[SCM] Samba Shared Repository - branch v4-18-test updated

Jule Anger janger at samba.org
Wed Nov 29 15:56:01 UTC 2023


The branch, v4-18-test has been updated
       via  0a8cf4f1c06 testprogs: Add net offlinejoin composeodj tests
       via  ce29bbfb7db testprogs: Cleanup machine account in net offlinejoin tests
       via  69475590970 s3:net: Allow to load ODJ blob from stdin
       via  1f066b595f9 s3:net: Load ODJ blob from file only if "loadfile" parameter is present
       via  ca6ba984095 s3:net: Add "net offlinejoin composeodj" command
       via  4e43af11c3a s3:libnetapi: Implement NetComposeOfflineDomainJoin_l()
       via  ad2196fd792 s3:libnetapi: Add NetComposeOfflineDomainJoin() to API.
       via  fddbff3d44a s3:libnetapi: Add NetComposeOfflineDomainJoin() boilerplate
       via  a85441249de s3:libnetapi: Add NetComposeOfflineDomainJoin() to IDL
       via  f8021a241e5 s3:libnetapi: Add some comments to document ODJ blob charset conversions
       via  f731d75081f s3:libnetapi: Return error from RequestOfflineJoin
      from  6c06c9ed427 VERSION: Bump version up to Samba 4.18.10...

https://git.samba.org/?p=samba.git;a=shortlog;h=v4-18-test


- Log -----------------------------------------------------------------
commit 0a8cf4f1c067754e3f9805f1365d43b8acdeb322
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Mon Sep 4 16:49:52 2023 +0200

    testprogs: Add net offlinejoin composeodj tests
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    
    Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
    Autobuild-Date(master): Tue Sep  5 22:11:46 UTC 2023 on atb-devel-224
    
    (cherry picked from commit f3c632e74ba100b455eeac66e8914b11d1d9b0a0)
    
    Autobuild-User(v4-18-test): Jule Anger <janger at samba.org>
    Autobuild-Date(v4-18-test): Wed Nov 29 15:55:45 UTC 2023 on atb-devel-224

commit ce29bbfb7db31c69d5d73bb0ca89e6754ffe7e6d
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Mon Sep 4 16:18:35 2023 +0200

    testprogs: Cleanup machine account in net offlinejoin tests
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit e92e4b9544231c15eaf0bdbba4505345cd0f6ab5)

commit 69475590970e2bfc7ee78f6b8c1edfbbe3060276
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Wed Aug 30 20:53:18 2023 +0200

    s3:net: Allow to load ODJ blob from stdin
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit c14a4f51443f67bc46a670a342eed8cb9e81f37d)

commit 1f066b595f968a59bdff52b5a54dffa555f832d6
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Wed Aug 30 20:25:17 2023 +0200

    s3:net: Load ODJ blob from file only if "loadfile" parameter is present
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit b2399b6994c89404f245e1a97ba1c1cf13d7fc86)

commit ca6ba984095512e187528024eee18e3fd9cd9a8c
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Thu Aug 31 12:46:52 2023 +0200

    s3:net: Add "net offlinejoin composeodj" command
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit 4a1f2071a6028a761bbe7efee20e9654851b51f0)

commit 4e43af11c3aa7331789b64e5e7a32287dc67ce0a
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Thu Aug 31 12:45:42 2023 +0200

    s3:libnetapi: Implement NetComposeOfflineDomainJoin_l()
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit a8bd8f22aac2c223e85e318dba7af8b64052b053)

commit ad2196fd79247dd133cbba3a5bf39721e741699e
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Thu Aug 31 12:44:26 2023 +0200

    s3:libnetapi: Add NetComposeOfflineDomainJoin() to API.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit 7cabbec2eaf5aefd3751c635c12556eca590f506)

commit fddbff3d44adcfa6715afe0a62d0fd49ed890e7b
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Thu Aug 31 12:43:22 2023 +0200

