Blame tools/computer.c

Packit Service 6d40f9
/*
Packit Service 6d40f9
 * adcli
Packit Service 6d40f9
 *
Packit Service 6d40f9
 * Copyright (C) 2012 Red Hat Inc.
Packit Service 6d40f9
 *
Packit Service 6d40f9
 * This program is free software; you can redistribute it and/or modify
Packit Service 6d40f9
 * it under the terms of the GNU Lesser General Public License as
Packit Service 6d40f9
 * published by the Free Software Foundation; either version 2.1 of
Packit Service 6d40f9
 * the License, or (at your option) any later version.
Packit Service 6d40f9
 *
Packit Service 6d40f9
 * This program is distributed in the hope that it will be useful, but
Packit Service 6d40f9
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 6d40f9
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 6d40f9
 * Lesser General Public License for more details.
Packit Service 6d40f9
 *
Packit Service 6d40f9
 * You should have received a copy of the GNU Lesser General Public
Packit Service 6d40f9
 * License along with this program; if not, write to the Free Software
Packit Service 6d40f9
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
Packit Service 6d40f9
 * MA 02110-1301 USA
Packit Service 6d40f9
 *
Packit Service 6d40f9
 * Author: Stef Walter <stefw@gnome.org>
Packit Service 6d40f9
 */
Packit Service 6d40f9
Packit Service 6d40f9
#include "config.h"
Packit Service 6d40f9
Packit Service 6d40f9
#include "adcli.h"
Packit Service 6d40f9
#include "tools.h"
Packit Service 6d40f9
Packit Service 6d40f9
#include <assert.h>
Packit Service 6d40f9
#include <err.h>
Packit Service 6d40f9
#include <stdio.h>
Packit Service 6d40f9
#include <errno.h>
Packit Service bff25d
#include <unistd.h>
Packit Service 6d40f9
Packit Service 6d40f9
static void
Packit Service 6d40f9
dump_details (adcli_conn *conn,
Packit Service 6d40f9
              adcli_enroll *enroll,
Packit Service 6d40f9
              int show_password)
Packit Service 6d40f9
{
Packit Service 6d40f9
	const char *value;
Packit Service 6d40f9
Packit Service 6d40f9
	printf ("[domain]\n");
Packit Service 6d40f9
	printf ("domain-name = %s\n", adcli_conn_get_domain_name (conn));
Packit Service 6d40f9
	printf ("domain-realm = %s\n", adcli_conn_get_domain_realm (conn));
Packit Service 6d40f9
	printf ("domain-controller = %s\n", adcli_conn_get_domain_controller (conn));
Packit Service 6d40f9
	printf ("domain-short = %s\n", adcli_conn_get_domain_short (conn));
Packit Service 315950
	printf ("domain-SID = %s\n", adcli_conn_get_domain_sid (conn));
Packit Service 6d40f9
	printf ("naming-context = %s\n", adcli_conn_get_default_naming_context (conn));
Packit Service 6d40f9
	printf ("domain-ou = %s\n", adcli_enroll_get_domain_ou (enroll));
Packit Service 6d40f9
Packit Service 6d40f9
	printf ("[computer]\n");
Packit Service 6d40f9
	printf ("host-fqdn = %s\n", adcli_conn_get_host_fqdn (conn));
Packit Service 6d40f9
	printf ("computer-name = %s\n", adcli_conn_get_computer_name (conn));
Packit Service 6d40f9
	printf ("computer-dn = %s\n", adcli_enroll_get_computer_dn (enroll));
Packit Service 6d40f9
	if (show_password)
Packit Service 6d40f9
		printf ("computer-password = %s\n", adcli_enroll_get_computer_password (enroll));
Packit Service 6d40f9
Packit Service 6d40f9
	value = adcli_enroll_get_os_name (enroll);
Packit Service 6d40f9
	if (value)
Packit Service 6d40f9
		printf ("os-name = %s\n", value);
Packit Service 6d40f9
Packit Service 6d40f9
	value = adcli_enroll_get_os_version (enroll);
Packit Service 6d40f9
	if (value)
Packit Service 6d40f9
		printf ("os-version = %s\n", value);
Packit Service 6d40f9
Packit Service 6d40f9
	value = adcli_enroll_get_os_service_pack (enroll);
Packit Service 6d40f9
	if (value)
Packit Service 6d40f9
		printf ("os-service-pack = %s\n", value);
Packit Service 6d40f9
Packit Service 6d40f9
	printf ("[keytab]\n");
Packit Service 6d40f9
	printf ("kvno = %d\n", adcli_enroll_get_kvno (enroll));
Packit Service 6d40f9
	printf ("keytab = %s\n", adcli_enroll_get_keytab_name (enroll));
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service 6d40f9
static void
Packit Service 6d40f9
dump_password (adcli_conn *conn,
Packit Service 6d40f9
               adcli_enroll *enroll)
Packit Service 6d40f9
{
Packit Service 6d40f9
	printf ("[computer]\n");
Packit Service 6d40f9
	printf ("computer-password = %s\n", adcli_enroll_get_computer_password (enroll));
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service 6d40f9
typedef enum {
Packit Service 6d40f9
	/* Have short equivalents */
Packit Service 6d40f9
	opt_domain = 'D',
Packit Service 6d40f9
	opt_domain_realm = 'R',
Packit Service 6d40f9
	opt_domain_controller = 'S',
Packit Service 6d40f9
	opt_domain_ou = 'O',
Packit Service 6d40f9
	opt_host_fqdn = 'H',
Packit Service 6d40f9
	opt_computer_name = 'N',
Packit Service 6d40f9
	opt_host_keytab = 'K',
Packit Service 6d40f9
	opt_login_user = 'U',
Packit Service 6d40f9
	opt_login_ccache = 'C',
Packit Service 6d40f9
	opt_service_name = 'V',
Packit Service 6d40f9
	opt_prompt_password = 'W',
Packit Service 6d40f9
	opt_verbose = 'v',
Packit Service 6d40f9
Packit Service 6d40f9
	/* Don't have short equivalents */
Packit Service 6d40f9
	opt_login_type = 1000,
Packit Service 6d40f9
	opt_no_password,
Packit Service 6d40f9
	opt_stdin_password,
Packit Service 6d40f9
	opt_one_time_password,
Packit Service 6d40f9
	opt_show_details,
Packit Service 6d40f9
	opt_show_password,
Packit Service 6d40f9
	opt_os_name,
Packit Service 6d40f9
	opt_os_version,
Packit Service 6d40f9
	opt_os_service_pack,
Packit Service 6d40f9
	opt_user_principal,
Packit Service 6d40f9
	opt_computer_password_lifetime,
Packit Service 2e2783
	opt_add_samba_data,
Packit Service bff25d
	opt_samba_data_tool,
Packit Service 9b2c4a
	opt_trusted_for_delegation,
Packit Service 69847a
	opt_add_service_principal,
Packit Service 69847a
	opt_remove_service_principal,
Packit Service 0a8a87
	opt_description,
Packit Service aa0613
	opt_use_ldaps,
Packit Service 6d40f9
} Option;
Packit Service 6d40f9
Packit Service 6d40f9
static adcli_tool_desc common_usages[] = {
Packit Service 6d40f9
	{ opt_domain, "active directory domain name" },
Packit Service 6d40f9
	{ opt_domain_realm, "kerberos realm for the domain" },
Packit Service 6d40f9
	{ opt_domain_controller, "domain controller to connect to" },
Packit Service aa0613
	{ opt_use_ldaps, "use LDAPS port for communication" },
Packit Service 6d40f9
	{ opt_host_fqdn, "override the fully qualified domain name of the\n"
Packit Service 6d40f9
	                 "local machine" },
Packit Service 6d40f9
