|
@@ -0,0 +1,131 @@
|
|
|
+/*
|
|
|
+
|
|
|
+EmAdmin 1.0
|
|
|
+
|
|
|
+This NLM can be used in case of NDS admin loss or to
|
|
|
+recover access to an hidden OrgUnit.
|
|
|
+
|
|
|
+Run it on an Netware server holding a master or R/W replica
|
|
|
+of the [Root] partition (or other target OrgUnit you want
|
|
|
+unlock access to)
|
|
|
+
|
|
|
+If the user specified does not exist, it will be created
|
|
|
+with no password. The user will be given [SI] rights to
|
|
|
+the target OrgUnit.
|
|
|
+
|
|
|
+This source code has been made public to prevent you from using
|
|
|
+an unknown/untrusted NLM (and to pay $$ for less than 20 Netware
|
|
|
+lib C calls !)
|
|
|
+
|
|
|
+It will compile under Metrowerks CodeWarrior (+Netware SDK).
|
|
|
+
|
|
|
+Use it at your own risk. I cannot be held responsible for anything
|
|
|
+bad that could appening.
|
|
|
+
|
|
|
+Use it with hobjloc.nlm to find and unlock stealth/hidden OrgUnit.
|
|
|
+(see http://www.novell.com/coolsolutions/freetools.html).
|
|
|
+
|
|
|
+This is freeware GPL (see http://www.gnu.org/copyleft/gpl.html)
|
|
|
+CopyLeft - Jean-Francois.Burdet@adm.unige.ch - july 2000
|
|
|
+*/
|
|
|
+
|
|
|
+#include <stdlib.h>
|
|
|
+#include <stdio.h>
|
|
|
+#include <nwdsapi.h>
|
|
|
+
|
|
|
+NWDSContextHandle context;
|
|
|
+NWDSCCODE ccode;
|
|
|
+nstr8 userName[256];
|
|
|
+nstr8 targetOu[256];
|
|
|
+Object_ACL_T ACLRec;
|
|
|
+Buf_T *dsBuf = NULL;
|
|
|
+
|
|
|
+void releaseRessources() {
|
|
|
+ printf("Freeing ressources. \n");
|
|
|
+ NWDSFreeBuf(dsBuf);
|
|
|
+ NWDSLogout(context);
|
|
|
+ NWDSFreeContext(context);
|
|
|
+}
|
|
|
+
|
|
|
+void chkErr(NWDSCCODE c, pnstr err) {
|
|
|
+ if (c) {
|
|
|
+ printf("Error %s, ccode = %d\n", err, c);
|
|
|
+ releaseRessources();
|
|
|
+ printf("exiting !\n");
|
|
|
+ exit(-1);
|
|
|
+ }
|
|
|
+
|
|
|
+}
|
|
|
+
|
|
|
+
|
|
|
+void main(int argc, char *argv[]) {
|
|
|
+ printf("EmAdmin 1.0\n");
|
|
|
+ printf("NDS Emergency Admin User creation.\n");
|
|
|
+ printf("Run this nlm on a [Root] (or other target OrgUnit\n");
|
|
|
+ printf("you want unlock access to) master/rw replica holding server\n");
|
|
|
+ printf("** Use it at your own risk **\n");
|
|
|
+ printf("Freeware GPL - jean-francois.burdet@adm.unige.ch - july 2000 \n\n");
|
|
|
+ printf("Enter a user name \n(enter 'stop' to quit) \n(Example : .newadmin.org) : \n=>");
|
|
|
+ scanf("%s",userName);
|
|
|
+ if ((strcmp("stop", userName)==0) || (strcmp("", userName))==0) {
|
|
|
+ printf("Exiting on user request ... \n");
|
|
|
+ exit(0);
|
|
|
+ }
|
|
|
+
|
|
|
+ printf("Enter a target OrgUnit\n(enter 'stop' to quit) \n(Example : [Root]) : \n(Example : .MyOrg)\n=>");
