Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

source: branches/samba-3.5.x/source4/torture/rpc/testjoin.c

Visit:

Last change on this file was 414, checked in by Herwig Bauernfeind, 16 years ago
Samba 3.5.0: Initial import
File size: 19.3 KB

Line
1	/*
2	Unix SMB/CIFS implementation.
3
4	utility code to join/leave a domain
5
6	Copyright (C) Andrew Tridgell 2004
7
8	This program is free software; you can redistribute it and/or modify
9	it under the terms of the GNU General Public License as published by
10	the Free Software Foundation; either version 3 of the License, or
11	(at your option) any later version.
12
13	This program is distributed in the hope that it will be useful,
14	but WITHOUT ANY WARRANTY; without even the implied warranty of
15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16	GNU General Public License for more details.
17
18	You should have received a copy of the GNU General Public License
19	along with this program. If not, see <http://www.gnu.org/licenses/>.
20	*/
21
22	/*
23	this code is used by other torture modules to join/leave a domain
24	as either a member, bdc or thru a trust relationship
25	*/
26
27	#include "includes.h"
28	#include "torture/torture.h"
29	#include "system/time.h"
30	#include "../lib/crypto/crypto.h"
31	#include "libnet/libnet.h"
32	#include "lib/cmdline/popt_common.h"
33	#include "lib/ldb/include/ldb.h"
34	#include "librpc/gen_ndr/ndr_samr_c.h"
35
36	#include "libcli/auth/libcli_auth.h"
37	#include "torture/rpc/rpc.h"
38	#include "libcli/security/security.h"
39	#include "param/param.h"
40
41	struct test_join {
42	struct dcerpc_pipe *p;
43	struct policy_handle user_handle;
44	struct libnet_JoinDomain *libnet_r;
45	struct dom_sid *dom_sid;
46	const char *dom_netbios_name;
47	const char *dom_dns_name;
48	struct dom_sid *user_sid;
49	struct GUID user_guid;
50	const char *netbios_name;
51	};
52
53
54	static NTSTATUS DeleteUser_byname(struct dcerpc_pipe p, TALLOC_CTX mem_ctx,
55	struct policy_handle handle, const char name)
56	{
57	NTSTATUS status;
58	struct samr_DeleteUser d;
59	struct policy_handle user_handle;
60	uint32_t rid;
61	struct samr_LookupNames n;
62	struct samr_Ids rids, types;
63	struct lsa_String sname;
64	struct samr_OpenUser r;
65
66	sname.string = name;
67
68	n.in.domain_handle = handle;
69	n.in.num_names = 1;
70	n.in.names = &sname;
71	n.out.rids = &rids;
72	n.out.types = &types;
73
74	status = dcerpc_samr_LookupNames(p, mem_ctx, &n);
75	if (NT_STATUS_IS_OK(status)) {
76	rid = n.out.rids->ids[0];
77	} else {
78	return status;
79	}
80
81	r.in.domain_handle = handle;
82	r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
83	r.in.rid = rid;
84	r.out.user_handle = &user_handle;
85
86	status = dcerpc_samr_OpenUser(p, mem_ctx, &r);
87	if (!NT_STATUS_IS_OK(status)) {
88	printf("OpenUser(%s) failed - %s\n", name, nt_errstr(status));
89	return status;
90	}
91
92	d.in.user_handle = &user_handle;
93	d.out.user_handle = &user_handle;
94	status = dcerpc_samr_DeleteUser(p, mem_ctx, &d);
95	if (!NT_STATUS_IS_OK(status)) {
96	return status;
97	}
98
99	return NT_STATUS_OK;
100	}
101
102	/*
103	create a test user in the domain
104	an opaque pointer is returned. Pass it to torture_leave_domain()
105	when finished
106	*/
107
108	struct test_join torture_create_testuser(struct torture_context torture,
109	const char *username,
110	const char *domain,
111	uint16_t acct_type,
112	const char **random_password)
113	{
114	NTSTATUS status;
115	struct samr_Connect c;
116	struct samr_CreateUser2 r;
117	struct samr_OpenDomain o;
118	struct samr_LookupDomain l;
119	struct dom_sid2 *sid = NULL;