	{ opt_host_keytab, "filename for the host kerberos keytab" },
Packit Service 6d40f9
	{ opt_computer_name, "override the netbios short name of the local\n"
Packit Service 6d40f9
	                     "machine" },
Packit Service 6d40f9
	{ opt_login_ccache, "kerberos credential cache file which contains\n"
Packit Service 6d40f9
	                    "ticket to used to connect to the domain" },
Packit Service 6d40f9
	{ opt_login_user, "user (usually administrative) login name of\n"
Packit Service 6d40f9
	                  "the account to log into the domain as" },
Packit Service 6d40f9
	{ opt_login_type, "restrict type of login allowed when connecting to \n"
Packit Service 6d40f9
	                  "the domain, either 'computer' or 'user'" },
Packit Service 6d40f9
	{ opt_domain_ou, "a LDAP DN representing an organizational unit in\n"
Packit Service 6d40f9
	                   "which the computer account should be placed." },
Packit Service 6d40f9
	{ opt_service_name, "additional service name for a kerberos\n"
Packit Service 6d40f9
	                     "service principal to be created on the account" },
Packit Service 6d40f9
	{ opt_os_name, "the computer operating system name", },
Packit Service 6d40f9
	{ opt_os_version, "the computer operating system version", },
Packit Service 6d40f9
	{ opt_os_service_pack, "the computer operating system service pack", },
Packit Service 6d40f9
	{ opt_user_principal, "add an authentication principal to the account", },
Packit Service 6d40f9
	{ opt_computer_password_lifetime, "lifetime of the host accounts password in days", },
Packit Service 9b2c4a
	{ opt_trusted_for_delegation, "set/unset the TRUSTED_FOR_DELEGATION flag\n"
Packit Service 9b2c4a
	                              "in the userAccountControl attribute", },
Packit Service 69847a
	{ opt_add_service_principal, "add the given service principal to the account\n" },
Packit Service 69847a
	{ opt_remove_service_principal, "remove the given service principal from the account\n" },
Packit Service 0a8a87
	{ opt_description, "add a description to the account\n" },
Packit Service 6d40f9
	{ opt_no_password, "don't prompt for or read a password" },
Packit Service 6d40f9
	{ opt_prompt_password, "prompt for a password if necessary" },
Packit Service 6d40f9
	{ opt_stdin_password, "read a password from stdin (until EOF) if\n"
Packit Service 6d40f9
	                      "necessary" },
Packit Service 6d40f9
	{ opt_one_time_password, "password to use for the preset computer\n"
Packit Service 6d40f9
	                         "accounts" },
Packit Service 6d40f9
	{ opt_show_details, "show information about joining the domain after\n"
Packit Service 6d40f9
	                     "a successful join" },
Packit Service bc2650
	{ opt_show_password, "show computer account password after after a\n"
Packit Service 6d40f9
	                     "successful join" },
Packit Service 2e2783
	{ opt_add_samba_data, "add domain SID and computer account password\n"
Packit Service 2e2783
	                      "to the Samba specific configuration database" },
Packit Service bff25d
	{ opt_samba_data_tool, "Absolute path to the tool used for add-samba-data" },
Packit Service 6d40f9
	{ opt_verbose, "show verbose progress and failure messages", },
Packit Service 6d40f9
	{ 0 },
Packit Service 6d40f9
};
Packit Service 6d40f9
Packit Service f268f3
static int
Packit Service 6d40f9
parse_option (Option opt,
Packit Service 6d40f9
              const char *optarg,
Packit Service 6d40f9
              adcli_conn *conn,
Packit Service 6d40f9
              adcli_enroll *enroll)
Packit Service 6d40f9
{
Packit Service 6d40f9
	static int no_password = 0;
Packit Service 6d40f9
	static int prompt_password = 0;
Packit Service 6d40f9
	static int stdin_password = 0;
Packit Service 6d40f9
	char *endptr;
Packit Service 6d40f9
	unsigned int lifetime;
Packit Service bff25d
	int ret;
Packit Service 6d40f9
Packit Service 6d40f9
	switch (opt) {
Packit Service 6d40f9
	case opt_login_ccache:
Packit Service 6d40f9
		adcli_conn_set_login_ccache_name (conn, optarg ? optarg : "");
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_login_user:
Packit Service 6d40f9
		if (adcli_conn_get_allowed_login_types (conn) & ADCLI_LOGIN_USER_ACCOUNT) {
Packit Service 6d40f9
			adcli_conn_set_login_user (conn, optarg);
Packit Service 6d40f9
			adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
Packit Service 6d40f9
		} else {
Packit Service f268f3
			warnx ("cannot set --user if --login-type not set to 'user'");
Packit Service f268f3
			return EUSAGE;
Packit Service 6d40f9
		}
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_login_type:
Packit Service 6d40f9
		if (optarg && strcmp (optarg, "computer") == 0) {
Packit Service f268f3
			if (adcli_conn_get_login_user (conn) != NULL) {
Packit Service f268f3
				warnx ("cannot set --login-type to 'computer' if --user is set");
Packit Service f268f3
				return EUSAGE;
Packit Service f268f3
			} else
Packit Service 6d40f9
				adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_COMPUTER_ACCOUNT);
Packit Service 6d40f9
		} else if (optarg && strcmp (optarg, "user") == 0) {
Packit Service 6d40f9
			adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
Packit Service 6d40f9
Packit Service 6d40f9
		} else {
Packit Service f268f3
			warnx ("unknown login type '%s'", optarg);
Packit Service f268f3
			return EUSAGE;
Packit Service 6d40f9
		}
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_host_fqdn:
Packit Service 6d40f9
		adcli_conn_set_host_fqdn (conn, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_host_keytab:
Packit Service 6d40f9
		adcli_enroll_set_keytab_name (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_computer_name:
Packit Service 6d40f9
		adcli_conn_set_computer_name (conn, optarg);
Packit Service 6d40f9
		adcli_enroll_set_computer_name (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_domain:
Packit Service 6d40f9
		adcli_conn_set_domain_name (conn, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_domain_realm:
Packit Service 6d40f9
		adcli_conn_set_domain_realm (conn, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_domain_controller:
Packit Service 6d40f9
		adcli_conn_set_domain_controller (conn, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_domain_ou:
Packit Service 6d40f9
		adcli_enroll_set_domain_ou (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_service_name:
Packit Service 6d40f9
		adcli_enroll_add_service_name (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_no_password:
