The branch, v3-5-test has been updated via ec646e5... s3-winbindd: add wbint_ChangeMachineAccount implementation. via e3fa32a... docs: document wbinfo -c. via e816b11... nsswitch: add wbinfo -c (change trust account passwords). via 507de11... libwbclient: add wbcChangeTrustCredentials. via 6a7320d... docs: document wbinfo -t --domain DOMAIN behavior. via b5ab612... netlogon: add NL_PASSWORD_VERSION to IDL. via bf82532... s3: use enum netr_SchannelType all over the place. via d1dffa6... s3-netlogon: allow to change any type of trust account password in trust_pw_find_change_and_store_it(). via 488e228... s3-netlogon: pass down account name to remote password set functions. via 68ffe06... s3-docs: remove xml artefact from net.8.xml. from 4c7d2aa... s3/loadparm: Fix severe HPUX compiler issue.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test - Log ----------------------------------------------------------------- commit ec646e5e094639f750e56bde4779ab3b0ac23e47 Author: Günther Deschner <g...@samba.org> Date: Tue Oct 6 18:26:33 2009 +0200 s3-winbindd: add wbint_ChangeMachineAccount implementation. Guenther (cherry picked from commit a3306e352dad74c3c6ce441610defc472d570f4f) commit e3fa32aa37ce913d0daad6aa1b6bb81986dce4bf Author: Günther Deschner <g...@samba.org> Date: Tue Oct 6 18:20:23 2009 +0200 docs: document wbinfo -c. Guenther (cherry picked from commit 0c37c23869fe8000609c91be3d44ba269ff38f3b) commit e816b11d564df42a467c7c330f4b75db923d497e Author: Günther Deschner <g...@samba.org> Date: Tue Oct 6 18:18:00 2009 +0200 nsswitch: add wbinfo -c (change trust account passwords). Guenther (cherry picked from commit 0a468fbe36e6049f8d7f971c1aa111e1573a406c) commit 507de11191b28b8d14eda43084621e731e7a82f7 Author: Günther Deschner <g...@samba.org> Date: Tue Oct 6 18:15:08 2009 +0200 libwbclient: add wbcChangeTrustCredentials. Guenther (cherry picked from commit 74948c979ab19f20c7e5824aee50828e9bda0e35) commit 6a7320d73a51d84cdba08e43c8b50991339de267 Author: Günther Deschner <g...@samba.org> Date: Tue Oct 13 12:24:57 2009 +0200 docs: document wbinfo -t --domain DOMAIN behavior. Guenther (cherry picked from commit f394b5bc683d55be066f8565f99d157d9848e169) commit b5ab612c5f9b5afd04618b705153fbf5150382f4 Author: Günther Deschner <g...@samba.org> Date: Thu Oct 8 00:34:53 2009 +0200 netlogon: add NL_PASSWORD_VERSION to IDL. Guenther (cherry picked from commit c2be185793d66709b0b2ddb92845f4dfd0ab27b6) commit bf8253211c478280d41e3f8afdf7a97acc9ca898 Author: Günther Deschner <g...@samba.org> Date: Tue Oct 13 10:15:34 2009 +0200 s3: use enum netr_SchannelType all over the place. Guenther (cherry picked from commit ebe0e64ba9815b238cccf7d24821bc473d245707) commit d1dffa6244fb7b5eb95d3bea9a585d7bd0d92484 Author: Günther Deschner <g...@samba.org> Date: Thu Oct 8 00:39:40 2009 +0200 s3-netlogon: allow to change any type of trust account password in trust_pw_find_change_and_store_it(). Guenther (cherry picked from commit aa8c142b5e1d126b9a5a8e4a6638bc785292fbc2) commit 488e228fc9b469c6b40a372c0f2ff0658e176c27 Author: Günther Deschner <g...@samba.org> Date: Thu Oct 8 00:34:05 2009 +0200 s3-netlogon: pass down account name to remote password set functions. Guenther (cherry picked from commit 4a1b50afd567313cc25d5bbc14e01e170aa62a00) commit 68ffe06565746c6172f68888052ce6809036dd27 Author: Günther Deschner <g...