120	struct samr_GetUserPwInfo pwp;
121	struct samr_PwInfo info;
122	struct samr_SetUserInfo s;
123	union samr_UserInfo u;
124	struct policy_handle handle;
125	struct policy_handle domain_handle;
126	uint32_t access_granted;
127	uint32_t rid;
128	DATA_BLOB session_key;
129	struct lsa_String name;
130
131	int policy_min_pw_len = 0;
132	struct test_join *join;
133	char *random_pw;
134	const char *dc_binding = torture_setting_string(torture, "dc_binding", NULL);
135
136	join = talloc(NULL, struct test_join);
137	if (join == NULL) {
138	return NULL;
139	}
140
141	ZERO_STRUCTP(join);
142
143	printf("Connecting to SAMR\n");
144
145	if (dc_binding) {
146	status = dcerpc_pipe_connect(join,
147	&join->p,
148	dc_binding,
149	&ndr_table_samr,
150	cmdline_credentials, NULL, torture->lp_ctx);
151
152	} else {
153	status = torture_rpc_connection(torture,
154	&join->p,
155	&ndr_table_samr);
156	}
157	if (!NT_STATUS_IS_OK(status)) {
158	return NULL;
159	}
160
161	c.in.system_name = NULL;
162	c.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
163	c.out.connect_handle = &handle;
164
165	status = dcerpc_samr_Connect(join->p, join, &c);
166	if (!NT_STATUS_IS_OK(status)) {
167	const char *errstr = nt_errstr(status);
168	if (NT_STATUS_EQUAL(status, NT_STATUS_NET_WRITE_FAULT)) {
169	errstr = dcerpc_errstr(join, join->p->last_fault_code);
170	}
171	printf("samr_Connect failed - %s\n", errstr);
172	return NULL;
173	}
174
175	printf("Opening domain %s\n", domain);
176
177	name.string = domain;
178	l.in.connect_handle = &handle;
179	l.in.domain_name = &name;
180	l.out.sid = &sid;
181
182	status = dcerpc_samr_LookupDomain(join->p, join, &l);
183	if (!NT_STATUS_IS_OK(status)) {
184	printf("LookupDomain failed - %s\n", nt_errstr(status));
185	goto failed;
186	}
187
188	talloc_steal(join, *l.out.sid);
189	join->dom_sid = *l.out.sid;
190	join->dom_netbios_name = talloc_strdup(join, domain);
191	if (!join->dom_netbios_name) goto failed;
192
193	o.in.connect_handle = &handle;
194	o.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
195	o.in.sid = *l.out.sid;
196	o.out.domain_handle = &domain_handle;
197
198	status = dcerpc_samr_OpenDomain(join->p, join, &o);
199	if (!NT_STATUS_IS_OK(status)) {
200	printf("OpenDomain failed - %s\n", nt_errstr(status));
201	goto failed;
202	}
203
204	printf("Creating account %s\n", username);
205
206	again:
207	name.string = username;
208	r.in.domain_handle = &domain_handle;
209	r.in.account_name = &name;
210	r.in.acct_flags = acct_type;
211	r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
212	r.out.user_handle = &join->user_handle;
213	r.out.access_granted = &access_granted;
214	r.out.rid = &rid;
215
216	status = dcerpc_samr_CreateUser2(join->p, join, &r);
217
218	if (NT_STATUS_EQUAL(status, NT_STATUS_USER_EXISTS)) {
219	status = DeleteUser_byname(join->p, join, &domain_handle, name.string);
220	if (NT_STATUS_IS_OK(status)) {
221	goto again;
222	}
223	}
224
225	if (!NT_STATUS_IS_OK(status)) {
226	printf("CreateUser2 failed - %s\n", nt_errstr(status));
227	goto failed;
228	}
229
230	join->user_sid = dom_sid_add_rid(join, join->dom_sid, rid);
231
232	pwp.in.user_handle = &join->user_handle;
233	pwp.out.info = &info;
234
235	status = dcerpc_samr_GetUserPwInfo(join->p, join, &pwp);
236	if (NT_STATUS_IS_OK(status)) {
237	policy_min_pw_len = pwp.out.info->min_password_length;
238	}
239
240	random_pw = generate_random_str(join, MAX(8, policy_min_pw_len));
241
242	printf("Setting account password '%s'\n", random_pw);
243
244	ZERO_STRUCT(u);
245	s.in.user_handle = &join->user_handle;
246	s.in.info = &u;
247	s.in.level = 24;
248