|
|
|
+ scanf("%s",targetOu);
|
|
|
+ if ((strcmp("stop", targetOu)==0) || (strcmp("", targetOu))==0) {
|
|
|
+ printf("Exiting on user request ... \n");
|
|
|
+ exit(0);
|
|
|
+ }
|
|
|
+
|
|
|
+ printf("Now trying to create %s with [SI] rigths to %s\n", userName, targetOu);
|
|
|
+
|
|
|
+ printf("Init access to NDS ... ");
|
|
|
+ chkErr(NWDSCreateContextHandle(&context),"NWDSCreateContext");
|
|
|
+ chkErr(NWDSLoginAsServer(context), "NWDSLoginAsServer");
|
|
|
+ chkErr(NWDSSetContext(context, DCK_NAME_CONTEXT, "[Root]"), "NWDSSetContext");
|
|
|
+ chkErr(NWDSAllocBuf (DEFAULT_MESSAGE_LEN, &dsBuf), "NWDSAllocBuf");
|
|
|
+ chkErr(NWDSInitBuf (context, DSV_ADD_ENTRY, dsBuf), "NWDSInitBuf");
|
|
|
+ chkErr(NWDSPutAttrName (context, dsBuf, "Object Class"),"NWDSPutAttrName ""Object Class""");
|
|
|
+ chkErr(NWDSPutAttrVal(context,dsBuf,SYN_CLASS_NAME,"User"),"NWDSPutAttrVal ""Object Class""");
|
|
|
+ chkErr(NWDSPutAttrName (context, dsBuf, "Surname"),"NWDSPutAttrName ""Surname""");
|
|
|
+ chkErr(NWDSPutAttrVal(context,dsBuf,SYN_CI_STRING,"Emergency Admin"),"NWDSPutAttrVal ""Emergency Admin""");
|
|
|
+ printf("ok. \n");
|
|
|
+
|
|
|
+ printf("Creating user object ... ");
|
|
|
+ ccode = NWDSAddObject (context, userName, NULL, 0, dsBuf);
|
|
|
+ if (ccode == -606) {
|
|
|
+ printf("\n -> User already exists : assigning trustee anyway ... \n");
|
|
|
+ } else {
|
|
|
+ chkErr(ccode , "NWDSAddObject"); printf("ok. \n");
|
|
|
+ printf("Assigning empty password ... ");
|
|
|
+ chkErr(NWDSGenerateObjectKeyPair(context,userName,"",0), "NWDSGenerateObjectKeyPair");
|
|
|
+ printf("ok.\n");
|
|
|
+ }
|
|
|
+
|
|
|
+ NWDSFreeBuf(dsBuf);
|
|
|
+
|
|
|
+ printf("Assigning trustee to %s ... ", targetOu);
|
|
|
+ chkErr( NWDSAllocBuf(DEFAULT_MESSAGE_LEN, &dsBuf), "NWDSAllocBuf");
|
|
|
+ chkErr( NWDSInitBuf(context, DSV_MODIFY_ENTRY, dsBuf), "NWDSInitBuf");
|
|
|
+ chkErr( NWDSPutChange(context,dsBuf,DS_ADD_VALUE,"ACL"), "NWDSPutChange");
|
|
|
+
|
|
|
+ ACLRec.protectedAttrName = "[Entry Rights]";
|
|
|
+ ACLRec.subjectName = userName;
|
|
|
+ ACLRec.privileges = DS_ENTRY_SUPERVISOR & (~DS_ENTRY_INHERIT_CTL);
|
|
|
+ chkErr( NWDSPutAttrVal(context,dsBuf,SYN_OBJECT_ACL,(void *)&ACLRec), "NWDSPutAttVal");
|
|
|
+ ccode = NWDSModifyObject(context,targetOu, NULL, 0, dsBuf);
|
|
|
+ if (ccode == -614) {
|
|
|
+ printf("\n -> Trustee assignment already exist\n");
|
|
|
+ } else {
|
|
|
+ chkErr(ccode , "NWDSModifyObject");
|
|
|
+ printf("ok. \n");
|
|
|
+ printf("=> full success.\n");
|
|
|
+ }
|
|
|
+
|
|
|
+ releaseRessources();
|
|
|
+ printf("Exiting.\n");
|
|
|
+ exit(0);
|
|
|
+}
|
|
|
+
|