@samba.org> Date: Mon Oct 12 14:28:53 2009 +0200 s3-docs: remove xml artefact from net.8.xml. Guenther (cherry picked from commit 5eb14b2994b4508156c0760cc4adf4db70eee9cc) ----------------------------------------------------------------------- Summary of changes: docs-xml/manpages-3/net.8.xml | 2 +- docs-xml/manpages-3/wbinfo.1.xml | 13 ++- librpc/gen_ndr/netlogon.h | 7 + librpc/idl/netlogon.idl | 12 ++ nsswitch/libwbclient/wbc_pam.c | 38 +++++ nsswitch/libwbclient/wbclient.h | 11 ++ nsswitch/wbinfo.c | 39 +++++ nsswitch/winbind_struct_protocol.h | 1 + source3/Makefile.in | 1 + source3/auth/auth_domain.c | 2 +- source3/include/proto.h | 16 ++- source3/libads/util.c | 2 +- source3/libnet/libnet_join.c | 1 + source3/librpc/gen_ndr/cli_wbint.c | 146 ++++++++++++++++++++ source3/librpc/gen_ndr/cli_wbint.h | 8 + source3/librpc/gen_ndr/ndr_wbint.c | 51 +++++++- source3/librpc/gen_ndr/ndr_wbint.h | 11 +- source3/librpc/gen_ndr/srv_wbint.c | 80 +++++++++++ source3/librpc/gen_ndr/srv_wbint.h | 2 + source3/librpc/gen_ndr/wbint.h | 8 + source3/librpc/idl/wbint.idl | 5 +- source3/libsmb/trusts_util.c | 50 ++++++- source3/passdb/passdb.c | 6 +- source3/passdb/secrets.c | 11 +- source3/rpc_client/cli_netlogon.c | 5 +- source3/rpc_client/cli_pipe.c | 2 +- source3/rpc_server/srv_netlog_nt.c | 2 +- source3/rpcclient/cmd_netlogon.c | 2 +- source3/rpcclient/rpcclient.c | 2 +- source3/utils/net.c | 4 +- source3/utils/net_proto.h | 2 +- source3/utils/net_rpc.c | 3 +- source3/utils/net_rpc_join.c | 2 +- source3/winbindd/winbindd.c | 2 + source3/winbindd/winbindd_cache.c | 1 + ...chine_acct.c => winbindd_change_machine_acct.c} | 44 +++---- source3/winbindd/winbindd_cm.c | 2 +- source3/winbindd/winbindd_dual_srv.c | 62 ++++++++ source3/winbindd/winbindd_proto.h | 7 + 39 files changed, 598 insertions(+), 67 deletions(-) copy source3/winbindd/{winbindd_check_machine_acct.c => winbindd_change_machine_acct.c} (58%) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml index da4fec5..794a222 100644 --- a/docs-xml/manpages-3/net.8.xml +++ b/docs-xml/manpages-3/net.8.xml @@ -843,7 +843,7 @@ Force shutting down all applications. Timeout before system will be shut down. An interactive user of the system can use this time to cancel the shutdown. </para></listitem> -</varlistentry>'> +</varlistentry> <varlistentry> <term>-C message</term> diff --git a/docs-xml/manpages-3/wbinfo.1.xml b/docs-xml/manpages-3/wbinfo.1.xml index d31a4f8..f63a3ee 100644 --- a/docs-xml/manpages-3/wbinfo.1.xml +++ b/docs-xml/manpages-3/wbinfo.1.xml @@ -23,6 +23,7 @@ <arg choice="opt">--all-domains</arg> <arg choice="opt">--allocate-gid</arg> <arg choice="opt">--allocate-uid</arg> + <arg choice="opt">-c</arg> <arg choice="opt">-D domain</arg> <arg choice="opt">--domain domain</arg> <arg choice="opt">-g</arg> @@ -111,6 +112,14 @@ </varlistentry> <varlistentry> + <term>-c|--change-secret</term> + <listitem><para>Change the trust account password. May be used + in conjunction with <option>domain</option> in order to change + interdomain trust account passwords. + </para></listitem> + </varlistentry> + + <varlistentry> <term>--domain <replaceable>name</replaceable></term> <listitem><para>This parameter sets the domain on which any specified operations will performed. If special domain name '.' is used to represent @@ -283,7 +292,9 @@ <term>-t|--check-secret</term> <listitem><para>Verify that the workstation trust account created when the Samba server is added to the Windows NT - domain is working. </para></listitem> + domain is working. May be used in conjunction with + <option>domain</option> in order to verify interdomain + trust accounts.