Packit Service 6d40f9
		if (stdin_password || prompt_password) {
Packit Service f268f3
			warnx ("cannot use --no-password argument with %s",
Packit Service f268f3
			       stdin_password ? "--stdin-password" : "--prompt-password");
Packit Service f268f3
			return EUSAGE;
Packit Service 6d40f9
		} else {
Packit Service 6d40f9
			adcli_conn_set_password_func (conn, NULL, NULL, NULL);
Packit Service 6d40f9
			no_password = 1;
Packit Service 6d40f9
		}
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_prompt_password:
Packit Service 6d40f9
		if (stdin_password || no_password) {
Packit Service f268f3
			warnx ("cannot use --prompt-password argument with %s",
Packit Service f268f3
			       stdin_password ? "--stdin-password" : "--no-password");
Packit Service f268f3
			return EUSAGE;
Packit Service 6d40f9
		} else {
Packit Service 6d40f9
			adcli_conn_set_password_func (conn, adcli_prompt_password_func, NULL, NULL);
Packit Service 6d40f9
			prompt_password = 1;
Packit Service 6d40f9
		}
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_stdin_password:
Packit Service 6d40f9
		if (prompt_password || no_password) {
Packit Service f268f3
			warnx ("cannot use --stdin-password argument with %s",
Packit Service f268f3
			       prompt_password ? "--prompt-password" : "--no-password");
Packit Service f268f3
			return EUSAGE;
Packit Service 6d40f9
		} else {
Packit Service 6d40f9
			adcli_conn_set_password_func (conn, adcli_read_password_func, NULL, NULL);
Packit Service 6d40f9
			stdin_password = 1;
Packit Service 6d40f9
		}
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_os_name:
Packit Service 6d40f9
		adcli_enroll_set_os_name (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_os_version:
Packit Service 6d40f9
		adcli_enroll_set_os_version (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_os_service_pack:
Packit Service 6d40f9
		adcli_enroll_set_os_service_pack (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_user_principal:
Packit Service 6d40f9
		if (optarg && optarg[0])
Packit Service 6d40f9
			adcli_enroll_set_user_principal (enroll, optarg);
Packit Service 6d40f9
		else
Packit Service 6d40f9
			adcli_enroll_auto_user_principal (enroll);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_computer_password_lifetime:
Packit Service 6d40f9
		errno = 0;
Packit Service 6d40f9
		lifetime = strtoul (optarg, &endptr, 10);
Packit Service 6d40f9
		if (errno != 0 || *endptr != '\0' || endptr == optarg) {
Packit Service f268f3
			warnx ("failure to parse value '%s' of option 'computer-password-lifetime'; "
Packit Service f268f3
			       "expecting non-negative integer indicating the lifetime in days",
Packit Service f268f3
			       optarg);
Packit Service f268f3
			return EUSAGE;
Packit Service 6d40f9
		}
Packit Service 6d40f9
Packit Service 6d40f9
		adcli_enroll_set_computer_password_lifetime (enroll, lifetime);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service bff25d
	case opt_samba_data_tool:
Packit Service bff25d
		errno = 0;
Packit Service bff25d
		ret = access (optarg, X_OK);
Packit Service bff25d
		if (ret != 0) {
Packit Service bff25d
			ret = errno;
Packit Service f268f3
			warnx ("Failed to access tool to add Samba data: %s", strerror (ret));
Packit Service f268f3
			return EUSAGE;
Packit Service bff25d
		} else {
Packit Service bff25d
			adcli_enroll_set_samba_data_tool (enroll, optarg);
Packit Service bff25d
		}
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 9b2c4a
	case opt_trusted_for_delegation:
Packit Service 9b2c4a
		if (strcasecmp (optarg, "true") == 0 || strcasecmp (optarg, "yes") == 0) {
Packit Service 9b2c4a
			adcli_enroll_set_trusted_for_delegation (enroll, true);
Packit Service 9b2c4a
		} else {
Packit Service 9b2c4a
			adcli_enroll_set_trusted_for_delegation (enroll, false);
Packit Service 9b2c4a
		}
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 69847a
	case opt_add_service_principal:
Packit Service 69847a
		adcli_enroll_add_service_principal_to_add (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 69847a
	case opt_remove_service_principal:
Packit Service 69847a
		adcli_enroll_add_service_principal_to_remove (enroll, optarg);
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 0a8a87
	case opt_description:
Packit Service 0a8a87
		adcli_enroll_set_description (enroll, optarg);
Packit Service 0a8a87
		return ADCLI_SUCCESS;
Packit Service aa0613
	case opt_use_ldaps:
Packit Service aa0613
		adcli_conn_set_use_ldaps (conn, true);
Packit Service aa0613
		return ADCLI_SUCCESS;
Packit Service 6d40f9
	case opt_verbose:
Packit Service f268f3
		return ADCLI_SUCCESS;
Packit Service 6d40f9
Packit Service 6d40f9
	/* Should be handled by caller */
Packit Service 6d40f9
	case opt_show_details:
Packit Service 6d40f9
	case opt_show_password:
Packit Service 6d40f9
	case opt_one_time_password:
Packit Service 2e2783
	case opt_add_samba_data:
Packit Service 6d40f9
		assert (0 && "not reached");
Packit Service 6d40f9
		break;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service f268f3
	warnx ("failure to parse option '%c'", opt);
Packit Service f268f3
	return EUSAGE;
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service 6d40f9
static void
Packit Service 6d40f9
parse_fqdn_or_name (adcli_enroll *enroll,
Packit Service 6d40f9
                    const char *arg)
Packit Service 6d40f9
{
Packit Service 6d40f9
	if (strchr (arg, '.') != NULL) {
Packit Service 6d40f9
		adcli_enroll_set_host_fqdn (enroll, arg);
Packit Service 6d40f9
		adcli_enroll_set_computer_name (enroll, NULL);
Packit Service 6d40f9
	} else {
Packit Service 6d40f9
		adcli_enroll_set_computer_name (enroll, arg);
Packit Service 6d40f9
		adcli_enroll_set_host_fqdn (enroll, NULL);
Packit Service 6d40f9
	}
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service 6d40f9
int
Packit Service 6d40f9
adcli_tool_computer_join (adcli_conn *conn,
Packit Service 6d40f9
                          int argc,
Packit Service 6d40f9
                          char *argv[])
Packit Service 6d40f9
{
Packit Service 6d40f9
	adcli_enroll_flags flags = ADCLI_ENROLL_ALLOW_OVERWRITE;
Packit Service 6d40f9
	adcli_enroll *enroll;
Packit Service 6d40f9
	adcli_result res;
Packit Service 6d40f9
	int show_password = 0;
Packit Service 6d40f9
	int details = 0;
Packit Service 6d40f9
	int opt;
Packit Service 6d40f9
Packit Service 6d40f9
	struct option options[] = {
Packit Service 6d40f9
		{ "domain", required_argument, NULL, opt_domain },
Packit Service 6d40f9