    s3:libnetapi: Add NetComposeOfflineDomainJoin() boilerplate
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit 532701e3cce9d15e95166ee7c24cd1e4af51fcc4)

commit a85441249de22d2b707bf9a6877720da78f31ea6
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Thu Aug 31 12:39:04 2023 +0200

    s3:libnetapi: Add NetComposeOfflineDomainJoin() to IDL
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit 740e704bd68a6b618b62336ba1583c0edeb82d6f)

commit f8021a241e50a20cd009fe2ad58e01133360e4e9
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Mon Sep 4 10:47:06 2023 +0200

    s3:libnetapi: Add some comments to document ODJ blob charset conversions
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit bdab834dfad55776155915f7ec410b5a192406fa)

commit f731d75081fe3fa2330dee26e931b260669d3f27
Author: Samuel Cabrero <scabrero at samba.org>
Date:   Wed Aug 30 19:59:04 2023 +0200

    s3:libnetapi: Return error from RequestOfflineJoin
    
    The error code must be returned to caller even if the error string is not set.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13577
    
    Signed-off-by: Samuel Cabrero <scabrero at samba.org>
    Reviewed-by: Andrew Bartlett <abartlet at samba.org>
    (cherry picked from commit e4afb211fe32f2aa92cc903df948874046f60305)

-----------------------------------------------------------------------

Summary of changes:
 source3/lib/netapi/joindomain.c        | 206 +++++++++++++++++++++-
 source3/lib/netapi/libnetapi.c         |  67 +++++++
 source3/lib/netapi/libnetapi.h         |  17 ++
 source3/lib/netapi/netapi.h            |  43 +++++
 source3/librpc/idl/libnetapi.idl       |  20 +++
 source3/utils/net_offlinejoin.c        | 312 ++++++++++++++++++++++++++++++++-
 source3/utils/net_proto.h              |   2 +
 testprogs/blackbox/test_net_offline.sh |  94 ++++++++++
 8 files changed, 753 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/netapi/joindomain.c b/source3/lib/netapi/joindomain.c
index a2c66877b0c..04fc423b41f 100644
--- a/source3/lib/netapi/joindomain.c
+++ b/source3/lib/netapi/joindomain.c
@@ -33,6 +33,7 @@
 #include "../librpc/gen_ndr/ndr_ODJ.h"
 #include "lib/util/base64.h"
 #include "libnet/libnet_join_offline.h"
+#include "libcli/security/dom_sid.h"
 
 /****************************************************************
 ****************************************************************/
@@ -862,8 +863,10 @@ static WERROR NetRequestOfflineDomainJoin_backend(struct libnetapi_ctx *ctx,
 				  WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED;
 
 	werr = libnet_Join(j, j);
-	if (!W_ERROR_IS_OK(werr) && j->out.error_string) {
-		libnetapi_set_error_string(ctx, "%s", j->out.error_string);
+	if (!W_ERROR_IS_OK(werr)) {
+		if (j->out.error_string != NULL) {
+			libnetapi_set_error_string(ctx, "%s", j->out.error_string);
+		}
 		talloc_free(j);
 		return werr;
 	}
@@ -892,6 +895,10 @@ WERROR NetRequestOfflineDomainJoin_l(struct libnetapi_ctx *ctx,
 		return W_ERROR(NERR_BadOfflineJoinInfo);
 	}
 