249	encode_pw_buffer(u.info24.password.data, random_pw, STR_UNICODE);
250	u.info24.password_expired = 0;
251
252	status = dcerpc_fetch_session_key(join->p, &session_key);
253	if (!NT_STATUS_IS_OK(status)) {
254	printf("SetUserInfo level %u - no session key - %s\n",
255	s.in.level, nt_errstr(status));
256	torture_leave_domain(torture, join);
257	goto failed;
258	}
259
260	arcfour_crypt_blob(u.info24.password.data, 516, &session_key);
261
262	status = dcerpc_samr_SetUserInfo(join->p, join, &s);
263	if (!NT_STATUS_IS_OK(status)) {
264	printf("SetUserInfo failed - %s\n", nt_errstr(status));
265	goto failed;
266	}
267
268	ZERO_STRUCT(u);
269	s.in.user_handle = &join->user_handle;
270	s.in.info = &u;
271	s.in.level = 21;
272
273	u.info21.acct_flags = acct_type \| ACB_PWNOEXP;
274	u.info21.fields_present = SAMR_FIELD_ACCT_FLAGS \| SAMR_FIELD_DESCRIPTION \| SAMR_FIELD_COMMENT \| SAMR_FIELD_FULL_NAME;
275
276	u.info21.comment.string = talloc_asprintf(join,
277	"Tortured by Samba4: %s",
278	timestring(join, time(NULL)));
279
280	u.info21.full_name.string = talloc_asprintf(join,
281	"Torture account for Samba4: %s",
282	timestring(join, time(NULL)));
283
284	u.info21.description.string = talloc_asprintf(join,
285	"Samba4 torture account created by host %s: %s",
286	lp_netbios_name(torture->lp_ctx),
287	timestring(join, time(NULL)));
288
289	printf("Resetting ACB flags, force pw change time\n");
290
291	status = dcerpc_samr_SetUserInfo(join->p, join, &s);
292	if (!NT_STATUS_IS_OK(status)) {
293	printf("SetUserInfo failed - %s\n", nt_errstr(status));
294	goto failed;
295	}
296
297	if (random_password) {
298	*random_password = random_pw;
299	}
300
301	return join;
302
303	failed:
304	torture_leave_domain(torture, join);
305	return NULL;
306	}
307
308
309	_PUBLIC_ struct test_join torture_join_domain(struct torture_context tctx,
310	const char *machine_name,
311	uint32_t acct_flags,
312	struct cli_credentials **machine_credentials)
313	{
314	NTSTATUS status;
315	struct libnet_context *libnet_ctx;
316	struct libnet_JoinDomain *libnet_r;
317	struct test_join *tj;
318	struct samr_SetUserInfo s;
319	union samr_UserInfo u;
320
321	tj = talloc(tctx, struct test_join);
322	if (!tj) return NULL;
323
324	libnet_r = talloc(tj, struct libnet_JoinDomain);
325	if (!libnet_r) {
326	talloc_free(tj);
327	return NULL;
328	}
329
330	libnet_ctx = libnet_context_init(tctx->ev, tctx->lp_ctx);
331	if (!libnet_ctx) {
332	talloc_free(tj);
333	return NULL;
334	}
335
336	tj->libnet_r = libnet_r;
337
338	libnet_ctx->cred = cmdline_credentials;
339	libnet_r->in.binding = torture_setting_string(tctx, "binding", NULL);
340	if (!libnet_r->in.binding) {
341	libnet_r->in.binding = talloc_asprintf(libnet_r, "ncacn_np:%s", torture_setting_string(tctx, "host", NULL));
342	}
343	libnet_r->in.level = LIBNET_JOINDOMAIN_SPECIFIED;
344	libnet_r->in.netbios_name = machine_name;
345	libnet_r->in.account_name = talloc_asprintf(libnet_r, "%s$", machine_name);
346	if (!libnet_r->in.account_name) {
347	talloc_free(tj);
348	return NULL;
349	}
350
351	libnet_r->in.acct_type = acct_flags;
352	libnet_r->in.recreate_account = true;
353
354	status = libnet_JoinDomain(libnet_ctx, libnet_r, libnet_r);
355	if (!NT_STATUS_IS_OK(status)) {
356	if (libnet_r->out.error_string) {
357	DEBUG(0, ("Domain join failed - %s\n", libnet_r->out.error_string));
358	} else {
359	DEBUG(0, ("Domain join failed - %s\n", nt_errstr(status)));
360	}
361	talloc_free(tj);
362	return NULL;
363	}
364	tj->p = libnet_r->out.samr_pipe;
365	tj->user_handle = *libnet_r->out.user_handle;
366	tj->dom_sid = libnet_r->out.domain_sid;