</para></listitem> </varlistentry> <varlistentry> diff --git a/librpc/gen_ndr/netlogon.h b/librpc/gen_ndr/netlogon.h index 890fba1..268790e 100644 --- a/librpc/gen_ndr/netlogon.h +++ b/librpc/gen_ndr/netlogon.h @@ -17,6 +17,7 @@ #define NETLOGON_NEG_128BIT ( NETLOGON_NEG_STRONG_KEYS ) #define NETLOGON_NEG_SCHANNEL ( NETLOGON_NEG_AUTHENTICATED_RPC ) #define DSGETDC_VALID_FLAGS ( (DS_FORCE_REDISCOVERY|DS_DIRECTORY_SERVICE_REQUIRED|DS_DIRECTORY_SERVICE_PREFERRED|DS_GC_SERVER_REQUIRED|DS_PDC_REQUIRED|DS_BACKGROUND_ONLY|DS_IP_REQUIRED|DS_KDC_REQUIRED|DS_TIMESERV_REQUIRED|DS_WRITABLE_REQUIRED|DS_GOOD_TIMESERV_PREFERRED|DS_AVOID_SELF|DS_ONLY_LDAP_NEEDED|DS_IS_FLAT_NAME|DS_IS_DNS_NAME|DS_RETURN_FLAT_NAME|DS_RETURN_DNS_NAME) ) +#define NETLOGON_PASSWORD_VERSION_NUMBER_PRESENT ( 0x02231968 ) #define DS_GFTI_UPDATE_TDO ( 0x1 ) struct netr_UasInfo { const char *account_name;/* [unique,charset(UTF16)] */ @@ -1033,6 +1034,12 @@ union netr_DomainInfo { struct netr_LsaPolicyInformation *lsa_policy_info;/* [unique,case(2)] */ }; +struct NL_PASSWORD_VERSION { + uint32_t ReservedField; + uint32_t PasswordVersionNumber; + uint32_t PasswordVersionPresent; +}; + struct netr_CryptPassword { uint8_t data[512]; uint32_t length; diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl index ef2c8a4..b0684f7 100644 --- a/librpc/idl/netlogon.idl +++ b/librpc/idl/netlogon.idl @@ -1412,6 +1412,18 @@ interface netlogon /*****************/ /* Function 0x1e */ + + /* [MS-NRPC] 2.2.1.3.8 NL_PASSWORD_VERSION */ + + /* someone's birthday ? */ + const int NETLOGON_PASSWORD_VERSION_NUMBER_PRESENT = 0x02231968; + + typedef struct { + uint32 ReservedField; + uint32 PasswordVersionNumber; + uint32 PasswordVersionPresent; + } NL_PASSWORD_VERSION; + typedef [flag(NDR_PAHEX)] struct { uint8 data[512]; uint32 length; diff --git a/nsswitch/libwbclient/wbc_pam.c b/nsswitch/libwbclient/wbc_pam.c index 4cd212a..7a66a7f 100644 --- a/nsswitch/libwbclient/wbc_pam.c +++ b/nsswitch/libwbclient/wbc_pam.c @@ -532,6 +532,44 @@ wbcErr wbcCheckTrustCredentials(const char *domain, return wbc_status; } +/* Trigger a change of the trust credentials for a specific domain */ +wbcErr wbcChangeTrustCredentials(const char *domain, + struct wbcAuthErrorInfo **error) +{ + struct winbindd_request request; + struct winbindd_response response; + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + + ZERO_STRUCT(request); + ZERO_STRUCT(response); + + if (domain) { + strncpy(request.domain_name, domain, + sizeof(request.domain_name)-1); + } + + /* Send request */ + + wbc_status = wbcRequestResponse(WINBINDD_CHANGE_MACHACC, + &request, + &response); + if (response.data.auth.nt_status != 0) { + if (error) { + wbc_status = wbc_create_error_info(NULL, + &response, + error); + BAIL_ON_WBC_ERROR(wbc_status); + } + + wbc_status = WBC_ERR_AUTH_ERROR; + BAIL_ON_WBC_ERROR(wbc_status); + } + BAIL_ON_WBC_ERROR(wbc_status); + + done: + return wbc_status; +} + /* Trigger an extended logoff notification to Winbind for a specific user */ wbcErr wbcLogoffUserEx(const struct wbcLogoffUserParams *params, struct wbcAuthErrorInfo **error) diff --git a/nsswitch/libwbclient/wbclient.h b/nsswitch/libwbclient/wbclient.h index 4dc6d23..ecc1f7f 100644 --- a/nsswitch/libwbclient/wbclient.h +++ b/nsswitch/libwbclient/wbclient.h @@ -1191,6 +1191,17 @@ wbcErr wbcResolveWinsByIP(const char *ip, char **name); wbcErr wbcCheckTrustCredentials(const char *domain, struct wbcAuthErrorInfo **error); +/** + * @brief Trigger a change of the trust credentials for a specific domain + * + * @param *domain The name of the domain. + * @param error Output details on WBC_ERR_AUTH_ERROR + * + * @return #wbcErr + **/ +wbcErr wbcChangeTrustCredentials(const char *domain, + struct wbcAuthErrorInfo **error); + /********************************************************** * Helper functions **********************************************************/ diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c index 7410a74..219ec24 100644 --- a/nsswitch/wbinfo.c +++ b/nsswitch/wbinfo.c @@ -754,6 +754,38 @@ static bool wbinfo_check_secret(const char *domain) return true; } +/* Change trust account password */ + +static bool wbinfo_change_secret(const char *domain) +{ + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcAuthErrorInfo *error = NULL; + const char *domain_name; + + if (domain) { + domain_name = domain; + } else { + domain_name = get_winbind_domain(); + } + + wbc_status = wbcChangeTrustCredentials(domain_name, &error); + + d_printf("changing the trust secret for domain %s via RPC calls %s\n", + domain_name, + WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed"); + + if (wbc_status == WBC_ERR_AUTH_ERROR) { + d_fprintf(stderr, "error code was %s (0x%x)\n", + error->nt_string, error->nt_status); + wbcFreeMemory(error); + } + if (!WBC_ERROR_IS_OK(wbc_status)) { + return false; + } + + return true; +} + /* Convert uid to sid */ static bool wbinfo_uid_to_sid(uid_t uid) @@ -1733,6 +1765,7 @@ int main(int argc, char **argv, char **envp) { "remove-uid-mapping", 0, POPT_ARG_STRING, &string_arg, OPT_REMOVE_UID_MAPPING, "Remove uid to sid mapping in idmap", "UID,SID" }, { "remove-gid-mapping", 0, POPT_ARG_STRING, &string_arg, OPT_REMOVE_GID_MAPPING, "Remove gid to sid mapping in idmap", "GID,SID" }, { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, + { "change-secret", 'c', POPT_ARG_NONE, 0, 'c', "Change shared secret" }, { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" }, { "all-domains", 0, POPT_ARG_NONE, 0, OPT_LIST_ALL_DOMAINS, "List all domains (trusted and own domain)" }, { "own-domain", 0, POPT_ARG_NONE, 0, OPT_LIST_OWN_DOMAIN, "List own domain" }, @@ -1963,6 +1996,12 @@ int main(int argc, char **argv, char **envp) goto done; } break; + case 'c': + if (!wbinfo_change_secret(opt_domain_name)) { + d_fprintf(stderr, "Could not change secret\n"); + goto done; + } + break; case 'm': if (!wbinfo_list_domains(false, verbose)) { d_fprintf(stderr, diff --git a/nsswitch/winbind_struct_protocol.h b/nsswitch/winbind_struct_protocol.h index bd14410..3056e25 100644 --- a/nsswitch/winbind_struct_protocol.h +++ b/nsswitch/winbind_struct_protocol.h @@ -118,6 +118,7 @@ enum winbindd_cmd { /* Miscellaneous other stuff */ WINBINDD_CHECK_MACHACC, /* Check machine account pw works */ + WINBINDD_CHANGE_MACHACC, /* Change machine account pw */ WINBINDD_PING, /* Just tell me winbind is running */ WINBINDD_INFO, /* Various bit of info. Currently just tidbits */ WINBINDD_DOMAIN_NAME, /* The domain this winbind server is a member of (lp_workgroup()) */ diff --git a/source3/Makefile.in b/source3/Makefile.in index 694985f..90faadf 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -1221,6 +1221,7 @@ WINBINDD_OBJ1 = \ winbindd/winbindd_list_users.o \ winbindd/winbindd_list_groups.o \ winbindd/winbindd_check_machine_acct.o \ + winbindd/winbindd_change_machine_acct.o \ winbindd/winbindd_set_mapping.o \ winbindd/winbindd_remove_mapping.o \ winbindd/winbindd_set_hwm.o \ diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index 7dec6ad..084d84c 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -195,7 +195,7 @@ machine %s. Error was : %s.\n", dc_name, nt_errstr(result))); if (!lp_client_schannel()) { /* We need to set up a creds chain on an unauthenticated netlogon pipe. */ uint32_t neg_flags = NETLOGON_NEG_AUTH2_ADS_FLAGS; - uint32 sec_chan_type = 0; + enum netr_SchannelType sec_chan_type = 0; unsigned char machine_pwd[16]; const char *account_name; diff --git a/source3/include/proto.h b/source3/include/proto.h index 48000c1..d71060a 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3307,8 +3307,9 @@ void update_trustdom_cache( void ); NTSTATUS