+	/*
+	 * Windows produces and consumes UTF16/UCS2 encoded blobs. Check for the
+	 * unicode BOM mark and convert back to UNIX charset if necessary.
+	 */
 	if (r->in.provision_bin_data[0] == 0xff &&
 	    r->in.provision_bin_data[1] == 0xfe) {
 		ok = convert_string_talloc(ctx, CH_UTF16LE, CH_UNIX,
@@ -941,3 +948,198 @@ WERROR NetRequestOfflineDomainJoin_l(struct libnetapi_ctx *ctx,
 
 	return W_ERROR(NERR_JoinPerformedMustRestart);
 }
+
+/****************************************************************
+****************************************************************/
+
+WERROR NetComposeOfflineDomainJoin_r(struct libnetapi_ctx *ctx,
+				     struct NetComposeOfflineDomainJoin *r)
+{
+	return WERR_NOT_SUPPORTED;
+}
+
+/****************************************************************
+****************************************************************/
+
+static WERROR NetComposeOfflineDomainJoin_backend(struct libnetapi_ctx *ctx,
+						  struct NetComposeOfflineDomainJoin *r,
+						  TALLOC_CTX *mem_ctx,
+						  struct ODJ_PROVISION_DATA **p)
+{
+	struct libnet_JoinCtx *j = NULL;
+	WERROR werr;
+
+	werr = libnet_init_JoinCtx(ctx, &j);
+	if (!W_ERROR_IS_OK(werr)) {
+		return werr;
+	}
+
+	j->in.domain_name = talloc_strdup(j, r->in.dns_domain_name);
+	if (j->in.domain_name == NULL) {
+		return WERR_NOT_ENOUGH_MEMORY;
+	}
+
+	j->in.dc_name = talloc_strdup(j, r->in.dc_name);
+	W_ERROR_HAVE_NO_MEMORY(j->in.dc_name);
+
+	j->in.machine_password = talloc_strdup(j, r->in.machine_account_password);
+	W_ERROR_HAVE_NO_MEMORY(j->in.machine_password);
+
+	j->out.account_name = talloc_strdup(j, r->in.machine_account_name);
+	W_ERROR_HAVE_NO_MEMORY(j->out.account_name);
+
+	j->out.dns_domain_name = talloc_strdup(j, r->in.dns_domain_name);
+	W_ERROR_HAVE_NO_MEMORY(j->out.dns_domain_name);
+
+	j->out.netbios_domain_name = talloc_strdup(j, r->in.netbios_domain_name);
+	W_ERROR_HAVE_NO_MEMORY(j->out.netbios_domain_name);
+
+	j->out.domain_sid = dom_sid_dup(j, (struct dom_sid *)r->in.domain_sid);
+	W_ERROR_HAVE_NO_MEMORY(j->out.domain_sid);
+
+	j->out.domain_guid = *r->in.domain_guid;
+
+	j->out.forest_name = talloc_strdup(j, r->in.forest_name);
+	W_ERROR_HAVE_NO_MEMORY(j->out.forest_name);
+
+	j->out.domain_is_ad = r->in.domain_is_ad;
+
+	j->out.dcinfo = talloc_zero(j, struct netr_DsRGetDCNameInfo);
+	W_ERROR_HAVE_NO_MEMORY(j->out.dcinfo);
+
+	j->out.dcinfo->dc_unc = talloc_asprintf(j->out.dcinfo, "\\\\%s", r->in.dc_name);
+	W_ERROR_HAVE_NO_MEMORY(j->out.dcinfo->dc_unc);
+
+	j->out.dcinfo->dc_address = talloc_asprintf(j->out.dcinfo, "\\\\%s", r->in.dc_address);
+	W_ERROR_HAVE_NO_MEMORY(j->out.dcinfo->dc_address);
+
+	j->out.dcinfo->dc_address_type = DS_ADDRESS_TYPE_INET;
+
+	j->out.dcinfo->domain_guid = *r->in.domain_guid;
+
+	j->out.dcinfo->domain_name = talloc_strdup(j->out.dcinfo, r->in.dns_domain_name);
+	W_ERROR_HAVE_NO_MEMORY(j->out.dcinfo->domain_name);
+
+	j->out.dcinfo->forest_name = talloc_strdup(j->out.dcinfo, r->in.forest_name);
+	W_ERROR_HAVE_NO_MEMORY(j->out.dcinfo->forest_name);
+
+	werr = libnet_odj_compose_ODJ_PROVISION_DATA(mem_ctx, j, p);
+	if (!W_ERROR_IS_OK(werr)) {
+		return werr;
+	}
+
+	return WERR_OK;
+}
+
+WERROR NetComposeOfflineDomainJoin_l(struct libnetapi_ctx *ctx,
+				     struct NetComposeOfflineDomainJoin *r)
+{
+	WERROR werr;
+	enum ndr_err_code ndr_err;
+	const char *b64_bin_data_str;
+	DATA_BLOB blob;
+	struct ODJ_PROVISION_DATA_serialized_ptr odj_compose_data;
+	struct ODJ_PROVISION_DATA *p;
+	TALLOC_CTX *tmp_ctx = talloc_stackframe();
+
+	if (r->in.compose_bin_data == NULL &&
+	    r->in.compose_text_data == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+	if (r->in.compose_bin_data != NULL &&
+	    r->in.compose_text_data != NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+	if (r->in.compose_bin_data == NULL &&
+	    r->in.compose_bin_data_size != NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+	if (r->in.compose_bin_data != NULL &&
+	    r->in.compose_bin_data_size == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.dns_domain_name == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.netbios_domain_name == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.domain_sid == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.domain_guid == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.forest_name == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.machine_account_name == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.machine_account_password == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.dc_name == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	if (r->in.dc_address == NULL) {
+		werr = WERR_INVALID_PARAMETER;
+		goto out;
+	}
+
+	werr = NetComposeOfflineDomainJoin_backend(ctx, r, tmp_ctx, &p);
+	if (!W_ERROR_IS_OK(werr)) {
+		goto out;
+	}
+
+	ZERO_STRUCT(odj_compose_data);
+
+	odj_compose_data.s.p = p;
+
+	ndr_err = ndr_push_struct_blob(&blob, ctx, &odj_compose_data,
+		(ndr_push_flags_fn_t)ndr_push_ODJ_PROVISION_DATA_serialized_ptr);
+	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+		werr = W_ERROR(NERR_BadOfflineJoinInfo);
+		goto out;
+	}
+
+	if (r->out.compose_text_data != NULL) {
+		b64_bin_data_str = base64_encode_data_blob(ctx, blob);
+		if (b64_bin_data_str == NULL) {
+			werr = WERR_NOT_ENOUGH_MEMORY;
+		}
+		*r->out.compose_text_data = b64_bin_data_str;
+	}
+
+	if (r->out.compose_bin_data != NULL &&
+	    r->out.compose_bin_data_size != NULL) {
+		*r->out.compose_bin_data = blob.data;
+		*r->out.compose_bin_data_size = blob.length;
+	}
+
+	werr = WERR_OK;
+out:
+	talloc_free(tmp_ctx);
+	return werr;
+}
diff --git a/source3/lib/netapi/libnetapi.c b/source3/lib/netapi/libnetapi.c
index 2fd97bba75b..29073168ef8 100644
--- a/source3/lib/netapi/libnetapi.c
+++ b/source3/lib/netapi/libnetapi.c
@@ -392,6 +392,73 @@ NET_API_STATUS NetRequestOfflineDomainJoin(uint8_t *provision_bin_data /* [in] [
 	return (NET_API_STATUS)r.out.result;
 }
 
