300
308
BAIL_ON_CENTERIS_ERROR(ceError);
313
ceError = CTAllocateString("notimesync", nextArg++);
314
BAIL_ON_CENTERIS_ERROR(ceError);
304
317
ceError = BuildJoinEnvironment(krb5ConfPath, pszPassword, &ppszEnv, &nVars);
305
318
BAIL_ON_CENTERIS_ERROR(ceError);
599
612
CanonicalizeOrganizationalUnit(
600
613
PSTR* pszCanonicalizedOrganizationalUnit,
601
PSTR pszOrganizationalUnit,
614
PCSTR pszOrganizationalUnit,
605
618
CENTERROR ceError = CENTERROR_SUCCESS;
792
806
CT_SAFE_FREE_STRING(lwiauthdPath);
793
807
LW_CLEANUP_CTERR(exc, CTAllocateStringPrintf(&lwiauthdPath, "%s/etc/samba/lwiauthd.conf", tempDir));
794
808
LW_CLEANUP_CTERR(exc, CTCopyFileWithOriginalPerms("/etc/samba/lwiauthd.conf", lwiauthdPath));
795
LW_CLEANUP_CTERR(exc, DJCopyKrb5ToRootDir(NULL, tempDir));
809
LW_TRY(exc, DJCopyKrb5ToRootDir(NULL, tempDir, &LW_EXC));
797
811
LW_CLEANUP_CTERR(exc, DJInitSmbConfig(tempDir));
798
812
LW_CLEANUP_CTERR(exc, SetWorkgroup(tempDir, "WORKGROUP"));
816
830
LW_CLEANUP_CTERR(exc, DJSetSambaValue(tempDir, "security", "ads"));
817
831
LW_CLEANUP_CTERR(exc, DJSetSambaValue(tempDir, "use kerberos keytab", "yes"));
833
LW_CLEANUP_CTERR(exc, CTCheckFileExists(NO_TIME_SYNC_FILE, &bNoTimeSyncFileExists));
835
if (options->disableTimeSync && !bNoTimeSyncFileExists)
837
/* Create no time sync file */
838
FILE* noTimeSyncFile = NULL;
840
LW_CLEANUP_CTERR(exc, CTOpenFile(NO_TIME_SYNC_FILE, "w", &noTimeSyncFile));
842
CTCloseFile(noTimeSyncFile);
844
else if (!options->disableTimeSync && bNoTimeSyncFileExists)
846
/* Remove no time sync file */
847
LW_CLEANUP_CTERR(exc, CTRemoveFile(NO_TIME_SYNC_FILE));
819
850
DJ_LOG_INFO("Executing domain join.");
820
851
CT_SAFE_FREE_STRING(options->shortDomainName);
821
852
LW_CLEANUP_CTERR(exc, DJExecDomainJoin(tempDir, options->domainName,
822
853
options->username,
823
854
options->password,
824
855
pszCanonicalizedOU,
856
options->disableTimeSync,
825
857
&options->shortDomainName));
827
859
//Indicate that the join was successful incase QueryDoJoin is called later
953
985
state->moduleData = (void *)2;
954
986
if(IsNullOrEmptyString(options->password))
956
LW_RAISE_EX(exc, CENTERROR_INVALID_PASSWORD, "Unable to delete computer account", "The computer account does not have sufficient permissions to remove itself. Please either provide an administrator's username and password, or the username and password of the account originally used to join the computer to AD.");
988
LW_RAISE_EX(exc, CENTERROR_INVALID_PASSWORD, "Unable to disable computer account", "The computer account does not have sufficient permissions to disable itself. Please either provide an administrator's username and password, or the username and password of the account originally used to join the computer to AD.");
961
LW_RAISE_EX(exc, CENTERROR_COMMAND_FAILED, "Unable to delete computer account", "Removing the computer account failed. Review the above output for more information.");
993
LW_RAISE_EX(exc, CENTERROR_COMMAND_FAILED, "Unable to disable computer account", "Disabling the computer account failed. Review the above output for more information.");
1042
1075
CT_SAFE_FREE_STRING(readValue);
1078
* Need to determine between an Enterprise and Open install.
1081
LW_CLEANUP_CTERR(exc, CTCheckFileExists(PREFIXDIR "/sbin/centeris-gpagentd",
1084
LW_CLEANUP_CTERR(exc, DJGetSambaValue("idmap config default:backend", &readValue));
1085
if (bGpagentdExists) {
1086
if (strcmp(readValue, "lwidentity") != 0)
1089
if (strcmp(readValue, "lwopen") != 0)
1092
CT_SAFE_FREE_STRING(readValue);
1094
LW_CLEANUP_CTERR(exc, DJGetSambaValue("winbind nss info", &readValue));
1095
if (bGpagentdExists) {
1096
if (strcmp(readValue, "lwidentity") != 0)
1099
if (strcmp(readValue, "lwopen") != 0)
1102
CT_SAFE_FREE_STRING(readValue);
1044
1104
result = FullyConfigured;
1052
1112
static void DoLwiConf(JoinProcessOptions *options, LWException **exc)
1114
BOOLEAN bGpagentdExists = FALSE;
1117
memset(&distro, 0, sizeof(distro));
1054
1119
LW_CLEANUP_CTERR(exc, DJInitSmbConfig(NULL));
1055
1120
if(options->joiningDomain)
1058
1123
LW_CLEANUP_CTERR(exc, SetWorkgroup(NULL, options->shortDomainName));
1059
1124
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL, "security", "ads"));
1060
1125
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL, "use kerberos keytab", "yes"));
1127
LW_CLEANUP_CTERR(exc, DJGetDistroInfo(NULL, &distro));
1129
switch (distro.os) {
1131
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1133
"/export/home/local/%D/%U"));
1134
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1139
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1142
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1147
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1149
"/home/local/%D/%U"));
1150
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1156
* Need to determine between an Enterprise and Open install.
