root/source3/smbd/change_trust_pw.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. change_trust_account_password

   1 /* 
   2  *  Unix SMB/CIFS implementation.
   3  *  Periodic Trust account password changing.
   4  *  Copyright (C) Andrew Tridgell              1992-1997,
   5  *  Copyright (C) Luke Kenneth Casson Leighton 1996-1997,
   6  *  Copyright (C) Paul Ashton                       1997.
   7  *  Copyright (C) Jeremy Allison                    1998.
   8  *  Copyright (C) Andrew Bartlett                   2001.
   9  *
  10  *  This program is free software; you can redistribute it and/or modify
  11  *  it under the terms of the GNU General Public License as published by
  12  *  the Free Software Foundation; either version 3 of the License, or
  13  *  (at your option) any later version.
  14  *  
  15  *  This program is distributed in the hope that it will be useful,
  16  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  *  GNU General Public License for more details.
  19  *  
  20  *  You should have received a copy of the GNU General Public License
  21  *  along with this program; if not, see <http://www.gnu.org/licenses/>.
  22  */
  23 
  24 #include "includes.h"
  25 
  26 /************************************************************************
  27  Change the trust account password for a domain.
  28 ************************************************************************/
  29 
  30 NTSTATUS change_trust_account_password( const char *domain, const char *remote_machine)
     /* [<][>][^][v][top][bottom][index][help] */
  31 {
  32         NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
  33         struct sockaddr_storage pdc_ss;
  34         fstring dc_name;
  35         struct cli_state *cli = NULL;
  36         struct rpc_pipe_client *netlogon_pipe = NULL;
  37 
  38         DEBUG(5,("change_trust_account_password: Attempting to change trust account password in domain %s....\n",
  39                 domain));
  40 
  41         if (remote_machine == NULL || !strcmp(remote_machine, "*")) {
  42                 /* Use the PDC *only* for this */
  43         
  44                 if ( !get_pdc_ip(domain, &pdc_ss) ) {
  45                         DEBUG(0,("Can't get IP for PDC for domain %s\n", domain));
  46                         goto failed;
  47                 }
  48 
  49                 if ( !name_status_find( domain, 0x1b, 0x20, &pdc_ss, dc_name) )
  50                         goto failed;
  51         } else {
  52                 /* supoport old deprecated "smbpasswd -j DOMAIN -r MACHINE" behavior */
  53                 fstrcpy( dc_name, remote_machine );
  54         }
  55         
  56         /* if this next call fails, then give up.  We can't do
  57            password changes on BDC's  --jerry */
  58            
  59         if (!NT_STATUS_IS_OK(cli_full_connection(&cli, global_myname(), dc_name, 
  60                                            NULL, 0,
  61                                            "IPC$", "IPC",  
  62                                            "", "",
  63                                            "", 0, Undefined, NULL))) {
  64                 DEBUG(0,("modify_trust_password: Connection to %s failed!\n", dc_name));
  65                 nt_status = NT_STATUS_UNSUCCESSFUL;
  66                 goto failed;
  67         }
  68       
  69         /*
  70          * Ok - we have an anonymous connection to the IPC$ share.
  71          * Now start the NT Domain stuff :-).
  72          */
  73 
  74         /* Shouldn't we open this with schannel ? JRA. */
  75 
  76         nt_status = cli_rpc_pipe_open_noauth(
  77                 cli, &ndr_table_netlogon.syntax_id, &netlogon_pipe);
  78         if (!NT_STATUS_IS_OK(nt_status)) {
  79                 DEBUG(0,("modify_trust_password: unable to open the domain client session to machine %s. Error was : %s.\n", 
  80                         dc_name, nt_errstr(nt_status)));
  81                 cli_shutdown(cli);
  82                 cli = NULL;
  83                 goto failed;
  84         }
  85 
  86         nt_status = trust_pw_find_change_and_store_it(
  87                 netlogon_pipe, netlogon_pipe, domain);
  88   
  89         cli_shutdown(cli);
  90         cli = NULL;
  91         
  92 failed:
  93         if (!NT_STATUS_IS_OK(nt_status)) {
  94                 DEBUG(0,("%s : change_trust_account_password: Failed to change password for domain %s.\n", 
  95                         current_timestring(debug_ctx(), False), domain));
  96         }
  97         else
  98                 DEBUG(5,("change_trust_account_password: sucess!\n"));
  99   
 100         return nt_status;
 101 }

/* [<][>][^][v][top][bottom][index][help] */