367	talloc_steal(tj, libnet_r->out.domain_sid);
368	tj->dom_netbios_name = libnet_r->out.domain_name;
369	talloc_steal(tj, libnet_r->out.domain_name);
370	tj->dom_dns_name = libnet_r->out.realm;
371	talloc_steal(tj, libnet_r->out.realm);
372	tj->user_guid = libnet_r->out.account_guid;
373	tj->netbios_name = talloc_strdup(tj, machine_name);
374	if (!tj->netbios_name) {
375	talloc_free(tj);
376	return NULL;
377	}
378
379	ZERO_STRUCT(u);
380	s.in.user_handle = &tj->user_handle;
381	s.in.info = &u;
382	s.in.level = 21;
383
384	u.info21.fields_present = SAMR_FIELD_DESCRIPTION \| SAMR_FIELD_COMMENT \| SAMR_FIELD_FULL_NAME;
385	u.info21.comment.string = talloc_asprintf(tj,
386	"Tortured by Samba4: %s",
387	timestring(tj, time(NULL)));
388	u.info21.full_name.string = talloc_asprintf(tj,
389	"Torture account for Samba4: %s",
390	timestring(tj, time(NULL)));
391
392	u.info21.description.string = talloc_asprintf(tj,
393	"Samba4 torture account created by host %s: %s",
394	lp_netbios_name(tctx->lp_ctx), timestring(tj, time(NULL)));
395
396	status = dcerpc_samr_SetUserInfo(tj->p, tj, &s);
397	if (!NT_STATUS_IS_OK(status)) {
398	printf("SetUserInfo (non-critical) failed - %s\n", nt_errstr(status));
399	}
400
401	*machine_credentials = cli_credentials_init(tj);
402	cli_credentials_set_conf(*machine_credentials, tctx->lp_ctx);
403	cli_credentials_set_workstation(*machine_credentials, machine_name, CRED_SPECIFIED);
404	cli_credentials_set_domain(*machine_credentials, libnet_r->out.domain_name, CRED_SPECIFIED);
405	if (libnet_r->out.realm) {
406	cli_credentials_set_realm(*machine_credentials, libnet_r->out.realm, CRED_SPECIFIED);
407	}
408	cli_credentials_set_username(*machine_credentials, libnet_r->in.account_name, CRED_SPECIFIED);
409	cli_credentials_set_password(*machine_credentials, libnet_r->out.join_password, CRED_SPECIFIED);
410	cli_credentials_set_kvno(*machine_credentials, libnet_r->out.kvno);
411	if (acct_flags & ACB_SVRTRUST) {
412	cli_credentials_set_secure_channel_type(*machine_credentials,
413	SEC_CHAN_BDC);
414	} else if (acct_flags & ACB_WSTRUST) {
415	cli_credentials_set_secure_channel_type(*machine_credentials,
416	SEC_CHAN_WKSTA);
417	} else {
418	DEBUG(0, ("Invalid account type specificed to torture_join_domain\n"));
419	talloc_free(*machine_credentials);
420	return NULL;
421	}
422
423	return tj;
424	}
425
426	struct dcerpc_pipe torture_join_samr_pipe(struct test_join join)
427	{
428	return join->p;
429	}
430
431	struct policy_handle torture_join_samr_user_policy(struct test_join join)
432	{
433	return &join->user_handle;
434	}
435
436	static NTSTATUS torture_leave_ads_domain(struct torture_context *torture,
437	TALLOC_CTX *mem_ctx,
438	struct libnet_JoinDomain *libnet_r)
439	{
440	int rtn;
441	TALLOC_CTX *tmp_ctx;
442
443	struct ldb_dn *server_dn;
444	struct ldb_context *ldb_ctx;
445
446	char *remote_ldb_url;
447
448	/* Check if we are a domain controller. If not, exit. */
449	if (!libnet_r->out.server_dn_str) {
450	return NT_STATUS_OK;
451	}
452
453	tmp_ctx = talloc_named(mem_ctx, 0, "torture_leave temporary context");
454	if (!tmp_ctx) {
455	libnet_r->out.error_string = NULL;
456	return NT_STATUS_NO_MEMORY;
457	}
458
459	ldb_ctx = ldb_init(tmp_ctx, torture->ev);
460	if (!ldb_ctx) {
461	libnet_r->out.error_string = NULL;
462	talloc_free(tmp_ctx);
463	return NT_STATUS_NO_MEMORY;
464	}
465
466	/* Remove CN=Servers,... entry from the AD. */
467	server_dn = ldb_dn_new(tmp_ctx, ldb_ctx, libnet_r->out.server_dn_str);
468	if (! ldb_dn_validate(server_dn)) {
469	libnet_r->out.error_string = NULL;
470	talloc_free(tmp_ctx);
471	return NT_STATUS_NO_MEMORY;
472	}
473