		{ "domain-realm", required_argument, NULL, opt_domain_realm },
Packit Service 6d40f9
		{ "domain-controller", required_argument, NULL, opt_domain_controller },
Packit Service 6d40f9
		{ "domain-server", required_argument, NULL, opt_domain_controller }, /* compat */
Packit Service aa0613
		{ "use-ldaps", no_argument, 0, opt_use_ldaps },
Packit Service 6d40f9
		{ "login-user", required_argument, NULL, opt_login_user },
Packit Service 6d40f9
		{ "user", required_argument, NULL, opt_login_user }, /* compat */
Packit Service 6d40f9
		{ "login-ccache", optional_argument, NULL, opt_login_ccache },
Packit Service 6d40f9
		{ "login-type", required_argument, NULL, opt_login_type },
Packit Service 6d40f9
		{ "host-fqdn", required_argument, 0, opt_host_fqdn },
Packit Service 6d40f9
		{ "computer-name", required_argument, 0, opt_computer_name },
Packit Service 6d40f9
		{ "host-keytab", required_argument, 0, opt_host_keytab },
Packit Service 6d40f9
		{ "no-password", no_argument, 0, opt_no_password },
Packit Service 6d40f9
		{ "stdin-password", no_argument, 0, opt_stdin_password },
Packit Service 6d40f9
		{ "prompt-password", no_argument, 0, opt_prompt_password },
Packit Service 6d40f9
		{ "one-time-password", required_argument, 0, opt_one_time_password },
Packit Service 6d40f9
		{ "domain-ou", required_argument, NULL, opt_domain_ou },
Packit Service 6d40f9
		{ "computer-ou", required_argument, NULL, opt_domain_ou }, /* compat */
Packit Service 6d40f9
		{ "service-name", required_argument, NULL, opt_service_name },
Packit Service 6d40f9
		{ "os-name", required_argument, NULL, opt_os_name },
Packit Service 6d40f9
		{ "os-version", required_argument, NULL, opt_os_version },
Packit Service 6d40f9
		{ "os-service-pack", optional_argument, NULL, opt_os_service_pack },
Packit Service 0a8a87
		{ "description", optional_argument, NULL, opt_description },
Packit Service 6d40f9
		{ "user-principal", optional_argument, NULL, opt_user_principal },
Packit Service 9b2c4a
		{ "trusted-for-delegation", required_argument, NULL, opt_trusted_for_delegation },
Packit Service 69847a
		{ "add-service-principal", required_argument, NULL, opt_add_service_principal },
Packit Service 6d40f9
		{ "show-details", no_argument, NULL, opt_show_details },
Packit Service 6d40f9
		{ "show-password", no_argument, NULL, opt_show_password },
Packit Service 2e2783
		{ "add-samba-data", no_argument, NULL, opt_add_samba_data },
Packit Service bff25d
		{ "samba-data-tool", no_argument, NULL, opt_samba_data_tool },
Packit Service 6d40f9
		{ "verbose", no_argument, NULL, opt_verbose },
Packit Service 6d40f9
		{ "help", no_argument, NULL, 'h' },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	static adcli_tool_desc usages[] = {
Packit Service 6d40f9
		{ 0, "usage: adcli join --domain=xxxx" },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	enroll = adcli_enroll_new (conn);
Packit Service e30472
	if (enroll == NULL) {
Packit Service e30472
		warnx ("unexpected memory problems");
Packit Service e30472
		return -1;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
Packit Service 6d40f9
		switch (opt) {
Packit Service 6d40f9
		case opt_one_time_password:
Packit Service 6d40f9
			adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_COMPUTER_ACCOUNT);
Packit Service 6d40f9
			adcli_conn_set_computer_password (conn, optarg);
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		case opt_show_details:
Packit Service 6d40f9
			details = 1;
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		case opt_show_password:
Packit Service 6d40f9
			show_password = 1;
Packit Service 6d40f9
			break;
Packit Service 2e2783
		case opt_add_samba_data:
Packit Service 2e2783
			flags |= ADCLI_ENROLL_ADD_SAMBA_DATA;
Packit Service 2e2783
			break;
Packit Service 6d40f9
		case 'h':
Packit Service 6d40f9
		case '?':
Packit Service 6d40f9
		case ':':
Packit Service 6d40f9
			adcli_tool_usage (options, usages);
Packit Service 6d40f9
			adcli_tool_usage (options, common_usages);
Packit Service 6d40f9
			adcli_enroll_unref (enroll);
Packit Service 6d40f9
			return opt == 'h' ? 0 : 2;
Packit Service 6d40f9
		default:
Packit Service f268f3
			res = parse_option ((Option)opt, optarg, conn, enroll);
Packit Service f268f3
			if (res != ADCLI_SUCCESS) {
Packit Service f268f3
				adcli_enroll_unref (enroll);
Packit Service f268f3
				return res;
Packit Service f268f3
			}
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		}
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	argc -= optind;
Packit Service 6d40f9
	argv += optind;
Packit Service 6d40f9
Packit Service 6d40f9
	if (argc == 1)
Packit Service 6d40f9
		adcli_conn_set_domain_name (conn, argv[0]);
Packit Service e30472
	else if (argc > 1) {
Packit Service e30472
		warnx ("extra arguments specified");
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return 2;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_conn_connect (conn);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("couldn't connect to %s domain: %s",
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_enroll_join (enroll, flags);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("joining domain %s failed: %s",
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	if (details)
Packit Service 6d40f9
		dump_details (conn, enroll, show_password);
Packit Service 6d40f9
	else if (show_password)
Packit Service 6d40f9
		dump_password (conn, enroll);
Packit Service 6d40f9
Packit Service 6d40f9
	adcli_enroll_unref (enroll);
Packit Service 6d40f9
Packit Service 6d40f9
	return 0;
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service 6d40f9
int
Packit Service 6d40f9
adcli_tool_computer_update (adcli_conn *conn,
Packit Service 6d40f9
		            int argc,
Packit Service 6d40f9
                            char *argv[])
Packit Service 6d40f9
{
Packit Service 6d40f9
	adcli_enroll_flags flags = ADCLI_ENROLL_ALLOW_OVERWRITE;
Packit Service 6d40f9
	adcli_enroll *enroll;
Packit Service 6d40f9
	adcli_result res;
Packit Service 6d40f9
	int show_password = 0;
Packit Service 6d40f9
	int details = 0;
Packit Service 6d40f9
	const char *ktname;
Packit Service 6d40f9
	int opt;
Packit Service 6d40f9
Packit Service 6d40f9
	struct option options[] = {
Packit Service 6d40f9
		{ "domain", required_argument, NULL, opt_domain },
Packit Service 6d40f9
		{ "domain-controller", required_argument, NULL, opt_domain_controller },
Packit Service 6d40f9
		{ "host-fqdn", required_argument, 0, opt_host_fqdn },
Packit Service 6d40f9
		{ "computer-name", required_argument, 0, opt_computer_name },
Packit Service 6d40f9
		{ "host-keytab", required_argument, 0, opt_host_keytab },
Packit Service 6d40f9
		{ "login-ccache", optional_argument, NULL, opt_login_ccache },
Packit Service 6d40f9
		{ "service-name", required_argument, NULL, opt_service_name },
Packit Service 6d40f9
		{ "os-name", required_argument, NULL, opt_os_name },
Packit Service 6d40f9
		{ "os-version", required_argument, NULL, opt_os_version },
Packit Service 6d40f9
		{ "os-service-pack", optional_argument, NULL, opt_os_service_pack },
Packit Service 0a8a87
		{ "description", optional_argument, NULL, opt_description },
Packit Service 6d40f9
		{ "user-principal", optional_argument, NULL, opt_user_principal },
Packit Service 6d40f9
		{ "computer-password-lifetime", optional_argument, NULL, opt_computer_password_lifetime },
Packit Service 9b2c4a
		{ "trusted-for-delegation", required_argument, NULL, opt_trusted_for_delegation },
Packit Service 69847a
		{ "add-service-principal", required_argument, NULL, opt_add_service_principal },
Packit Service 69847a
		{ "remove-service-principal", required_argument, NULL, opt_remove_service_principal },
Packit Service 6d40f9
		{ "show-details", no_argument, NULL, opt_show_details },
Packit Service 6d40f9
		{ "show-password", no_argument, NULL, opt_show_password },
Packit Service 2e2783
		{ "add-samba-data", no_argument, NULL, opt_add_samba_data },
Packit Service bff25d
		{ "samba-data-tool", no_argument, NULL, opt_samba_data_tool },
Packit Service 6d40f9
		{ "verbose", no_argument, NULL, opt_verbose },
Packit Service 6d40f9
		{ "help", no_argument, NULL, 'h' },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	static adcli_tool_desc usages[] = {
Packit Service 6d40f9
		{ 0, "usage: adcli update" },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	enroll = adcli_enroll_new (conn);
Packit Service e30472
	if (enroll == NULL) {
Packit Service e30472
		warnx ("unexpected memory problems");
Packit Service e30472
		return -1;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
Packit Service 6d40f9
		switch (opt) {
Packit Service 6d40f9
		case opt_show_details:
Packit Service 6d40f9
			details = 1;
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		case opt_show_password:
Packit Service 6d40f9
			show_password = 1;
Packit Service 6d40f9
			break;
Packit Service 2e2783
		case opt_add_samba_data:
Packit Service 2e2783
			flags |= ADCLI_ENROLL_ADD_SAMBA_DATA;
Packit Service 2e2783
			break;
Packit Service 6d40f9
		case 'h':
Packit Service 6d40f9
		case '?':
Packit Service 6d40f9
		case ':':
Packit Service 6d40f9
			adcli_tool_usage (options, usages);
Packit Service 6d40f9
			adcli_tool_usage (options, common_usages);
Packit Service 6d40f9
			adcli_enroll_unref (enroll);
Packit Service 6d40f9
			return opt == 'h' ? 0 : 2;
Packit Service 6d40f9
		default:
Packit Service f268f3
			res = parse_option ((Option)opt, optarg, conn, enroll);
Packit Service f268f3
			if (res != ADCLI_SUCCESS) {
Packit Service f268f3
				adcli_enroll_unref (enroll);
Packit Service f268f3
				return res;
Packit Service f268f3
			}
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		}
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	argc -= optind;
Packit Service 6d40f9
	argv += optind;
Packit Service 6d40f9
Packit Service 6d40f9
	if (adcli_conn_get_login_ccache_name (conn) == NULL) {
Packit Service 6d40f9
		/* Force use of a keytab for computer account login */
Packit Service 6d40f9
		adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_COMPUTER_ACCOUNT);
Packit Service 6d40f9
		ktname = adcli_enroll_get_keytab_name (enroll);
Packit Service 6d40f9
		adcli_conn_set_login_keytab_name (conn, ktname ? ktname : "");
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_enroll_load (enroll);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("couldn't lookup domain info from keytab: %s",
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_conn_connect (conn);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("couldn't connect to %s domain: %s",
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_enroll_update (enroll, flags);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("updating membership with domain %s failed: %s",
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	if (details)
Packit Service 6d40f9
		dump_details (conn, enroll, show_password);
Packit Service 6d40f9
	else if (show_password)
Packit Service 6d40f9
		dump_password (conn, enroll);
Packit Service 6d40f9
Packit Service 6d40f9
	adcli_enroll_unref (enroll);
Packit Service 6d40f9
Packit Service 6d40f9
	return 0;
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service ed710c
int
Packit Service ed710c
adcli_tool_computer_testjoin (adcli_conn *conn,
Packit Service ed710c
                              int argc,
Packit Service ed710c
                              char *argv[])
Packit Service ed710c
{
Packit Service ed710c
	adcli_enroll *enroll;
Packit Service ed710c
	adcli_result res;
Packit Service ed710c
	const char *ktname;
Packit Service ed710c
	int opt;
Packit Service ed710c
Packit Service ed710c
	struct option options[] = {
Packit Service ed710c
		{ "domain", required_argument, NULL, opt_domain },
Packit Service ed710c
		{ "domain-controller", required_argument, NULL, opt_domain_controller },
Packit Service ed710c
		{ "host-keytab", required_argument, 0, opt_host_keytab },
Packit Service ed710c
		{ "verbose", no_argument, NULL, opt_verbose },
Packit Service ed710c
		{ "help", no_argument, NULL, 'h' },
Packit Service ed710c
		{ 0 },
Packit Service ed710c
	};
Packit Service ed710c
Packit Service ed710c
	static adcli_tool_desc usages[] = {
Packit Service ed710c
		{ 0, "usage: adcli testjoin" },
Packit Service ed710c
		{ 0 },
Packit Service ed710c
	};
Packit Service ed710c
Packit Service ed710c
	enroll = adcli_enroll_new (conn);
Packit Service e30472
	if (enroll == NULL) {
Packit Service e30472
		warnx ("unexpected memory problems");
Packit Service e30472
		return -1;
Packit Service e30472
	}
Packit Service ed710c
Packit Service ed710c
	while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
Packit Service ed710c
		switch (opt) {
Packit Service ed710c
		case 'h':
Packit Service ed710c
		case '?':
Packit Service ed710c
		case ':':
Packit Service ed710c
			adcli_tool_usage (options, usages);
Packit Service ed710c
			adcli_tool_usage (options, common_usages);
Packit Service ed710c
			adcli_enroll_unref (enroll);
Packit Service ed710c
			return opt == 'h' ? 0 : 2;
Packit Service ed710c
		default:
Packit Service f268f3
			res = parse_option ((Option)opt, optarg, conn, enroll);
Packit Service f268f3
			if (res != ADCLI_SUCCESS) {
Packit Service f268f3
				adcli_enroll_unref (enroll);
Packit Service f268f3
				return res;
Packit Service f268f3
			}
Packit Service ed710c
			break;
Packit Service ed710c
		}
Packit Service ed710c
	}
Packit Service ed710c
Packit Service ed710c
	/* Force use of a keytab to test the join/machine account password */
Packit Service ed710c
	adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_COMPUTER_ACCOUNT);
Packit Service ed710c
	ktname = adcli_enroll_get_keytab_name (enroll);
Packit Service ed710c
	adcli_conn_set_login_keytab_name (conn, ktname ? ktname : "");
Packit Service ed710c
Packit Service ed710c
	res = adcli_enroll_load (enroll);
Packit Service ed710c
	if (res != ADCLI_SUCCESS) {
Packit Service ed710c
		adcli_enroll_unref (enroll);
Packit Service e30472
		warnx ("couldn't lookup domain info from keytab: %s",
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		return -res;
Packit Service ed710c
	}
Packit Service ed710c
Packit Service ed710c
	res = adcli_conn_connect (conn);
Packit Service ed710c
	if (res != ADCLI_SUCCESS) {
Packit Service ed710c
		adcli_enroll_unref (enroll);
Packit Service e30472
		warnx ("couldn't connect to %s domain: %s",
Packit Service ed710c
		      adcli_conn_get_domain_name (conn),
Packit Service ed710c
		      adcli_get_last_error ());
Packit Service e30472
		return -res;
Packit Service ed710c
	}
Packit Service ed710c
Packit Service ed710c
	printf ("Sucessfully validated join to domain %s\n",
Packit Service ed710c
	        adcli_conn_get_domain_name (conn));
Packit Service ed710c
Packit Service ed710c
	adcli_enroll_unref (enroll);
Packit Service ed710c
Packit Service ed710c
	return 0;
Packit Service ed710c
}
Packit Service 6d40f9
Packit Service 6d40f9
int
Packit Service 6d40f9
adcli_tool_computer_preset (adcli_conn *conn,
Packit Service 6d40f9
                            int argc,
Packit Service 6d40f9
                            char *argv[])
Packit Service 6d40f9
{
Packit Service 6d40f9
	adcli_enroll *enroll;
Packit Service 6d40f9
	adcli_result res;
Packit Service 6d40f9
	adcli_enroll_flags flags;
Packit Service 6d40f9
	int reset_password = 1;
Packit Service 6d40f9
	int opt;
Packit Service 6d40f9
	int i;
Packit Service 6d40f9
Packit Service 6d40f9
	struct option options[] = {
Packit Service 6d40f9
		{ "domain", required_argument, NULL, opt_domain },
Packit Service 6d40f9
		{ "domain-realm", required_argument, NULL, opt_domain_realm },
Packit Service 6d40f9
		{ "domain-controller", required_argument, NULL, opt_domain_controller },
Packit Service aa0613
		{ "use-ldaps", no_argument, 0, opt_use_ldaps },
Packit Service 6d40f9
		{ "domain-ou", required_argument, NULL, opt_domain_ou },
Packit Service 6d40f9
		{ "login-user", required_argument, NULL, opt_login_user },
Packit Service 6d40f9
		{ "login-ccache", optional_argument, NULL, opt_login_ccache },
Packit Service 6d40f9
		{ "no-password", no_argument, 0, opt_no_password },
Packit Service 6d40f9
		{ "stdin-password", no_argument, 0, opt_stdin_password },
Packit Service 6d40f9
		{ "prompt-password", no_argument, 0, opt_prompt_password },
Packit Service 6d40f9
		{ "one-time-password", required_argument, 0, opt_one_time_password },
Packit Service 6d40f9
		{ "service-name", required_argument, NULL, opt_service_name },
Packit Service 6d40f9
		{ "os-name", optional_argument, NULL, opt_os_name },
Packit Service 6d40f9
		{ "os-version", optional_argument, NULL, opt_os_version },
Packit Service 6d40f9
		{ "os-service-pack", optional_argument, NULL, opt_os_service_pack },
Packit Service 6d40f9
		{ "user-principal", no_argument, NULL, opt_user_principal },
Packit Service 6d40f9
		{ "verbose", no_argument, NULL, opt_verbose },
Packit Service 6d40f9
		{ "help", no_argument, NULL, 'h' },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	static adcli_tool_desc usages[] = {
Packit Service 6d40f9
		{ 0, "usage: adcli preset-computer --domain=xxxx host1.example.com ..." },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	enroll = adcli_enroll_new (conn);
Packit Service e30472
	if (enroll == NULL) {
Packit Service e30472
		warnx ("unexpected memory problems");
Packit Service e30472
		return -1;
Packit Service e30472
	}
Packit Service 6d40f9
	flags = ADCLI_ENROLL_NO_KEYTAB;
Packit Service 6d40f9
Packit Service 6d40f9
	while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
Packit Service 6d40f9
		switch (opt) {
Packit Service 6d40f9
		case opt_one_time_password:
Packit Service 6d40f9
			adcli_enroll_set_computer_password (enroll, optarg);
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		case 'h':
Packit Service 6d40f9
			adcli_tool_usage (options, usages);
Packit Service 6d40f9
			adcli_tool_usage (options, common_usages);
Packit Service 6d40f9
			adcli_enroll_unref (enroll);
Packit Service 6d40f9
			return 0;
Packit Service 6d40f9
		case '?':
Packit Service 6d40f9
		case ':':
Packit Service 6d40f9
			adcli_tool_usage (options, usages);
Packit Service 6d40f9
			adcli_tool_usage (options, common_usages);
Packit Service 6d40f9
			adcli_enroll_unref (enroll);
Packit Service 6d40f9
			return 2;
Packit Service 6d40f9
		default:
Packit Service f268f3
			res = parse_option ((Option)opt, optarg, conn, enroll);
Packit Service f268f3
			if (res != ADCLI_SUCCESS) {
Packit Service f268f3
				adcli_enroll_unref (enroll);
Packit Service f268f3
				return res;
Packit Service f268f3
			}
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		}
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	argc -= optind;
Packit Service 6d40f9
	argv += optind;
Packit Service 6d40f9
Packit Service e30472
	if (argc < 1) {
Packit Service e30472
		warnx ("specify one or more host names of computer accounts to preset");
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return EUSAGE;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
Packit Service 6d40f9
	reset_password = (adcli_enroll_get_computer_password (enroll) == NULL);
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_conn_connect (conn);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("couldn't connect to %s domain: %s",
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	for (i = 0; i < argc; i++) {
Packit Service 6d40f9
		parse_fqdn_or_name (enroll, argv[i]);
Packit Service 6d40f9
Packit Service 6d40f9
		if (reset_password)
Packit Service 6d40f9
			adcli_enroll_reset_computer_password (enroll);
Packit Service 6d40f9
Packit Service 6d40f9
