diff options
Diffstat (limited to 'source/utils')
-rw-r--r-- | source/utils/net_ads.c | 125 | ||||
-rw-r--r-- | source/utils/net_ads_gpo.c | 1 | ||||
-rw-r--r-- | source/utils/net_rpc.c | 30 | ||||
-rw-r--r-- | source/utils/net_sam.c | 14 | ||||
-rw-r--r-- | source/utils/net_status.c | 4 | ||||
-rw-r--r-- | source/utils/ntlm_auth.c | 3 | ||||
-rw-r--r-- | source/utils/pdbedit.c | 1 | ||||
-rw-r--r-- | source/utils/smbcontrol.c | 28 | ||||
-rw-r--r-- | source/utils/status.c | 4 | ||||
-rw-r--r-- | source/utils/status_profile.c | 4 |
10 files changed, 174 insertions, 40 deletions
diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c index 02a0b68932c..52af6e68d77 100644 --- a/source/utils/net_ads.c +++ b/source/utils/net_ads.c @@ -1118,6 +1118,72 @@ done: } /******************************************************************* + Set a machines dNSHostName and servicePrincipalName attributes + ********************************************************************/ + +static ADS_STATUS net_set_os_attributes(TALLOC_CTX *ctx, ADS_STRUCT *ads_s, + const char *os_name, const char *os_version ) +{ + ADS_STATUS status = ADS_ERROR(LDAP_SERVER_DOWN); + char *new_dn; + ADS_MODLIST mods; + LDAPMessage *res = NULL; + char *dn_string = NULL; + const char *machine_name = global_myname(); + int count; + char *os_sp = NULL; + + if ( !os_name || !os_version ) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + /* Find our DN */ + + status = ads_find_machine_acct(ads_s, &res, machine_name); + if (!ADS_ERR_OK(status)) + return status; + + if ( (count = ads_count_replies(ads_s, res)) != 1 ) { + DEBUG(1,("net_set_machine_spn: %d entries returned!\n", count)); + return ADS_ERROR(LDAP_NO_MEMORY); + } + + if ( (dn_string = ads_get_dn(ads_s, res)) == NULL ) { + DEBUG(1, ("ads_add_machine_acct: ads_get_dn returned NULL (malloc failure?)\n")); + goto done; + } + + new_dn = talloc_strdup(ctx, dn_string); + ads_memfree(ads_s, dn_string); + if (!new_dn) { + return ADS_ERROR(LDAP_NO_MEMORY); + } + + /* now do the mods */ + + if (!(mods = ads_init_mods(ctx))) { + goto done; + } + + os_sp = talloc_asprintf( ctx, "Samba %s", SAMBA_VERSION_STRING ); + + /* fields of primary importance */ + + ads_mod_str(ctx, &mods, "operatingSystem", os_name); + ads_mod_str(ctx, &mods, "operatingSystemVersion", os_version); + if ( os_sp ) + ads_mod_str(ctx, &mods, "operatingSystemServicePack", os_sp); + + status = ads_gen_mod(ads_s, new_dn, mods); + +done: + ads_msgfree(ads_s, res); + TALLOC_FREE( os_sp ); + + return status; +} + +/******************************************************************* join a domain using ADS (LDAP mods) ********************************************************************/ @@ -1386,6 +1452,8 @@ int net_ads_join(int argc, const char **argv) int i; fstring dc_name; struct in_addr dcip; + const char *os_name = NULL; + const char *os_version = NULL; nt_status = check_ads_config(); if (!NT_STATUS_IS_OK(nt_status)) { @@ -1427,7 +1495,21 @@ int net_ads_join(int argc, const char **argv) } else if ( !StrnCaseCmp(argv[i], "createcomputer", strlen("createcomputer")) ) { if ( (create_in_ou = get_string_param(argv[i])) == NULL ) { - d_fprintf(stderr, "Please supply a valid OU path\n"); + d_fprintf(stderr, "Please supply a valid OU path.\n"); + nt_status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + } + else if ( !StrnCaseCmp(argv[i], "osName", strlen("osName")) ) { + if ( (os_name = get_string_param(argv[i])) == NULL ) { + d_fprintf(stderr, "Please supply a operating system name.\n"); + nt_status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + } + else if ( !StrnCaseCmp(argv[i], "osVer", strlen("osVer")) ) { + if ( (os_version = get_string_param(argv[i])) == NULL ) { + d_fprintf(stderr, "Please supply a valid operating system version.\n"); nt_status = NT_STATUS_INVALID_PARAMETER; goto fail; } @@ -1546,7 +1628,18 @@ int net_ads_join(int argc, const char **argv) } } + /* Try to set the operatingSystem attributes if asked */ + + if ( os_name && os_version ) { + status = net_set_os_attributes( ctx, ads, os_name, os_version ); + if ( !ADS_ERR_OK(status) ) { + d_fprintf(stderr, "Failed to set operatingSystem attributes. " + "Are you a Domain Admin?\n"); + } + } + /* Now build the keytab, using the same ADS connection */ + if (lp_use_kerberos_keytab() && ads_keytab_create_default(ads)) { DEBUG(1,("Error creating host keytab!\n")); } @@ -1819,13 +1912,16 @@ static int net_ads_printer_publish(int argc, const char **argv) TALLOC_CTX *mem_ctx = talloc_init("net_ads_printer_publish"); ADS_MODLIST mods = ads_init_mods(mem_ctx); char *prt_dn, *srv_dn, **srv_cn; + char *srv_cn_escaped = NULL, *printername_escaped = NULL; LDAPMessage *res = NULL; if (!ADS_ERR_OK(ads_startup(True, &ads))) { + talloc_destroy(mem_ctx); return -1; } if (argc < 1) { + talloc_destroy(mem_ctx); return net_ads_printer_usage(argc, argv); } @@ -1853,6 +1949,7 @@ static int net_ads_printer_publish(int argc, const char **argv) d_fprintf(stderr, "Unable to open a connnection to %s to obtain data " "for %s\n", servername, printername); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } @@ -1864,37 +1961,60 @@ static int net_ads_printer_publish(int argc, const char **argv) d_fprintf(stderr, "Could not find machine account for server %s\n", servername); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } srv_dn = ldap_get_dn((LDAP *)ads->ld, (LDAPMessage *)res); srv_cn = ldap_explode_dn(srv_dn, 1); - asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn[0], printername, srv_dn); + srv_cn_escaped = escape_rdn_val_string_alloc(srv_cn[0]); + printername_escaped = escape_rdn_val_string_alloc(printername); + if (!srv_cn_escaped || !printername_escaped) { + SAFE_FREE(srv_cn_escaped); + SAFE_FREE(printername_escaped); + d_fprintf(stderr, "Internal error, out of memory!"); + ads_destroy(&ads); + talloc_destroy(mem_ctx); + return -1; + } + + asprintf(&prt_dn, "cn=%s-%s,%s", srv_cn_escaped, printername_escaped, srv_dn); + + SAFE_FREE(srv_cn_escaped); + SAFE_FREE(printername_escaped); pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SPOOLSS, &nt_status); if (!pipe_hnd) { d_fprintf(stderr, "Unable to open a connnection to the spoolss pipe on %s\n", servername); + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } if (!W_ERROR_IS_OK(get_remote_printer_publishing_data(pipe_hnd, mem_ctx, &mods, printername))) { + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } rc = ads_add_printer_entry(ads, prt_dn, mem_ctx, &mods); if (!ADS_ERR_OK(rc)) { d_fprintf(stderr, "ads_publish_printer: %s\n", ads_errstr(rc)); + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return -1; } d_printf("published printer\n"); + SAFE_FREE(prt_dn); ads_destroy(&ads); + talloc_destroy(mem_ctx); return 0; } @@ -2158,6 +2278,7 @@ static int net_ads_dn_usage(int argc, const char **argv) "The DN standard LDAP DN, and the attributes are a list of LDAP fields \n"\ "to show in the results\n\n"\ "Example: net ads dn 'CN=administrator,CN=Users,DC=my,DC=domain' sAMAccountName\n\n" + "Note: the DN must be provided properly escaped. See RFC 4514 for details\n\n" ); net_common_flags_usage(argc, argv); return -1; diff --git a/source/utils/net_ads_gpo.c b/source/utils/net_ads_gpo.c index 1865aee3d41..83cc2fe8fcf 100644 --- a/source/utils/net_ads_gpo.c +++ b/source/utils/net_ads_gpo.c @@ -351,6 +351,7 @@ static int net_ads_gpo_add_link(int argc, const char **argv) if (argc < 2) { printf("usage: net ads gpo addlink <linkdn> <gpodn> [options]\n"); + printf("note: DNs must be provided properly escaped.