trust_pw_change_and_store_it(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *domain, + const char *account_name, unsigned char orig_trust_passwd_hash[16], - uint32 sec_channel_type); + enum netr_SchannelType sec_channel_type); NTSTATUS trust_pw_find_change_and_store_it(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *domain) ; @@ -4671,14 +4672,14 @@ bool secrets_fetch_domain_sid(const char *domain, DOM_SID *sid); bool secrets_store_domain_guid(const char *domain, struct GUID *guid); bool secrets_fetch_domain_guid(const char *domain, struct GUID *guid); void *secrets_get_trust_account_lock(TALLOC_CTX *mem_ctx, const char *domain); -uint32 get_default_sec_channel(void); +enum netr_SchannelType get_default_sec_channel(void); bool secrets_fetch_trust_account_password_legacy(const char *domain, uint8 ret_pwd[16], time_t *pass_last_set_time, - uint32 *channel); + enum netr_SchannelType *channel); bool secrets_fetch_trust_account_password(const char *domain, uint8 ret_pwd[16], time_t *pass_last_set_time, - uint32 *channel); + enum netr_SchannelType *channel); bool secrets_fetch_trusted_domain_password(const char *domain, char** pwd, DOM_SID *sid, time_t *pass_last_set_time); bool secrets_store_trusted_domain_password(const char* domain, const char* pwd, @@ -4686,10 +4687,10 @@ bool secrets_store_trusted_domain_password(const char* domain, const char* pwd, bool secrets_delete_machine_password(const char *domain); bool secrets_delete_machine_password_ex(const char *domain); bool secrets_delete_domain_sid(const char *domain); -bool secrets_store_machine_password(const char *pass, const char *domain, uint32 sec_channel); +bool secrets_store_machine_password(const char *pass, const char *domain, enum netr_SchannelType sec_channel); char *secrets_fetch_machine_password(const char *domain, time_t *pass_last_set_time, - uint32 *channel); + enum netr_SchannelType *channel); bool trusted_domain_password_delete(const char *domain); bool secrets_store_ldap_pw(const char* dn, char* pw); bool fetch_ldap_pw(char **dn, char** pw); @@ -5238,10 +5239,11 @@ NTSTATUS rpccli_netlogon_sam_network_logon_ex(struct rpc_pipe_client *cli, struct netr_SamInfo3 **info3); NTSTATUS rpccli_netlogon_set_trust_password(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, + const char *account_name, const unsigned char orig_trust_passwd_hash[16], const char *new_trust_pwd_cleartext, const unsigned char new_trust_passwd_hash[16], - uint32_t sec_channel_type); + enum netr_SchannelType sec_channel_type); /* The following definitions come from rpc_client/cli_pipe.c */ diff --git a/source3/libads/util.c b/source3/libads/util.c index 2c7ccfe..9dcb906 100644 --- a/source3/libads/util.c +++ b/source3/libads/util.c @@ -26,7 +26,7 @@ ADS_STATUS ads_change_trust_account_password(ADS_STRUCT *ads, char *host_princip char *password; char *new_password; ADS_STATUS ret; - uint32 sec_channel_type; + enum netr_SchannelType sec_channel_type; if ((password = secrets_fetch_machine_password(lp_workgroup(), NULL, &sec_channel_type)) == NULL) { DEBUG(1,("Failed to retrieve password for principal %s\n", host_principal)); diff --git a/source3/libnet/libnet_join.c b/source3/libnet/libnet_join.c index 8c30307..aa5f54a 100644 --- a/source3/libnet/libnet_join.c +++ b/source3/libnet/libnet_join.c @@ -789,6 +789,7 @@ static NTSTATUS libnet_join_joindomain_rpc_unsecure(TALLOC_CTX *mem_ctx, E_md4hash(trust_passwd, orig_trust_passwd_hash); status = rpccli_netlogon_set_trust_password(pipe_hnd, mem_ctx, + r->in.machine_name, orig_trust_passwd_hash, r->in.machine_password, new_trust_passwd_hash, diff --git a/source3/librpc/gen_ndr/cli_wbint.c b/source3/librpc/gen_ndr/cli_wbint.c index 3e5fc44..ecf8363 