+/****************************************************************
+ NetComposeOfflineDomainJoin
+****************************************************************/
+NET_API_STATUS NetComposeOfflineDomainJoin(const char *dns_domain_name /* [in] [ref] */,
+					   const char *netbios_domain_name /* [in] [ref] */,
+					   struct domsid *domain_sid /* [in] [ref] */,
+					   struct GUID *domain_guid /* [in] [ref] */,
+					   const char *forest_name /* [in] [ref] */,
+					   const char *machine_account_name /* [in] [ref] */,
+					   const char *machine_account_password /* [in] [ref] */,
+					   const char *dc_name /* [in] [unique] */,
+					   const char *dc_address /* [in] [unique] */,
+					   int domain_is_ad /* [in] */,
+					   uint8_t **compose_bin_data /* [in,out] [unique] */,
+					   uint32_t *compose_bin_data_size /* [in,out] [unique] */,
+					   const char * *compose_text_data /* [in,out] [unique] */)
+{
+	struct NetComposeOfflineDomainJoin r;
+	struct libnetapi_ctx *ctx = NULL;
+	NET_API_STATUS status;
+	WERROR werr;
+	TALLOC_CTX *frame = talloc_stackframe();
+
+	ZERO_STRUCT(r);
+
+	status = libnetapi_getctx(&ctx);
+	if (status != 0) {
+		TALLOC_FREE(frame);
+		return status;
+	}
+
+	/* In parameters */
+	r.in.dns_domain_name = dns_domain_name;
+	r.in.netbios_domain_name = netbios_domain_name;
+	r.in.domain_sid = domain_sid;
+	r.in.domain_guid = domain_guid;
+	r.in.forest_name = forest_name;
+	r.in.machine_account_name = machine_account_name;
+	r.in.machine_account_password = machine_account_password;
+	r.in.dc_name = dc_name;
+	r.in.dc_address = dc_address;
+	r.in.domain_is_ad = domain_is_ad;
+	r.in.compose_bin_data = compose_bin_data;
+	r.in.compose_bin_data_size = compose_bin_data_size;
+	r.in.compose_text_data = compose_text_data;
+
+	/* Out parameters */
+	r.out.compose_bin_data = compose_bin_data;
+	r.out.compose_bin_data_size = compose_bin_data_size;
+	r.out.compose_text_data = compose_text_data;
+
+	if (DEBUGLEVEL >= 10) {
+		NDR_PRINT_IN_DEBUG(NetComposeOfflineDomainJoin, &r);
+	}
+
+	werr = NetComposeOfflineDomainJoin_l(ctx, &r);
+
+	r.out.result = W_ERROR_V(werr);
+
+	if (DEBUGLEVEL >= 10) {
+		NDR_PRINT_OUT_DEBUG(NetComposeOfflineDomainJoin, &r);
+	}
+
+	TALLOC_FREE(frame);
+	return (NET_API_STATUS)r.out.result;
+}
+
 /****************************************************************
  NetServerGetInfo
 ****************************************************************/
diff --git a/source3/lib/netapi/libnetapi.h b/source3/lib/netapi/libnetapi.h
index d217656845d..784d467ff55 100644
--- a/source3/lib/netapi/libnetapi.h
+++ b/source3/lib/netapi/libnetapi.h
@@ -83,6 +83,23 @@ WERROR NetRequestOfflineDomainJoin_r(struct libnetapi_ctx *ctx,
 				     struct NetRequestOfflineDomainJoin *r);
 WERROR NetRequestOfflineDomainJoin_l(struct libnetapi_ctx *ctx,
 				     struct NetRequestOfflineDomainJoin *r);
+NET_API_STATUS NetComposeOfflineDomainJoin(const char *dns_domain_name /* [in] [ref] */,
+					   const char *netbios_domain_name /* [in] [ref] */,
+					   struct domsid *domain_sid /* [in] [ref] */,
+					   struct GUID *domain_guid /* [in] [ref] */,
+					   const char *forest_name /* [in] [ref] */,
+					   const char *machine_account_name /* [in] [ref] */,
+					   const char *machine_account_password /* [in] [ref] */,
+					   const char *dc_name /* [in] [unique] */,
+					   const char *dc_address /* [in] [unique] */,
+					   int domain_is_ad /* [in] */,
+					   uint8_t **provision_bin_data /* [in,out] [unique] */,
+					   uint32_t *provision_bin_data_size /* [in,out] [unique] */,
+					   const char * *provision_text_data /* [in,out] [unique] */);
+WERROR NetComposeOfflineDomainJoin_r(struct libnetapi_ctx *ctx,
+				     struct NetComposeOfflineDomainJoin *r);
+WERROR NetComposeOfflineDomainJoin_l(struct libnetapi_ctx *ctx,
+				     struct NetComposeOfflineDomainJoin *r);
 NET_API_STATUS NetServerGetInfo(const char * server_name /* [in] [unique] */,
 				uint32_t level /* [in] */,
 				uint8_t **buffer /* [out] [ref] */);
diff --git a/source3/lib/netapi/netapi.h b/source3/lib/netapi/netapi.h
index df465aef51b..660a7766bd6 100644
--- a/source3/lib/netapi/netapi.h
+++ b/source3/lib/netapi/netapi.h
@@ -1673,6 +1673,49 @@ NET_API_STATUS NetRequestOfflineDomainJoin(uint8_t *provision_bin_data /* [in] [
 					   uint32_t options /* [in] */,
 					   const char * windows_path /* [in] [unique] */);
 
