def run(self, domain, role=None, sambaopts=None, credopts=None, versionopts=None, server=None, site=None, targetdir=None): lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) net = Net(creds, lp, server=credopts.ipaddress) if site is None: site = "Default-First-Site-Name" netbios_name = lp.get("netbios name") if not role is None: role = role.upper() if role is None or role == "MEMBER": (join_password, sid, domain_name) = net.join_member(domain, netbios_name, LIBNET_JOIN_AUTOMATIC) self.outf.write("Joined domain %s (%s)\n" % (domain_name, sid)) return elif role == "DC": join_DC(server=server, creds=creds, lp=lp, domain=domain, site=site, netbios_name=netbios_name, targetdir=targetdir) return elif role == "RODC": join_RODC(server=server, creds=creds, lp=lp, domain=domain, site=site, netbios_name=netbios_name, targetdir=targetdir) return else: raise CommandError("Invalid role %s (possible values: MEMBER, BDC, RODC)" % role)
def run(self, domain, role=None, sambaopts=None, credopts=None, versionopts=None, server=None, site=None, targetdir=None, domain_critical_only=False, parent_domain=None, machinepass=None): lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) net = Net(creds, lp, server=credopts.ipaddress) if site is None: site = "Default-First-Site-Name" netbios_name = lp.get("netbios name") if not role is None: role = role.upper() if role is None or role == "MEMBER": (join_password, sid, domain_name) = net.join_member(domain, netbios_name, LIBNET_JOIN_AUTOMATIC, machinepass=machinepass) self.outf.write("Joined domain %s (%s)\n" % (domain_name, sid)) return elif role == "DC": join_DC(server=server, creds=creds, lp=lp, domain=domain, site=site, netbios_name=netbios_name, targetdir=targetdir, domain_critical_only=domain_critical_only, machinepass=machinepass) return elif role == "RODC": join_RODC(server=server, creds=creds, lp=lp, domain=domain, site=site, netbios_name=netbios_name, targetdir=targetdir, domain_critical_only=domain_critical_only, machinepass=machinepass) return elif role == "SUBDOMAIN": netbios_domain = lp.get("workgroup") if parent_domain is None: parent_domain = ".".join(domain.split(".")[1:]) join_subdomain(server=server, creds=creds, lp=lp, dnsdomain=domain, parent_domain=parent_domain, site=site, netbios_name=netbios_name, netbios_domain=netbios_domain, targetdir=targetdir, machinepass=machinepass) return else: raise CommandError("Invalid role '%s' (possible values: MEMBER, DC, RODC, SUBDOMAIN)" % role)
def test_net_join_no_spnego(self): self.lp.set("client use spnego", "no") netbios_name = "NetJoinNoSpnego" machinepass = "******" creds = self.insta_creds(template=self.get_credentials(), kerberos_state=DONT_USE_KERBEROS) net = Net(creds, self.lp, server=self.server) try: (join_password, sid, domain_name) = net.join_member( self.domain, netbios_name, LIBNET_JOIN_AUTOMATIC, machinepass=machinepass) except NTSTATUSError as e: code = ctypes.c_uint32(e.args[0]).value if code == ntstatus.NT_STATUS_CONNECTION_DISCONNECTED: self.fail("Connection failure") elif code == ntstatus.NT_STATUS_ACCESS_DENIED: return else: raise self.fail("Shoud have rejected NTLMv2 without SPNEGO")
def test_net_join(self): netbios_name = "NetJoinTest" machinepass = "******" creds = self.insta_creds(template=self.get_credentials(), kerberos_state=DONT_USE_KERBEROS) net = Net(creds, self.lp, server=self.server) # NOTE WELL: We must not run more than one successful # net.join_member per file (process), as the shared # secrets.ldb handle will be kept between runs. try: (join_password, sid, domain_name) = net.join_member( self.domain, netbios_name, LIBNET_JOIN_AUTOMATIC, machinepass=machinepass) except NTSTATUSError as e: code = ctypes.c_uint32(e[0]).value if code == ntstatus.NT_STATUS_CONNECTION_DISCONNECTED: self.fail("Connection failure") raise os.unlink(os.path.join(self.tempdir, "secrets.ldb")) pass
def test_net_join(self): netbios_name = "NetJoinTest" machinepass = "******" creds = self.insta_creds(template=self.get_credentials(), kerberos_state=DONT_USE_KERBEROS) net = Net(creds, self.lp, server=self.server) # NOTE WELL: We must not run more than one successful # net.join_member per file (process), as the shared # secrets.ldb handle will be kept between runs. try: (join_password, sid, domain_name) = net.join_member(self.domain, netbios_name, LIBNET_JOIN_AUTOMATIC, machinepass=machinepass) except NTSTATUSError as e: code = ctypes.c_uint32(e.args[0]).value if code == ntstatus.NT_STATUS_CONNECTION_DISCONNECTED: self.fail("Connection failure") raise os.unlink(os.path.join(self.tempdir, "secrets.ldb")) pass
def test_net_join_no_spnego(self): self.lp.set("client use spnego", "no") netbios_name = "NetJoinNoSpnego" machinepass = "******" creds = self.insta_creds(template=self.get_credentials(), kerberos_state=DONT_USE_KERBEROS) net = Net(creds, self.lp, server=self.server) try: (join_password, sid, domain_name) = net.join_member(self.domain, netbios_name, LIBNET_JOIN_AUTOMATIC, machinepass=machinepass) except NTSTATUSError as e: code = ctypes.c_uint32(e.args[0]).value if code == ntstatus.NT_STATUS_CONNECTION_DISCONNECTED: self.fail("Connection failure") elif code == ntstatus.NT_STATUS_ACCESS_DENIED: return else: raise self.fail("Shoud have rejected NTLMv2 without SPNEGO")
def run(self, domain, role=None, sambaopts=None, credopts=None, versionopts=None, server=None, site=None, targetdir=None, domain_critical_only=False, parent_domain=None, machinepass=None): lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) net = Net(creds, lp, server=credopts.ipaddress) if site is None: site = "Default-First-Site-Name" netbios_name = lp.get("netbios name") if not role is None: role = role.upper() if role is None or role == "MEMBER": (join_password, sid, domain_name) = net.join_member(domain, netbios_name, LIBNET_JOIN_AUTOMATIC, machinepass=machinepass) self.outf.write("Joined domain %s (%s)\n" % (domain_name, sid)) return elif role == "DC": join_DC(server=server, creds=creds, lp=lp, domain=domain, site=site, netbios_name=netbios_name, targetdir=targetdir, domain_critical_only=domain_critical_only, machinepass=machinepass) return elif role == "RODC": join_RODC(server=server, creds=creds, lp=lp, domain=domain, site=site, netbios_name=netbios_name, targetdir=targetdir, domain_critical_only=domain_critical_only, machinepass=machinepass) return elif role == "SUBDOMAIN": netbios_domain = lp.get("workgroup") if parent_domain is None: parent_domain = ".".join(domain.split(".")[1:]) join_subdomain(server=server, creds=creds, lp=lp, dnsdomain=domain, parent_domain=parent_domain, site=site, netbios_name=netbios_name, netbios_domain=netbios_domain, targetdir=targetdir, machinepass=machinepass) return else: raise CommandError( "Invalid role '%s' (possible values: MEMBER, DC, RODC, SUBDOMAIN)" % role)