22
22
#include "includes.h"
23
23
#include "utils/net.h"
24
#include "../librpc/gen_ndr/cli_lsa.h"
25
#include "../librpc/gen_ndr/cli_dssetup.h"
24
#include "rpc_client/cli_pipe.h"
25
#include "../librpc/gen_ndr/ndr_lsa_c.h"
26
#include "rpc_client/cli_lsarpc.h"
27
#include "../librpc/gen_ndr/ndr_dssetup_c.h"
29
#include "../libcli/security/security.h"
30
#include "libsmb/libsmb.h"
27
32
NTSTATUS net_rpc_lookup_name(struct net_context *c,
28
33
TALLOC_CTX *mem_ctx, struct cli_state *cli,
29
34
const char *name, const char **ret_domain,
30
const char **ret_name, DOM_SID *ret_sid,
35
const char **ret_name, struct dom_sid *ret_sid,
31
36
enum lsa_SidType *ret_type)
33
38
struct rpc_pipe_client *lsa_pipe = NULL;
34
39
struct policy_handle pol;
35
NTSTATUS result = NT_STATUS_OK;
40
NTSTATUS status, result;
36
41
const char **dom_names;
38
43
enum lsa_SidType *types;
44
struct dcerpc_binding_handle *b;
42
result = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
48
status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
44
if (!NT_STATUS_IS_OK(result)) {
50
if (!NT_STATUS_IS_OK(status)) {
45
51
d_fprintf(stderr, _("Could not initialise lsa pipe\n"));
49
result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false,
55
b = lsa_pipe->binding_handle;
57
status = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false,
50
58
SEC_FLAG_MAXIMUM_ALLOWED,
52
if (!NT_STATUS_IS_OK(result)) {
60
if (!NT_STATUS_IS_OK(status)) {
53
61
d_fprintf(stderr, "open_policy %s: %s\n", _("failed"),
58
result = rpccli_lsa_lookup_names(lsa_pipe, mem_ctx, &pol, 1,
66
status = rpccli_lsa_lookup_names(lsa_pipe, mem_ctx, &pol, 1,
59
67
&name, &dom_names, 1, &sids, &types);
61
if (!NT_STATUS_IS_OK(result)) {
69
if (!NT_STATUS_IS_OK(status)) {
62
70
/* This can happen easily, don't log an error */
117
125
server_ss, c->opt_port,
118
126
service_name, service_type,
119
127
c->opt_user_name, c->opt_workgroup,
120
c->opt_password, flags, Undefined, NULL);
128
c->opt_password, flags, Undefined);
121
129
if (!NT_STATUS_IS_OK(nt_status)) {
122
130
d_fprintf(stderr, _("Could not connect to server %s\n"),
629
static NTSTATUS net_scan_dc_noad(struct net_context *c,
630
struct cli_state *cli,
631
struct net_dc_info *dc_info)
633
TALLOC_CTX *mem_ctx = talloc_tos();
634
struct rpc_pipe_client *pipe_hnd = NULL;
635
struct dcerpc_binding_handle *b;
636
NTSTATUS status, result;
637
struct policy_handle pol;
638
union lsa_PolicyInformation *info;
640
ZERO_STRUCTP(dc_info);
643
status = cli_rpc_pipe_open_noauth(cli, &ndr_table_lsarpc.syntax_id,
645
if (!NT_STATUS_IS_OK(status)) {
649
b = pipe_hnd->binding_handle;
651
status = dcerpc_lsa_open_policy(b, mem_ctx,
653
SEC_FLAG_MAXIMUM_ALLOWED,
656
if (!NT_STATUS_IS_OK(status)) {
659
if (!NT_STATUS_IS_OK(result)) {
664
status = dcerpc_lsa_QueryInfoPolicy(b, mem_ctx,
666
LSA_POLICY_INFO_ACCOUNT_DOMAIN,
669
if (!NT_STATUS_IS_OK(status)) {
672
if (!NT_STATUS_IS_OK(result)) {
677
dc_info->netbios_domain_name = talloc_strdup(mem_ctx, info->account_domain.name.string);
678
if (dc_info->netbios_domain_name == NULL) {
679
status = NT_STATUS_NO_MEMORY;
684
if (is_valid_policy_hnd(&pol)) {
685
dcerpc_lsa_Close(b, mem_ctx, &pol, &result);
688
TALLOC_FREE(pipe_hnd);
621
693
NTSTATUS net_scan_dc(struct net_context *c,
622
694
struct cli_state *cli,
623
695
struct net_dc_info *dc_info)
625
697
TALLOC_CTX *mem_ctx = talloc_tos();
626
698
struct rpc_pipe_client *dssetup_pipe = NULL;
699
struct dcerpc_binding_handle *dssetup_handle = NULL;
627
700
union dssetup_DsRoleInfo info;
630
704
ZERO_STRUCTP(dc_info);
632
706
status = cli_rpc_pipe_open_noauth(cli, &ndr_table_dssetup.syntax_id,
634
708
if (!NT_STATUS_IS_OK(status)) {
709
DEBUG(10,("net_scan_dc: failed to open dssetup pipe with %s, "
710
"retrying with lsa pipe\n", nt_errstr(status)));
711
return net_scan_dc_noad(c, cli, dc_info);
713
dssetup_handle = dssetup_pipe->binding_handle;
638
status = rpccli_dssetup_DsRoleGetPrimaryDomainInformation(dssetup_pipe, mem_ctx,
715
status = dcerpc_dssetup_DsRoleGetPrimaryDomainInformation(dssetup_handle, mem_ctx,
639
716
DS_ROLE_BASIC_INFORMATION,
642
719
TALLOC_FREE(dssetup_pipe);
721
if (NT_STATUS_IS_OK(status)) {
722
status = werror_to_ntstatus(werr);
644
724
if (!NT_STATUS_IS_OK(status)) {