+/************************************************************//**
+ *
+ * NetComposeOfflineDomainJoin
+ *
+ * @brief Compose an offline domain join blob
+ *
+ * Intended to be used by external applications who provision the computer
+ * acconut on their own.
+ *
+ *
+ * @param[in] dns_domain_name The domain DNS name
+ * @param[in] netbios_domain_name The domain NETBIOS name
+ * @param[in] domain_sid The domain SID
+ * @param[in] domain_guid The domain GUID
+ * @param[in] forest_name The forest name
+ * @param[in] machine_account_name The machine account name
+ * @param[in] machine_account_password The machine account password
+ * @param[in] dc_name The domain controller name used to provision the account
+ * @param[in] dc_address The domain controller address used to provision the account
+ * @param[in] domain_is_ad True if the domain is AD
+ * @param[in,out] compose_bin_data The generated binary buffer
+ * @param[in,out] compose_bin_data_size The generated binary buffer size
+ * @param[in,out] compose_text_data The generated text data blob
+ * @return NET_API_STATUS
+ *
+ * example join/compose_offline_domain_join.c
+ *
+ ***************************************************************/
+
+NET_API_STATUS NetComposeOfflineDomainJoin(const char *dns_domain_name /* [in] [ref] */,
+					   const char *netbios_domain_name /* [in] [ref] */,
+					   struct domsid *domain_sid /* [in] [ref] */,
+					   struct GUID *domain_guid /* [in] [ref] */,
+					   const char *forest_name /* [in] [ref] */,
+					   const char *machine_account_name /* [in] [ref] */,
+					   const char *machine_account_password /* [in] [ref] */,
+					   const char *dc_name /* [in] [unique] */,
+					   const char *dc_address /* [in] [unique] */,
+					   int domain_is_ad /* [in] */,
+					   uint8_t **provision_bin_data /* [in,out] [unique] */,
+					   uint32_t *provision_bin_data_size /* [in,out] [unique] */,
+					   const char * *provision_text_data /* [in,out] [unique] */);
+
 /************************************************************//**
  *
  * NetServerGetInfo
diff --git a/source3/librpc/idl/libnetapi.idl b/source3/librpc/idl/libnetapi.idl
index 15cac524607..4675af6c6fa 100644
--- a/source3/librpc/idl/libnetapi.idl
+++ b/source3/librpc/idl/libnetapi.idl
@@ -164,6 +164,26 @@ interface libnetapi
 		[in,unique] string *windows_path
 	);
 