474	remote_ldb_url = talloc_asprintf(tmp_ctx, "ldap://%s", libnet_r->out.samr_binding->host);
475	if (!remote_ldb_url) {
476	libnet_r->out.error_string = NULL;
477	talloc_free(tmp_ctx);
478	return NT_STATUS_NO_MEMORY;
479	}
480
481	ldb_set_opaque(ldb_ctx, "credentials", cmdline_credentials);
482	ldb_set_opaque(ldb_ctx, "loadparm", cmdline_lp_ctx);
483
484	rtn = ldb_connect(ldb_ctx, remote_ldb_url, 0, NULL);
485	if (rtn != 0) {
486	libnet_r->out.error_string = NULL;
487	talloc_free(tmp_ctx);
488	return NT_STATUS_UNSUCCESSFUL;
489	}
490
491	rtn = ldb_delete(ldb_ctx, server_dn);
492	if (rtn != 0) {
493	libnet_r->out.error_string = NULL;
494	talloc_free(tmp_ctx);
495	return NT_STATUS_UNSUCCESSFUL;
496	}
497
498	DEBUG(0, ("%s removed successfully.\n", libnet_r->out.server_dn_str));
499
500	talloc_free(tmp_ctx);
501	return NT_STATUS_OK;
502	}
503
504	/*
505	leave the domain, deleting the machine acct
506	*/
507
508	_PUBLIC_ void torture_leave_domain(struct torture_context torture, struct test_join join)
509	{
510	struct samr_DeleteUser d;
511	NTSTATUS status;
512
513	if (!join) {
514	return;
515	}
516	d.in.user_handle = &join->user_handle;
517	d.out.user_handle = &join->user_handle;
518
519	/* Delete machine account */
520	status = dcerpc_samr_DeleteUser(join->p, join, &d);
521	if (!NT_STATUS_IS_OK(status)) {
522	printf("Delete of machine account %s failed\n",
523	join->netbios_name);
524	} else {
525	printf("Delete of machine account %s was successful.\n",
526	join->netbios_name);
527	}
528
529	if (join->libnet_r) {
530	status = torture_leave_ads_domain(torture, join, join->libnet_r);
531	}
532
533	talloc_free(join);
534	}
535
536	/*
537	return the dom sid for a test join
538	*/
539	_PUBLIC_ const struct dom_sid torture_join_sid(struct test_join join)
540	{
541	return join->dom_sid;
542	}
543
544	const struct dom_sid torture_join_user_sid(struct test_join join)
545	{
546	return join->user_sid;
547	}
548
549	const char torture_join_netbios_name(struct test_join join)
550	{
551	return join->netbios_name;
552	}
553
554	const struct GUID torture_join_user_guid(struct test_join join)
555	{
556	return &join->user_guid;
557	}
558
559	const char torture_join_dom_netbios_name(struct test_join join)
560	{
561	return join->dom_netbios_name;
562	}
563
564	const char torture_join_dom_dns_name(struct test_join join)
565	{
566	return join->dom_dns_name;
567	}
568
569	const char torture_join_server_dn_str(struct test_join join)
570	{
571	if (join->libnet_r) {
572	return join->libnet_r->out.server_dn_str;
573	}
574	return NULL;
575	}
576
577
578	#if 0 /* Left as the documentation of the join process, but see new implementation in libnet_become_dc.c */
579	struct test_join_ads_dc {
580	struct test_join *join;
581	};
582
583	struct test_join_ads_dc torture_join_domain_ads_dc(const char machine_name,
584	const char *domain,
585	struct cli_credentials **machine_credentials)
586	{
587	struct test_join_ads_dc *join;
588
589	join = talloc(NULL, struct test_join_ads_dc);
590	if (join == NULL) {
591	return NULL;
592	}
593
594	join->join = torture_join_domain(machine_name,
595	ACB_SVRTRUST,
596	machine_credentials);
597
598	if (!join->join) {
599	return NULL;
600	}
601
602	/* W2K: */
603	/* W2K: modify userAccountControl from 4096 to 532480 */
604
605	/* W2K: modify RDN to OU=Domain Controllers and skip the $ from server name */
606
607	/* ask objectVersion of Schema Partition */
608
609	/* ask rIDManagerReferenz of the Domain Partition */
610
611	/* ask fsMORoleOwner of the RID-Manager$ object
612	* returns CN=NTDS Settings,CN=<DC>,CN=Servers,CN=Default-First-Site-Name, ...