\n See RFC 4514 for details\n"); return -1; } diff --git a/source/utils/net_rpc.c b/source/utils/net_rpc.c index 34e87ddbd21..56aee3be91a 100644 --- a/source/utils/net_rpc.c +++ b/source/utils/net_rpc.c @@ -3585,15 +3585,23 @@ static void copy_fn(const char *mnt, file_info *f, const char *mask, void *state **/ BOOL sync_files(struct copy_clistate *cp_clistate, pstring mask) { + struct cli_state *targetcli; + pstring targetpath; DEBUG(3,("calling cli_list with mask: %s\n", mask)); - if (cli_list(cp_clistate->cli_share_src, mask, cp_clistate->attribute, copy_fn, cp_clistate) == -1) { - d_fprintf(stderr, "listing %s failed with error: %s\n", + if ( !cli_resolve_path( "", cp_clistate->cli_share_src, mask, &targetcli, targetpath ) ) { + d_fprintf(stderr, "cli_resolve_path %s failed with error: %s\n", mask, cli_errstr(cp_clistate->cli_share_src)); return False; } + if (cli_list(targetcli, targetpath, cp_clistate->attribute, copy_fn, cp_clistate) == -1) { + d_fprintf(stderr, "listing %s failed with error: %s\n", + mask, cli_errstr(targetcli)); + return False; + } + return True; } @@ -4934,12 +4942,12 @@ static int rpc_file_close(int argc, const char **argv) * @param str3 strings for FILE_INFO_3 **/ -static void display_file_info_3(FILE_INFO_3 *info3, FILE_INFO_3_STR *str3) +static void display_file_info_3( FILE_INFO_3 *info3 ) { fstring user = "", path = ""; - rpcstr_pull_unistr2_fstring(user, &str3->uni_user_name); - rpcstr_pull_unistr2_fstring(path, &str3->uni_path_name); + rpcstr_pull_unistr2_fstring(user, info3->user); + rpcstr_pull_unistr2_fstring(path, info3->path); d_printf("%-7.1d %-20.20s 0x%-4.2x %-6.1d %s\n", info3->id, user, info3->perms, info3->num_locks, path); @@ -4994,8 +5002,7 @@ static NTSTATUS rpc_file_list_internals(const DOM_SID *domain_sid, "\nFileId Opened by Perms Locks Path"\ "\n------ --------- ----- ----- ---- \n"); for (i = 0; i < ctr.num_entries; i++) - display_file_info_3(&ctr.file.info3[i].info_3, - &ctr.file.info3[i].info_3_str); + display_file_info_3(&ctr.file.info3[i]); done: return W_ERROR_IS_OK(result) ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } @@ -6072,6 +6079,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (!pipe_hnd) { DEBUG(0, ("Could not initialise lsa pipe. Error was %s\n", nt_errstr(nt_status) )); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; @@ -6081,6 +6089,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; @@ -6093,6 +6102,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("LSA Query Info failed. Returned error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; } @@ -6112,6 +6122,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't enumerate trusted domains. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; @@ -6133,6 +6144,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't properly close lsa policy handle. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; @@ -6151,6 +6163,7 @@ static int rpc_trustdom_list(int argc, const char **argv) pipe_hnd = cli_rpc_pipe_open_noauth(cli, PI_SAMR, &nt_status); if (!pipe_hnd) { DEBUG(0, ("Could not initialise samr pipe. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; @@ -6161,6 +6174,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't open SAMR policy handle. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; @@ -6173,6 +6187,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("Couldn't open domain object. Error was %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; @@ -6191,6 +6206,7 @@ static int rpc_trustdom_list(int argc, const char **argv) if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't enumerate accounts. Error was: %s\n", nt_errstr(nt_status))); + cli_shutdown(cli); talloc_destroy(mem_ctx); return -1; }; diff --git a/source/utils/net_sam.c b/source/utils/net_sam.c index 8800cb36060..bf397803bc5 100644 --- a/source/utils/net_sam.c +++ b/source/utils/net_sam.c @@ -1043,6 +1043,7 @@ static int net_sam_provision(int argc, const char **argv) d_fprintf(stderr, "Failed to add Domain Users group to ldap directory\n"); } } else { + domusers_gid = gmap.gid; d_printf("found!\n"); } @@ -1096,6 +1097,7 @@ domu_done: d_fprintf(stderr, "Failed to add Domain Admins group to ldap directory\n"); } } else { + domadmins_gid = gmap.gid; d_printf("found!\n"); } @@ -1124,7 +1126,7 @@ doma_done: d_printf("Adding the Administrator user.\n"); if (domadmins_gid == -1) { - d_fprintf(stderr, "Can't create Administrtor user, Domain Admins group not available!\n"); + d_fprintf(stderr, "Can't create Administrator user, Domain Admins group not available!\n"); goto done; } if (!winbind_allocate_uid(&uid)) { @@ -1238,8 +1240,12 @@ doma_done: smbldap_set_mod(&mods, LDAP_MOD_ADD, "displayName", pwd->pw_name); smbldap_set_mod(&mods, LDAP_MOD_ADD, "uidNumber", uidstr); smbldap_set_mod(&mods, LDAP_MOD_ADD, "gidNumber", gidstr); - smbldap_set_mod(&mods, LDAP_MOD_ADD, "homeDirectory", pwd->pw_dir); - smbldap_set_mod(&mods, LDAP_MOD_ADD, "loginShell", pwd->pw_shell); + if ((pwd->pw_dir != NULL) && (pwd->pw_dir[0] != '\0')) { + smbldap_set_mod(&mods, LDAP_MOD_ADD, "homeDirectory", pwd->pw_dir); + } + if ((pwd->pw_shell != NULL) && (pwd->pw_shell[0] != '\0')) { + smbldap_set_mod(&mods, LDAP_MOD_ADD, "loginShell", pwd->pw_shell); + } smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaSID", sid_string_static(&sid)); smbldap_set_mod(&mods, LDAP_MOD_ADD, "sambaAcctFlags", pdb_encode_acct_ctrl(ACB_NORMAL|ACB_DISABLED, @@ -1261,7 +1267,7 @@ doma_done: pwd = getpwnam_alloc(NULL, lp_guestaccount()); if (!pwd) { d_fprintf(stderr, "Failed to find just created Guest account!\n" - " Is nssswitch properly configured?!\n"); + " Is nss properly configured?!\n"); goto failed; } diff --git a/source/utils/net_status.c b/source/utils/net_status.c index c68c9f6e2fb..bfc30eac78a 100644 --- a/source/utils/net_status.c +++ b/source/utils/net_status.c @@ -104,7 +104,7 @@ static int show_share(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, d_printf("%-10.10s %s %-12s %s", crec.name,procid_str_static(&crec.pid), crec.machine, - time_to_asc(&crec.start)); + time_to_asc(crec.start)); return 0; } @@ -173,7 +173,7 @@ static int show_share_parseable(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, guest ? "" : gidtoname(ids->entries[i].gid), crec.machine, guest ? "" : ids->entries[i].hostname, - time_to_asc(&crec.start)); + time_to_asc(crec.start)); return 0; } diff --git a/source/utils/ntlm_auth.c b/source/utils/ntlm_auth.c index 1e7b361e860..1f0a915574d 100644 --- a/source/utils/ntlm_auth.c +++ b/source/utils/ntlm_auth.c @@ -2303,7 +2303,8 @@ enum { } } - if (opt_domain == NULL || !*opt_domain) { + /* Note: if opt_domain is "" then send no domain */ + if (opt_domain == NULL) { opt_domain = get_winbind_domain(); } diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c index d79ab187a3b..d1a87260fa9 100644 --- a/source/utils/pdbedit.c +++ b/source/utils/pdbedit.c @@ -573,6 +573,7 @@ static int new_user (struct pdb_methods *in, const char *username, if (sscanf(user_sid, "%d", &u_rid) != 1) { fprintf(stderr, "Error passed string is not a complete user SID or RID!\n"); + TALLOC_FREE(sam_pwent); return -1; } sid_copy(&u_sid, get_global_sam_sid()); diff --git a/source/utils/smbcontrol.c b/source/utils/smbcontrol.c index ec1e101e061..060079a5735 100644 --- a/source/utils/smbcontrol.c +++ b/source/utils/smbcontrol.c @@ -1145,22 +1145,12 @@ int main(int argc, const char **argv) poptContext pc; int opt; - static struct poptOption wbinfo_options[] = { + static struct poptOption long_options[] = { + POPT_AUTOHELP { "timeout", 't', POPT_ARG_INT, &timeout, 't', "Set timeout value in seconds", "TIMEOUT" }, - { "configfile", 's', POPT_ARG_STRING, NULL, 's', - "Use alternative configuration file", "CONFIGFILE" }, - - POPT_TABLEEND - }; - - struct poptOption options[] = { - { NULL, 0, POPT_ARG_INCLUDE_TABLE, wbinfo_options, 0, - "Options" }, - - POPT_AUTOHELP - POPT_COMMON_VERSION + POPT_COMMON_SAMBA POPT_TABLEEND }; @@ -1171,7 +1161,7 @@ int main(int argc, const char **argv) /* Parse command line arguments using popt */ pc = poptGetContext( - "smbcontrol", argc, (const char **)argv, options, 0); + "smbcontrol", argc, (const char **)argv, long_options, 0); poptSetOtherOptionHelp(pc, "[OPTION...] <destination> <message-type> " "<parameters>"); @@ -1182,11 +1172,6 @@ int main(int argc, const char **argv) while ((opt = poptGetNextOpt(pc)) != -1) { switch(opt) { case 't': /* --timeout */ - argc -= 2; - break; - case 's': /* --configfile */ - pstrcpy(dyn_CONFIGFILE, poptGetOptArg(pc)); - argc -= 2; break; default: fprintf(stderr, "Invalid option\n"); @@ -1200,7 +1185,10 @@ int main(int argc, const char **argv) correct value in the above switch statement. */ argv = (const char **)poptGetArgs(pc); - argc--; /* Don't forget about argv[0] */ + argc = 0; + while (argv[argc] != NULL) { + argc++; + } if (argc == 1) usage(&pc); diff --git a/source/utils/status.c b/source/utils/status.c index 4f66501511b..deba6a9523b 100644 --- a/source/utils/status.c +++ b/source/utils/status.c @@ -162,7 +162,7 @@ static void print_share_mode(const struct share_mode_entry *e, d_printf("NONE "); } - d_printf(" %s %s %s",sharepath, fname, time_to_asc((time_t *)&e->time.tv_sec)); + d_printf(" %s %s %s",sharepath, fname, time_to_asc((time_t)e->time.tv_sec)); } } @@ -207,7 +207,7 @@ static int traverse_fn1(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void *st d_printf("%-10s %s %-12s %s", crec.name,procid_str_static(&crec.pid), crec.machine, - time_to_asc(&crec.start)); + time_to_asc(crec.start)); return 0; } diff --git a/source/utils/status_profile.c b/source/utils/status_profile.c index 9224fc176cb..b4c4940f3fd 100644 --- a/source/utils/status_profile.c +++ b/source/utils/status_profile.c @@ -113,8 +113,8 @@ BOOL status_profile_dump(BOOL verbose) d_printf("chdir_time: %u\n", profile_p->syscall_chdir_time); d_printf("getwd_count: %u\n", profile_p->syscall_getwd_count); d_printf("getwd_time: %u\n", profile_p->syscall_getwd_time); - d_printf("utime_count: %u\n", profile_p->syscall_utime_count); - d_printf("utime_time: %u\n", profile_p->syscall_utime_time); + d_printf("ntimes_count: %u\n", profile_p->syscall_ntimes_count); + d_printf("ntimes_time: %u\n", profile_p->syscall_ntimes_time); d_printf("ftruncate_count: %u\n", profile_p->syscall_ftruncate_count); d_printf("ftruncate_time: %u\n", profile_p->syscall_ftruncate_time); d_printf("fcntl_lock_count: %u\n", profile_p->syscall_fcntl_lock_count); |