		res = adcli_enroll_join (enroll, flags);
Packit Service 6d40f9
		if (res != ADCLI_SUCCESS) {
Packit Service e30472
			warnx ("presetting %s in %s domain failed: %s", argv[i],
Packit Service e30472
			       adcli_conn_get_domain_name (conn),
Packit Service e30472
			       adcli_get_last_error ());
Packit Service e30472
			adcli_enroll_unref (enroll);
Packit Service e30472
			return -res;
Packit Service 6d40f9
		}
Packit Service 6d40f9
Packit Service 6d40f9
		printf ("computer-name: %s\n", adcli_enroll_get_computer_name (enroll));
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	adcli_enroll_unref (enroll);
Packit Service 6d40f9
Packit Service 6d40f9
	return 0;
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service 6d40f9
int
Packit Service 6d40f9
adcli_tool_computer_reset (adcli_conn *conn,
Packit Service 6d40f9
                           int argc,
Packit Service 6d40f9
                           char *argv[])
Packit Service 6d40f9
{
Packit Service 6d40f9
	adcli_enroll *enroll;
Packit Service 6d40f9
	adcli_result res;
Packit Service 6d40f9
	int opt;
Packit Service 6d40f9
Packit Service 6d40f9
	struct option options[] = {
Packit Service 6d40f9
		{ "domain", required_argument, NULL, opt_domain },
Packit Service 6d40f9
		{ "domain-realm", required_argument, NULL, opt_domain_realm },
Packit Service 6d40f9
		{ "domain-controller", required_argument, NULL, opt_domain_controller },
Packit Service aa0613
		{ "use-ldaps", no_argument, 0, opt_use_ldaps },
Packit Service 6d40f9
		{ "login-user", required_argument, NULL, opt_login_user },
Packit Service 6d40f9
		{ "login-ccache", optional_argument, NULL, opt_login_ccache },
Packit Service 6d40f9
		{ "login-type", required_argument, NULL, opt_login_type },
Packit Service 6d40f9
		{ "no-password", no_argument, 0, opt_no_password },
Packit Service 6d40f9
		{ "stdin-password", no_argument, 0, opt_stdin_password },
Packit Service 6d40f9
		{ "prompt-password", no_argument, 0, opt_prompt_password },
Packit Service 6d40f9
		{ "verbose", no_argument, NULL, opt_verbose },
Packit Service 6d40f9
		{ "help", no_argument, NULL, 'h' },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	static adcli_tool_desc usages[] = {
Packit Service 6d40f9
		{ 0, "usage: adcli reset-computer --domain=xxxx host1.example.com" },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	enroll = adcli_enroll_new (conn);
Packit Service e30472
	if (enroll == NULL) {
Packit Service e30472
		warnx ("unexpected memory problems");
Packit Service e30472
		return -1;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
Packit Service 6d40f9
		switch (opt) {
Packit Service 6d40f9
		case 'h':
Packit Service 6d40f9
		case '?':
Packit Service 6d40f9
		case ':':
Packit Service 6d40f9
			adcli_tool_usage (options, usages);
Packit Service 6d40f9
			adcli_tool_usage (options, common_usages);
Packit Service 6d40f9
			adcli_enroll_unref (enroll);
Packit Service 6d40f9
			return opt == 'h' ? 0 : 2;
Packit Service 6d40f9
		default:
Packit Service f268f3
			res = parse_option ((Option)opt, optarg, conn, enroll);
Packit Service f268f3
			if (res != ADCLI_SUCCESS) {
Packit Service f268f3
				adcli_enroll_unref (enroll);
Packit Service f268f3
				return res;
Packit Service f268f3
			}
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		}
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	argc -= optind;
Packit Service 6d40f9
	argv += optind;
Packit Service 6d40f9
Packit Service e30472
	if (argc != 1) {
Packit Service e30472
		warnx ("specify one host name of computer account to reset");
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return EUSAGE;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_conn_connect (conn);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("couldn't connect to %s domain: %s",
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	parse_fqdn_or_name (enroll, argv[0]);
Packit Service 6d40f9
	adcli_enroll_reset_computer_password (enroll);
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_enroll_password (enroll, 0);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("resetting %s in %s domain failed: %s", argv[0],
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	adcli_enroll_unref (enroll);
Packit Service 6d40f9
	return 0;
Packit Service 6d40f9
}
Packit Service 6d40f9
Packit Service 6d40f9
int
Packit Service 6d40f9
adcli_tool_computer_delete (adcli_conn *conn,
Packit Service 6d40f9
                            int argc,
Packit Service 6d40f9
                            char *argv[])
Packit Service 6d40f9
{
Packit Service 6d40f9
	adcli_enroll *enroll;
Packit Service 6d40f9
	adcli_result res;
Packit Service 6d40f9
	int opt;
Packit Service 6d40f9
Packit Service 6d40f9
	struct option options[] = {
Packit Service 6d40f9
		{ "domain", required_argument, NULL, opt_domain },
Packit Service 6d40f9
		{ "domain-realm", required_argument, NULL, opt_domain_realm },
Packit Service 6d40f9
		{ "domain-controller", required_argument, NULL, opt_domain_controller },
Packit Service aa0613
		{ "use-ldaps", no_argument, 0, opt_use_ldaps },
Packit Service 6d40f9
		{ "login-user", required_argument, NULL, opt_login_user },
Packit Service 6d40f9
		{ "login-ccache", optional_argument, NULL, opt_login_ccache },
Packit Service 6d40f9
		{ "no-password", no_argument, 0, opt_no_password },
Packit Service 6d40f9
		{ "stdin-password", no_argument, 0, opt_stdin_password },
Packit Service 6d40f9
		{ "prompt-password", no_argument, 0, opt_prompt_password },
Packit Service 6d40f9
		{ "verbose", no_argument, NULL, opt_verbose },
Packit Service 6d40f9
		{ "help", no_argument, NULL, 'h' },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	static adcli_tool_desc usages[] = {
Packit Service 6d40f9
		{ 0, "usage: adcli delete-computer --domain=xxxx [host1.example.com]" },
Packit Service 6d40f9
		{ 0 },
Packit Service 6d40f9
	};
Packit Service 6d40f9
Packit Service 6d40f9
	enroll = adcli_enroll_new (conn);
Packit Service e30472
	if (enroll == NULL) {
Packit Service e30472
		warnx ("unexpected memory problems");
Packit Service e30472
		return -1;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
Packit Service 6d40f9
		switch (opt) {
Packit Service 6d40f9
		case 'h':
Packit Service 6d40f9
		case '?':
Packit Service 6d40f9
		case ':':
Packit Service 6d40f9
			adcli_tool_usage (options, usages);
Packit Service 6d40f9
			adcli_tool_usage (options, common_usages);
Packit Service 6d40f9
			adcli_enroll_unref (enroll);
Packit Service 6d40f9
			return opt == 'h' ? 0 : 2;
Packit Service 6d40f9
		default:
Packit Service f268f3
			res = parse_option ((Option)opt, optarg, conn, enroll);
Packit Service f268f3
			if (res != ADCLI_SUCCESS) {
Packit Service f268f3
				adcli_enroll_unref (enroll);
Packit Service f268f3
				return res;
Packit Service f268f3
			}
Packit Service 6d40f9
			break;
Packit Service 6d40f9
		}
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	argc -= optind;
Packit Service 6d40f9
	argv += optind;
Packit Service 6d40f9
Packit Service e30472
	if (argc > 1) {
Packit Service e30472
		warnx ("specify one host name of computer account to delete");
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return EUSAGE;
Packit Service e30472
	}
Packit Service 6d40f9
Packit Service 6d40f9
	adcli_conn_set_allowed_login_types (conn, ADCLI_LOGIN_USER_ACCOUNT);
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_enroll_load (enroll);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("couldn't lookup domain info from keytab: %s",
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_conn_connect (conn);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("couldn't connect to %s domain: %s",
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 6d40f9
	}
Packit Service 6d40f9
Packit Service 6d40f9
	if (argc == 1)
Packit Service 6d40f9
		parse_fqdn_or_name (enroll, argv[0]);
Packit Service 6d40f9
Packit Service 6d40f9
	res = adcli_enroll_delete (enroll, 0);
Packit Service 6d40f9
	if (res != ADCLI_SUCCESS) {
Packit Service e30472
		warnx ("deleting %s in %s domain failed: %s", argv[0],
Packit Service e30472
		       adcli_conn_get_domain_name (conn),
Packit Service e30472
		       adcli_get_last_error ());
Packit Service e30472
		adcli_enroll_unref (enroll);
Packit Service e30472
		return -res;
Packit Service 86276f
	}
Packit Service 86276f
Packit Service 86276f
	adcli_enroll_unref (enroll);
Packit Service 86276f
	return 0;
Packit Service 86276f
}
Packit Service 147c59
Packit Service 147c59
int
Packit Service 147c59
adcli_tool_computer_show (adcli_conn *conn,
Packit Service 147c59
                          int argc,
Packit Service 147c59
                          char *argv[])
Packit Service 147c59
{
Packit Service 147c59
	adcli_enroll *enroll;
Packit Service 147c59
	adcli_result res;
Packit Service 147c59
	int opt;
Packit Service 147c59
Packit Service 147c59
	struct option options[] = {
Packit Service 147c59
		{ "domain", required_argument, NULL, opt_domain },
Packit Service 147c59
		{ "domain-realm", required_argument, NULL, opt_domain_realm },
Packit Service 147c59
		{ "domain-controller", required_argument, NULL, opt_domain_controller },
Packit Service aa0613
		{ "use-ldaps", no_argument, 0, opt_use_ldaps },
Packit Service 147c59
		{ "login-user", required_argument, NULL, opt_login_user },
Packit Service 147c59
		{ "login-ccache", optional_argument, NULL, opt_login_ccache },
Packit Service 147c59
		{ "login-type", required_argument, NULL, opt_login_type },
Packit Service 147c59
		{ "no-password", no_argument, 0, opt_no_password },
Packit Service 147c59
		{ "stdin-password", no_argument, 0, opt_stdin_password },
Packit Service 147c59
		{ "prompt-password", no_argument, 0, opt_prompt_password },
Packit Service 147c59
		{ "verbose", no_argument, NULL, opt_verbose },
Packit Service 147c59
		{ "help", no_argument, NULL, 'h' },
Packit Service 147c59
		{ 0 },
Packit Service 147c59
	};
Packit Service 147c59
Packit Service 147c59
	static adcli_tool_desc usages[] = {
Packit Service 147c59
		{ 0, "usage: adcli show-computer --domain=xxxx host1.example.com" },
Packit Service 147c59
		{ 0 },
Packit Service 147c59
	};
Packit Service 147c59
Packit Service 147c59
	enroll = adcli_enroll_new (conn);
Packit Service 147c59
	if (enroll == NULL) {
Packit Service 147c59
		warnx ("unexpected memory problems");
Packit Service 147c59
		return -1;
Packit Service 147c59
	}
Packit Service 147c59
Packit Service 147c59
	while ((opt = adcli_tool_getopt (argc, argv, options)) != -1) {
Packit Service 147c59
		switch (opt) {
Packit Service 147c59
		case 'h':
Packit Service 147c59
		case '?':
Packit Service 147c59
		case ':':
Packit Service 147c59
			adcli_tool_usage (options, usages);
Packit Service 147c59
			adcli_tool_usage (options, common_usages);
Packit Service 147c59
			adcli_enroll_unref (enroll);
Packit Service 147c59
			return opt == 'h' ? 0 : 2;
Packit Service 147c59
		default:
Packit Service 147c59
			res = parse_option ((Option)opt, optarg, conn, enroll);
Packit Service 147c59
			if (res != ADCLI_SUCCESS) {
Packit Service 147c59
				adcli_enroll_unref (enroll);
Packit Service 147c59
				return res;
Packit Service 147c59
			}
Packit Service 147c59
			break;
Packit Service 147c59
		}
Packit Service 147c59
	}
Packit Service 147c59
Packit Service 147c59
	argc -= optind;
Packit Service 147c59
	argv += optind;
Packit Service 147c59
Packit Service 147c59
	res = adcli_conn_connect (conn);
Packit Service 147c59
	if (res != ADCLI_SUCCESS) {
Packit Service 147c59
		warnx ("couldn't connect to %s domain: %s",
Packit Service 147c59
		       adcli_conn_get_domain_name (conn),
Packit Service 147c59
		       adcli_get_last_error ());
Packit Service 147c59
		adcli_enroll_unref (enroll);
Packit Service 147c59
		return -res;
Packit Service 147c59
	}
Packit Service 147c59
Packit Service 147c59
	if (argc == 1) {
Packit Service 147c59
		parse_fqdn_or_name (enroll, argv[0]);
Packit Service 147c59
	}
Packit Service 147c59
Packit Service 147c59
	res = adcli_enroll_read_computer_account (enroll, 0);
Packit Service 147c59
	if (res != ADCLI_SUCCESS) {
Packit Service 147c59
		warnx ("couldn't read data for %s: %s",
Packit Service 147c59
		       adcli_enroll_get_host_fqdn (enroll) != NULL
Packit Service 147c59
		           ? adcli_enroll_get_host_fqdn (enroll)
Packit Service 147c59
		           : adcli_enroll_get_computer_name (enroll),
Packit Service 147c59
		       adcli_get_last_error ());
Packit Service 147c59
		adcli_enroll_unref (enroll);
Packit Service 147c59
		return -res;
Packit Service 147c59
	}
Packit Service 147c59
Packit Service 147c59
	res = adcli_enroll_show_computer_attribute (enroll);
Packit Service 147c59
	if (res != ADCLI_SUCCESS) {
Packit Service 147c59
		warnx ("couldn't print data for %s: %s",
Packit Service 147c59
		       argv[0], adcli_get_last_error ());
Packit Service 147c59
		adcli_enroll_unref (enroll);
Packit Service 147c59
		return -res;
Packit Service 147c59
	}
Packit Service 147c59
Packit Service 147c59
	adcli_enroll_unref (enroll);
Packit Service 147c59
	return 0;
Packit Service 147c59
}