100644 --- a/source3/librpc/gen_ndr/cli_wbint.c +++ b/source3/librpc/gen_ndr/cli_wbint.c @@ -3075,6 +3075,152 @@ NTSTATUS rpccli_wbint_CheckMachineAccount(struct rpc_pipe_client *cli, return r.out.result; } +struct rpccli_wbint_ChangeMachineAccount_state { + struct wbint_ChangeMachineAccount orig; + struct wbint_ChangeMachineAccount tmp; + TALLOC_CTX *out_mem_ctx; + NTSTATUS (*dispatch_recv)(struct tevent_req *req, TALLOC_CTX *mem_ctx); +}; + +static void rpccli_wbint_ChangeMachineAccount_done(struct tevent_req *subreq); + +struct tevent_req *rpccli_wbint_ChangeMachineAccount_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, + struct rpc_pipe_client *cli) +{ + struct tevent_req *req; + struct rpccli_wbint_ChangeMachineAccount_state *state; + struct tevent_req *subreq; + + req = tevent_req_create(mem_ctx, &state, + struct rpccli_wbint_ChangeMachineAccount_state); + if (req == NULL) { + return NULL; + } + state->out_mem_ctx = NULL; + state->dispatch_recv = cli->dispatch_recv; + + /* In parameters */ + + /* Out parameters */ + + /* Result */ + ZERO_STRUCT(state->orig.out.result); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(wbint_ChangeMachineAccount, &state->orig); + } + + /* make a temporary copy, that we pass to the dispatch function */ + state->tmp = state->orig; + + subreq = cli->dispatch_send(state, ev, cli, + &ndr_table_wbint, + NDR_WBINT_CHANGEMACHINEACCOUNT, + &state->tmp); + if (tevent_req_nomem(subreq, req)) { + return tevent_req_post(req, ev); + } + tevent_req_set_callback(subreq, rpccli_wbint_ChangeMachineAccount_done, req); + return req; +} + +static void rpccli_wbint_ChangeMachineAccount_done(struct tevent_req *subreq) +{ + struct tevent_req *req = tevent_req_callback_data( + subreq, struct tevent_req); + struct rpccli_wbint_ChangeMachineAccount_state *state = tevent_req_data( + req, struct rpccli_wbint_ChangeMachineAccount_state); + NTSTATUS status; + TALLOC_CTX *mem_ctx; + + if (state->out_mem_ctx) { + mem_ctx = state->out_mem_ctx; + } else { + mem_ctx = state; + } + + status = state->dispatch_recv(subreq, mem_ctx); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status)) { + tevent_req_nterror(req, status); + return; + } + + /* Copy out parameters */ + + /* Copy result */ + state->orig.out.result = state->tmp.out.result; + + /* Reset temporary structure */ + ZERO_STRUCT(state->tmp); + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(wbint_ChangeMachineAccount, &state->orig); + } + + tevent_req_done(req); +} + +NTSTATUS rpccli_wbint_ChangeMachineAccount_recv(struct tevent_req *req, + TALLOC_CTX *mem_ctx, + NTSTATUS *result) +{ + struct rpccli_wbint_ChangeMachineAccount_state *state = tevent_req_data( + req, struct rpccli_wbint_ChangeMachineAccount_state); + NTSTATUS status; + + if (tevent_req_is_nterror(req, &status)) { + tevent_req_received(req); + return status; + } + + /* Steal possbile out parameters to the callers context */ + talloc_steal(mem_ctx, state->out_mem_ctx); + + /* Return result */ + *result = state->orig.out.result; + + tevent_req_received(req); + return NT_STATUS_OK; +} + +NTSTATUS rpccli_wbint_ChangeMachineAccount(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx) +{ + struct wbint_ChangeMachineAccount r; + NTSTATUS status; + + /* In parameters */ + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_IN_DEBUG(wbint_ChangeMachineAccount, &r); + } + + status = cli->dispatch(cli, + mem_ctx, + &ndr_table_wbint, + NDR_WBINT_CHANGEMACHINEACCOUNT, + &r); + + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + if (DEBUGLEVEL >= 10) { + NDR_PRINT_OUT_DEBUG(wbint_ChangeMachineAccount, &r); + } + + if (NT_STATUS_IS_ERR(status)) { -- Samba Shared Repository