613	*/
614
615	/* ask for dnsHostName of CN=<DC>,CN=Servers,CN=Default-First-Site-Name, ... */
616
617	/* ask for objectGUID of CN=NTDS Settings,CN=<DC>,CN=Servers,CN=Default-First-Site-Name, ... */
618
619	/* ask for * of CN=Default-First-Site-Name, ... */
620
621	/* search (&(\|(objectClass=user)(objectClass=computer))(sAMAccountName=<machine_name>$)) in Domain Partition
622	* attributes : distinguishedName, userAccountControl
623	*/
624
625	/* ask * for CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name,...
626	* should fail with noSuchObject
627	*/
628
629	/* add CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name,...
630	*
631	* objectClass = server
632	* systemFlags = 50000000
633	* serverReferenz = CN=<machine_name>,OU=Domain Controllers,...
634	*/
635
636	/* ask for * of CN=NTDS Settings,CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name, ...
637	* should fail with noSuchObject
638	*/
639
640	/* search for (ncname=<domain_nc>) in CN=Partitions,CN=Configuration,...
641	* attributes: ncName, dnsRoot
642	*/
643
644	/* modify add CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name,...
645	* serverReferenz = CN=<machine_name>,OU=Domain Controllers,...
646	* should fail with attributeOrValueExists
647	*/
648
649	/* modify replace CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name,...
650	* serverReferenz = CN=<machine_name>,OU=Domain Controllers,...
651	*/
652
653	/* DsAddEntry to create the CN=NTDS Settings,CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name, ...
654	*
655	*/
656
657	/* replicate CN=Schema,CN=Configuration,...
658	* using DRSUAPI_DS_BIND_GUID_W2K ("6abec3d1-3054-41c8-a362-5a0c5b7d5d71")
659	*
660	*/
661
662	/* replicate CN=Configuration,...
663	* using DRSUAPI_DS_BIND_GUID_W2K ("6abec3d1-3054-41c8-a362-5a0c5b7d5d71")
664	*
665	*/
666
667	/* replicate Domain Partition
668	* using DRSUAPI_DS_BIND_GUID_W2K ("6abec3d1-3054-41c8-a362-5a0c5b7d5d71")
669	*
670	*/
671
672	/* call DsReplicaUpdateRefs() for all partitions like this:
673	* req1: struct drsuapi_DsReplicaUpdateRefsRequest1
674	* naming_context : *
675	* naming_context: struct drsuapi_DsReplicaObjectIdentifier
676	* __ndr_size : 0x000000ae (174)
677	* __ndr_size_sid : 0x00000000 (0)
678	* guid : 00000000-0000-0000-0000-000000000000
679	* sid : S-0-0
680	* dn : 'CN=Schema,CN=Configuration,DC=w2k3,DC=vmnet1,DC=vm,DC=base'
681	* dest_dsa_dns_name : *
682	* dest_dsa_dns_name : '4a0df188-a0b8-47ea-bbe5-e614723f16dd._msdcs.w2k3.vmnet1.vm.base'
683	* dest_dsa_guid : 4a0df188-a0b8-47ea-bbe5-e614723f16dd
684	* options : 0x0000001c (28)
685	* 0: DRSUAPI_DS_REPLICA_UPDATE_ASYNCHRONOUS_OPERATION
686	* 0: DRSUAPI_DS_REPLICA_UPDATE_WRITEABLE
687	* 1: DRSUAPI_DS_REPLICA_UPDATE_ADD_REFERENCE
688	* 1: DRSUAPI_DS_REPLICA_UPDATE_DELETE_REFERENCE
689	* 1: DRSUAPI_DS_REPLICA_UPDATE_0x00000010
690	*
691	* 4a0df188-a0b8-47ea-bbe5-e614723f16dd is the objectGUID the DsAddEntry() returned for the
692	* CN=NTDS Settings,CN=<machine_name>,CN=Servers,CN=Default-First-Site-Name, ...
693	*/
694
695	/* W2K3: see libnet/libnet_become_dc.c */
696	return join;
697	}
698
699	#endif

Note: See TracBrowser for help on using the repository browser.

Download in other formats: