta(sam_acct, sam_acct_delta); - result = pdb_add_sam_account(sam_acct); -} - -/* Apply an array of deltas to the SAM database */ - -static void apply_deltas(uint32 num_deltas, SAM_DELTA_HDR *hdr_deltas, - SAM_DELTA_CTR *deltas) -{ - uint32 i; - - for (i = 0; i < num_deltas; i++) { - switch(hdr_deltas[i].type) { - case SAM_DELTA_ACCOUNT_INFO: - apply_account_info(&deltas[i].account_info); - break; - } - } -} - /* Synchronise sam database */ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], - BOOL do_smbpasswd_output, BOOL verbose) + BOOL do_smbpasswd_output) { TALLOC_CTX *mem_ctx; - SAM_DELTA_HDR *hdr_deltas_0, *hdr_deltas_2; - SAM_DELTA_CTR *deltas_0, *deltas_2; - uint32 num_deltas_0, num_deltas_2; + SAM_DELTA_HDR *hdr_deltas; + SAM_DELTA_CTR *deltas; + uint32 database_id = 0, num_deltas; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - struct pdb_context *in; - uint32 neg_flags = 0x000001ff; - - DOM_CRED ret_creds; /* Initialise */ - if (!NT_STATUS_IS_OK(make_pdb_context_list(&in, lp_passdb_backend()))){ - DEBUG(0, ("Can't initialize passdb backend.\n")); - return result; - } - if (!(mem_ctx = talloc_init())) { DEBUG(0,("talloc_init failed\n")); return result; @@ -385,65 +47,38 @@ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], /* Request a challenge */ - if (!NT_STATUS_IS_OK(cli_nt_setup_creds(cli, SEC_CHAN_BDC, trust_passwd, &neg_flags, 2))) { + if (!NT_STATUS_IS_OK(new_cli_nt_setup_creds(cli, trust_passwd))) { DEBUG(0, ("Error initialising session creds\n")); goto done; } - /* on first call the returnAuthenticator is empty */ - memset(&ret_creds, 0, sizeof(ret_creds)); - - /* Do sam synchronisation on the SAM database*/ + /* Do sam synchronisation */ - result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, 0, 0, - &num_deltas_0, &hdr_deltas_0, - &deltas_0); + result = cli_netlogon_sam_sync(cli, mem_ctx, database_id, + &num_deltas, &hdr_deltas, &deltas); - if (!NT_STATUS_IS_OK(result)) - goto done; - - - /* Update sam */ - - apply_deltas(num_deltas_0, hdr_deltas_0, deltas_0); - - - /* - * we can't yet do several sam_sync in a raw, it's a credential problem - * we must chain the credentials - */ - -#if 1 - /* Do sam synchronisation on the LSA database */ - - result = cli_netlogon_sam_sync(cli, mem_ctx, &ret_creds, 2, 0, &num_deltas_2, &hdr_deltas_2, &deltas_2); - - if (!NT_STATUS_IS_OK(result)) + if (!NT_STATUS_IS_OK(result)) { goto done; - - /* verbose mode */ - if (verbose) - decode_sam_deltas(num_deltas_2, hdr_deltas_2, deltas_2); -#endif + } /* Produce smbpasswd output - good for migrating from NT! */ if (do_smbpasswd_output) { int i; - for (i = 0; i < num_deltas_0; i++) { + for (i = 0; i < num_deltas; i++) { SAM_ACCOUNT_INFO *a; fstring acct_name, hex_nt_passwd, hex_lm_passwd; uchar lm_passwd[16], nt_passwd[16]; /* Skip non-user accounts */ - if (hdr_deltas_0[i].type != SAM_DELTA_ACCOUNT_INFO) + if (hdr_deltas[i].type != SAM_DELTA_ACCOUNT_INFO) continue; - a = &deltas_0[i].account_info; + a = &deltas[i].account_info; - unistr2_to_ascii(acct_name, &a->uni_acct_name, + unistr2_to_unix(acct_name, &a->uni_acct_name, sizeof(acct_name) - 1); /* Decode hashes from password hash */ @@ -464,12 +99,15 @@ static NTSTATUS sam_sync(struct cli_state *cli, unsigned char trust_passwd[16], printf("%s:%d:%s:%s:%s:LCT-0\n", acct_name, a->user_rid, hex_lm_passwd, hex_nt_passwd, - smbpasswd_encode_acb_info(a->acb_info)); + smbpasswd_encode_acb_info( + deltas[i].account_info.acb_info)); } goto done; } + /* Update sam tdb */ + done: cli_nt_session_close(cli); talloc_destroy(mem_ctx); @@ -487,28 +125,67 @@ static NTSTATUS sam_repl(struct cli_state *cli, unsigned char trust_passwde[16], return result; } +/* Print usage information */ + +static void usage(void) +{ + printf("Usage: samsync [options]\n"); + + printf("\t-d debuglevel set the debuglevel\n"); + printf("\t-h Print this help message.\n"); + printf("\t-s configfile specify an alternative config file\n"); + printf("\t-S synchronise sam database\n"); + printf("\t-R replicate sam deltas\n"); + printf("\t-U username username and password\n"); + printf("\t-p produce smbpasswd output\n"); + printf("\n"); +} + +/* Initialise client credentials for authenticated pipe access */ + +void init_rpcclient_creds(struct ntuser_creds *creds, char* username, + char* domain, char* password) +{ + ZERO_STRUCTP(creds); + + if (lp_encrypted_passwords()) { + pwd_make_lm_nt_16(&creds->pwd, password); + } else { + pwd_set_cleartext(&creds->pwd, password); + } + + fstrcpy(creds->user_name, username); + fstrcpy(creds->domain, domain); + + if (! *username) { + creds->pwd.null_pwd = True; + } +} + /* Connect to primary domain controller */ -static struct cli_state *init_connection(struct cli_state **cli, +static struct cli_state *init_connection(struct cli_state *cli, char *username, char *domain, char *password) { + struct ntuser_creds creds; extern pstring global_myname; struct in_addr *dest_ip; + struct nmb_name calling, called; int count; fstring dest_host; - /* Initialise myname */ + /* Initialise cli_state information */ - if (!global_myname[0]) { - char *p; + ZERO_STRUCTP(cli); - fstrcpy(global_myname, myhostname()); - p = strchr(global_myname, '.'); - if (p) - *p = 0; + if (!cli_initialise(cli)) { + return NULL; } + init_rpcclient_creds(&creds, username, domain, password); + cli_init_creds(cli, &creds); + /* Look up name of PDC controller */ if (!get_dc_list(True, lp_workgroup(), &dest_ip, &count)) { @@ -517,255 +194,168 @@ static struct cli_state *init_connection(struct cli_state **cli, return NULL; } - if (!lookup_dc_name(global_myname, lp_workgroup(), dest_ip, - dest_host)) { + if (!lookup_pdc_name(global_myname, lp_workgroup(), dest_ip, + dest_host)) { DEBUG(0, ("Could not lookup up PDC name for domain %s\n", lp_workgroup())); return NULL; } - if (NT_STATUS_IS_OK(cli_full_connection(cli, global_myname, dest_host, - dest_ip, 0, - "IPC$", "IPC", - username, domain, - password, 0))) { - return *cli; - } - - return NULL; -} - -/* Main function */ - -static fstring popt_username, popt_domain, popt_password; -static BOOL popt_got_pass; - -static void user_callback(poptContext con, - enum poptCallbackReason reason, - const struct poptOption *opt, - const char *arg, const void *data) -{ - const char *p, *ch; - - if (!arg) - return; - - switch(opt->val) { - - /* Check for [DOMAIN\\]username[%password]*/ - - case 'U': - - p = arg; + get_myname((*global_myname)?NULL:global_myname); + strupper(global_myname); - if ((ch = strchr(p, '\\'))) { - fstrcpy(popt_domain, p); - popt_domain[ch - p] = 0; - } + make_nmb_name(&called, dns_to_netbios_name(dest_host), 0x20); + make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0); - fstrcpy(popt_username, p); + /* Establish a SMB connection */ - if ((ch = strchr(p, '%'))) { - popt_username[ch - p] = 0; - fstrcpy(popt_password, ch + 1); - popt_got_pass = True; - } - - break; - - case 'W': - fstrcpy(popt_domain, arg); - break; + if (!cli_establish_connection(cli, dest_host, dest_ip, &calling, + &called, "IPC$", "IPC", False, True)) { + return NULL; } + + return cli; } -/* Return domain, username and password passed in from cmd line */ - -void popt_common_get_auth_info(char **domain, char **username, char **password, - BOOL *got_pass) -{ - *domain = popt_domain; - *username = popt_username; - *password = popt_password; - *got_pass = popt_got_pass; -} - -struct poptOption popt_common_auth_info[] = { - { NULL, 0, POPT_ARG_CALLBACK, user_callback }, - { "user", 'U', POPT_ARG_STRING, NULL, 'U', "Set username", - "[DOMAIN\\]username[%password]" }, - { "domain", 'W', POPT_ARG_STRING, NULL, 'W', "Set domain name", - "DOMAIN"}, - { 0 } -}; - -static BOOL popt_interactive; - -BOOL popt_common_is_interactive(void) -{ - return popt_interactive; -} - -struct poptOption popt_common_interactive[] = { - { "interactive", 'i', POPT_ARG_NONE, &popt_interactive, 'i', - "Log to stdout" }, - { 0 } -}; +/* Main function */ int main(int argc, char **argv) { BOOL do_sam_sync = False, do_sam_repl = False; - struct cli_state *cli; + pstring servicesf = CONFIGFILE; + struct cli_state cli; NTSTATUS result; + int opt; pstring logfile; - BOOL do_smbpasswd_output = False; - BOOL verbose = True, got_pass = False; - uint32 serial = 0; + BOOL interactive = False, do_smbpasswd_output = False; + uint32 low_serial = 0; unsigned char trust_passwd[16]; - char *username, *domain, *password; - poptContext pc; - char c; - - struct poptOption popt_samsync_opts[] = { - { "synchronise", 'S', POPT_ARG_NONE, &do_sam_sync, 'S', - "Perform full SAM synchronisation" }, - { "replicate", 'R', POPT_ARG_NONE, &do_sam_repl, 'R', - "Replicate SAM changes" }, - { "serial", 0, POPT_ARG_INT, &serial, 0, "SAM serial number" }, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_debug }, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_auth_info }, - { NULL, 0, POPT_ARG_INCLUDE_TABLE, popt_common_interactive }, - POPT_AUTOHELP - { 0 } - }; - - /* Read command line options */ - - pc = poptGetContext("samsync", argc, (const char **)argv, - popt_samsync_opts, 0); - - if (argc == 1) { - poptPrintUsage(pc, stdout, 0); - return 1; - } - - while ((c = poptGetNextOpt(pc)) != -1) { - - /* Argument processing error */ - - if (c < -1) { - fprintf(stderr, "samsync: %s: %s\n", - poptBadOption(pc, POPT_BADOPTION_NOALIAS), - poptStrerror(c)); - return 1; - } - - /* Handle arguments */ + fstring username, domain, password; - switch (c) { - case 'h': - poptPrintHelp(pc, stdout, 0); - return 1; - case 'u': - poptPrintUsage(pc, stdout, 0); - return 1; - } - } - - /* Bail out if any extra args were passed */ - - if (poptPeekArg(pc)) { - fprintf(stderr, "samsync: invalid argument %s\n", - poptPeekArg(pc)); - poptPrintUsage(pc, stdout, 0); - return 1; - } + if (argc == 1) { + usage(); + return 1; + } - poptFreeContext(pc); + ZERO_STRUCT(username); + ZERO_STRUCT(domain); + ZERO_STRUCT(password); + + /* Parse command line options */ + + while((opt = getopt(argc, argv, "s:d:SR:hiU:W:p")) != EOF) { + switch (opt) { + case 