+	/*******************************************/
+	/* NetComposeOfflineDomainJoin             */
+	/*******************************************/
+
+	[nopush,nopull] NET_API_STATUS NetComposeOfflineDomainJoin(
+		[in,ref] string *dns_domain_name,
+		[in,ref] string *netbios_domain_name,
+		[in,ref] domsid *domain_sid,
+		[in,ref] GUID *domain_guid,
+		[in,ref] string *forest_name,
+		[in,ref] string *machine_account_name,
+		[in,ref] string *machine_account_password,
+		[in,unique] string *dc_name,
+		[in,unique] string *dc_address,
+		[in] boolean8 domain_is_ad,
+		[in,out,unique] uint8 **compose_bin_data,
+		[in,out,unique] uint32 *compose_bin_data_size,
+		[in,out,unique] string **compose_text_data
+		);
+
 	/*******************************************/
 	/* NetServerGetInfo                        */
 	/*******************************************/
diff --git a/source3/utils/net_offlinejoin.c b/source3/utils/net_offlinejoin.c
index 0cfd5fdfe23..35de74e2df9 100644
--- a/source3/utils/net_offlinejoin.c
+++ b/source3/utils/net_offlinejoin.c
@@ -22,6 +22,8 @@
 #include <netapi.h>
 #include "netapi/netapi_net.h"
 #include "libcli/registry/util_reg.h"
+#include "libcli/security/dom_sid.h"
+#include "lib/cmdline/cmdline.h"
 