1159
LW_CLEANUP_CTERR(exc, CTCheckFileExists(PREFIXDIR "/sbin/centeris-gpagentd",
1162
if (bGpagentdExists) {
1163
/* Likewise Enterprise */
1164
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1165
"idmap config default:backend",
1167
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1172
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1173
"idmap config default:backend",
1175
LW_CLEANUP_CTERR(exc, DJSetSambaValue(NULL,
1220
PCSTR pszDomainName,
1104
1224
BOOLEAN bDoNotChangeHosts
1227
return JoinDomainEx(pszDomainName, pszUserName, pszPassword, pszOU,
1228
bDoNotChangeHosts, FALSE);
1237
BOOLEAN bDoNotChangeHosts,
1238
BOOLEAN bDoNotSyncTime
1107
1241
CENTERROR ceError = CENTERROR_SUCCESS;
1108
1242
CENTERROR ceError2 = CENTERROR_SUCCESS;
1109
1243
PSTR pszComputerName = NULL;
1112
1246
PSTR pszOriginalWorkgroupName = NULL;
1113
1247
BOOLEAN bIsValid = FALSE;
1114
1248
PSTR pszCanonicalizedOU = NULL;
1249
BOOLEAN bNoTimeSyncFileExists = FALSE;
1116
1251
if (geteuid() != 0) {
1117
1252
ceError = CENTERROR_DOMAINJOIN_NON_ROOT_USER;
1291
ceError = CTCheckFileExists(NO_TIME_SYNC_FILE, &bNoTimeSyncFileExists);
1292
BAIL_ON_CENTERIS_ERROR(ceError);
1294
if (bDoNotSyncTime && !bNoTimeSyncFileExists)
1296
/* Create no time sync file */
1297
FILE* noTimeSyncFile = NULL;
1299
ceError = CTOpenFile(NO_TIME_SYNC_FILE, "w", &noTimeSyncFile);
1300
BAIL_ON_CENTERIS_ERROR(ceError);
1302
CTCloseFile(noTimeSyncFile);
1304
else if (!bDoNotSyncTime && bNoTimeSyncFileExists)
1306
/* Remove no time sync file */
1307
ceError = CTRemoveFile(NO_TIME_SYNC_FILE);
1308
BAIL_ON_CENTERIS_ERROR(ceError);
1157
1312
* Make sure that the hostname is fully and properly
1158
1313
* configured in the OS
1445
1601
return ceError;
1449
DJGetComputerDN(PSTR *dn)
1605
DJGetComputerDN(PSTR *dn, LWException **exc)
1451
CENTERROR ceError = CENTERROR_SUCCESS;
1452
1607
PSTR sedPath = NULL;
1455
GCE(ceError = CTFindSed(&sedPath));
1456
ceError = CTShell("%prefix/bin/lwinet ads status -P 2>/dev/null | %sedPath -n %sedExpression >%dn",
1611
LW_CLEANUP_CTERR(exc, CTFindSed(&sedPath));
1612
LW_CLEANUP_CTERR(exc, CTShell("%prefix/bin/lwinet ads status -P 2>%errors | %sedPath -n %sedExpression >%dn",
1457
1613
CTSHELL_STRING(prefix, PREFIXDIR),
1458
1614
CTSHELL_STRING(sedPath, sedPath),
1459
1615
CTSHELL_STRING(sedExpression, "s/^distinguishedName:[ \t]*\\(.*\\)$/\\1/p"),
1460
CTSHELL_BUFFER(dn, dn));
1616
CTSHELL_BUFFER(dn, dn),
1617
CTSHELL_BUFFER(errors, &errors)
1462
1619
CTStripWhitespace(*dn);
1620
if(*dn == NULL || **dn == NULL)
1465
CT_SAFE_FREE_STRING(*dn);
1466
GCE(ceError = CENTERROR_COMMAND_FAILED);
1622
LW_RAISE_EX(exc, CENTERROR_COMMAND_FAILED, "Unable to get distinguished name", "The computer's distinguished name could not be queried. Here is the output from 'lwinet ads status -P':\n%s", errors);
1470
1627
CT_SAFE_FREE_STRING(sedPath);
1628
CT_SAFE_FREE_STRING(errors);