's': + pstrcpy(servicesf, optarg); + break; + case 'd': + DEBUGLEVEL = atoi(optarg); + break; + case 'S': + do_sam_sync = 1; + break; + case 'R': + do_sam_repl = 1; + low_serial = atoi(optarg); + break; + case 'i': + interactive = True; + break; + case 'U': { + char *lp; + + fstrcpy(username,optarg); + if ((lp=strchr(username,'%'))) { + *lp = 0; + fstrcpy(password,lp+1); + memset(strchr(optarg, '%') + 1, 'X', + strlen(password)); + } + break; + } + case 'W': + pstrcpy(domain, optarg); + break; + case 'p': + do_smbpasswd_output = True; + break; + case 'h': + default: + usage(); + exit(1); + } + } - /* Setup logging */ + argc -= optind; - dbf = x_stdout; + if (argc > 0) { + usage(); + return 1; + } - if (!lp_load(dyn_CONFIGFILE, True, False, False)) { - d_fprintf(stderr, "samsync: error opening config file %s. " - "Error was %s\n", dyn_CONFIGFILE, strerror(errno)); - return 1; - } + /* Initialise samba */ - slprintf(logfile, sizeof(logfile) - 1, "%s/log.%s", dyn_LOGFILEBASE, + slprintf(logfile, sizeof(logfile) - 1, "%s/log.%s", LOGFILEBASE, "samsync"); - lp_set_logfile(logfile); - setup_logging("samsync", popt_common_is_interactive()); + setup_logging("samsync", interactive); - if (!popt_common_is_interactive()) + if (!interactive) reopen_logs(); - load_interfaces(); + if (!lp_load(servicesf, True, False, False)) { + fprintf(stderr, "Can't load %s\n", servicesf); + } + + load_interfaces(); + + TimeInit(); /* Check arguments make sense */ if (do_sam_sync && do_sam_repl) { - DEBUG(0, ("cannot specify both -S and -R\n")); + fprintf(stderr, "cannot specify both -S and -R\n"); return 1; } if (!do_sam_sync && !do_sam_repl) { - DEBUG(0, ("samsync: you must either --synchronise or " - "--replicate the SAM database\n")); + fprintf(stderr, "must specify either -S or -R\n"); return 1; } - if (do_sam_repl && serial == 0) { - DEBUG(0, ("samsync: must specify serial number\n")); + if (do_sam_repl && low_serial == 0) { + fprintf(stderr, "serial number must be positive\n"); return 1; } - if (do_sam_sync && serial != 0) { - DEBUG(0, ("samsync: you can't specify a serial number when " - "synchonising the SAM database\n")); - return 1; - } - /* BDC operations require the machine account password */ if (!secrets_init()) { - DEBUG(0, ("samsync: unable to initialise secrets database\n")); + DEBUG(0, ("Unable to initialise secrets database\n")); return 1; } if (!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd, NULL)) { - DEBUG(0, ("samsync: could not fetch trust account password\n")); + DEBUG(0, ("could not fetch trust account password\n")); return 1; } - /* I wish the domain sid wasn't stored in secrets.tdb */ - - if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { - DEBUG(0, ("samsync: could not retrieve domain sid\n")); - return 1; - } - /* Perform sync or replication */ - popt_common_get_auth_info(&domain, &username, &password, &got_pass); - if (!init_connection(&cli, username, domain, password)) return 1; if (do_sam_sync) - result = sam_sync(cli, trust_passwd, do_smbpasswd_output, - verbose); + result = sam_sync(&cli, trust_passwd, do_smbpasswd_output); if (do_sam_repl) - result = sam_repl(cli, trust_passwd, serial); + result = sam_repl(&cli, trust_passwd, low_serial); if (!NT_STATUS_IS_OK(result)) { - DEBUG(0, ("%s\n", nt_errstr(result))); + DEBUG(0, ("%s\n", get_nt_error_msg(result))); return 1; } |