 int net_offlinejoin_usage(struct net_context *c, int argc, const char **argv)
 {
@@ -30,6 +32,7 @@ int net_offlinejoin_usage(struct net_context *c, int argc, const char **argv)
 	d_printf(_("Valid commands:\n"));
 	d_printf(_("\tprovision\t\t\tProvision machine account in AD\n"));
 	d_printf(_("\trequestodj\t\t\tRequest offline domain join\n"));
+	d_printf(_("\tcomposeodj\t\t\tCompose offline domain join blob\n"));
 	net_common_flags_usage(c, argc, argv);
 	return -1;
 }
@@ -79,6 +82,13 @@ int net_offlinejoin(struct net_context *c, int argc, const char **argv)
 		}
 	}
 
+	if (strcasecmp_m(argv[0], "composeodj") == 0) {
+		ret = net_offlinejoin_composeodj(c, argc, argv);
+		if (ret != 0) {
+			return ret;
+		}
+	}
+
 	return 0;
 }
 
@@ -193,11 +203,17 @@ int net_offlinejoin_provision(struct net_context *c,
 		DATA_BLOB ucs2_blob, blob;
 		bool ok;
 
+		/*
+		 * Windows produces and consumes UTF16/UCS2 encoded blobs
+		 * so we also do it for compatibility. Someone may provision an
+		 * account for a Windows machine with samba.
+		 */
 		ok = push_reg_sz(c, &ucs2_blob, provision_text_data);
 		if (!ok) {
 			return -1;
 		}
 
+		/* Add the unicode BOM mark */
 		blob = data_blob_talloc(c, NULL, ucs2_blob.length + 2);
 
 		blob.data[0] = 0xff;
@@ -228,6 +244,7 @@ static int net_offlinejoin_requestodj_usage(struct net_context *c, int argc, con
 	d_printf(_("\nnet offlinejoin requestodj [misc. options]\n"
 		   "\tRequests offline domain join\n"));
 	d_printf(_("Valid options:\n"));
+	d_printf(_("\t-i\t\t\t\t\tRead ODJ data from STDIN\n"));
 	d_printf(_("\tloadfile=<FILENAME>\t\t\tFile that provides the ODJ data\n"));
 	/*d_printf(_("\tlocalos\t\t\t\t\tModify the local machine\n"));*/
 	net_common_flags_usage(c, argc, argv);
@@ -241,11 +258,10 @@ int net_offlinejoin_requestodj(struct net_context *c,
 	uint8_t *provision_bin_data = NULL;
 	size_t provision_bin_data_size = 0;
 	uint32_t options = NETSETUP_PROVISION_ONLINE_CALLER;
-	const char *loadfile = NULL;
 	const char *windows_path = NULL;
 	int i;
 
-	if (c->display_usage || argc == 1) {
+	if (c->display_usage) {
 		return net_offlinejoin_requestodj_usage(c, argc, argv);
 	}
 


-- 
Samba Shared Repository



More information about the samba-cvs mailing list