%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python3/dist-packages/samba/netcmd/domain/__pycache__/
Upload File :
Create Path :
Current File : //lib/python3/dist-packages/samba/netcmd/domain/__pycache__/trust.cpython-312.pyc

�

�I�d����ddlZddlmZddlZddlmZddlZddlmZm	Z	m
Z
mZddlm
Z
ddlmZmZmZmZmZddlmZddlmZmZmZmZddlmZdd	lmZGd
�dej>�Z Gd�d
e�Z!Gd�de!�Z"Gd�de!�Z#Gd�de!�Z$Gd�de!�Z%Gd�de!�Z&Gd�de!�Z'Gd�de!�Z(Gd�de�Z)y)�N)�getpass)�
NTSTATUSError�ntstatus�string_to_byte_array�werror)�system_session)�drsblobs�lsa�nbt�netlogon�security)�Net)�Command�CommandError�Option�SuperCommand)�SamDB)�CreateTrustedDomainRelaxc��eZdZd�Zy)�LocalDCCredentialsOptionsc�H�tjj||d��y)Nzlocal-dc)�special_name)�options�CredentialsOptions�__init__)�self�parsers  �;/usr/lib/python3/dist-packages/samba/netcmd/domain/trust.pyrz"LocalDCCredentialsOptions.__init__)s���"�"�+�+�D�&�z�+�R�N��__name__�
__module__�__qualname__r�rrrr(s��Srrc��eZdZdZd�Zd�Zd�ZGd�de�ZGd�de�Z	Gd	�d
e�Z
d�Zd�Zd
�Z
d�Z		d#d�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zd$d�Zd$d�Zd�Zd�Zd�Zd�Zd�Zd �Z d%d"�Z!y!)&�DomainTrustCommand�List domain trusts.c��tj|�d|_d|_d|_d|_d|_d|_d|_y�N)	rr�local_lp�local_server�local_binding_string�local_creds�
remote_server�remote_binding_string�remote_creds�rs rrzDomainTrustCommand.__init__0sG���������
� ���$(��!����!���%)��"� ��rc�@�tj|�jSr))�ctypes�c_uint32�value)r�vs  r�_uint32zDomainTrustCommand._uint32<s�����q�!�'�'�'rc�R�|�y|j|jd�}||k(ryy)NFrT)r7�args)r�runtime�val�err32s    r�check_runtime_errorz&DomainTrustCommand.check_runtime_error?s-���?�����W�\�\�!�_�-���C�<��rc��eZdZd�Zy)�$DomainTrustCommand.LocalRuntimeErrorc��|j|jd�}|jd}d|j|||fz}tj||�y)Nr�z%LOCAL_DC[%s]: %s - ERROR(0x%08X) - %s)r7r9r+rr��exception_selfrr:�messager<�errstr�msgs       rrz-DomainTrustCommand.LocalRuntimeError.__init__JsS���L�L����a��1�E��\�\�!�_�F�9��#�#�W�e�V�==�=�C��!�!�.�#�6rNr r$rr�LocalRuntimeErrorr?I���	7rrGc��eZdZd�Zy)�%DomainTrustCommand.RemoteRuntimeErrorc��|j|jd�}|jd}d|j|||fz}tj||�y)NrrAz&REMOTE_DC[%s]: %s - ERROR(0x%08X) - %s)r7r9r.rrrBs       rrz.DomainTrustCommand.RemoteRuntimeError.__init__RsS���L�L����a��1�E��\�\�!�_�F�:��$�$�g�u�f�>>�>�C��!�!�.�#�6rNr r$rr�RemoteRuntimeErrorrJQrHrrLc��eZdZd�Zy)� DomainTrustCommand.LocalLdbErrorc��|jd}|jd}d|j|||fz}tj||�y)NrrAz!LOCAL_DC[%s]: %s - ERROR(%d) - %s)r9r+rr)rCr�	ldb_errorrD�errvalrErFs       rrz)DomainTrustCommand.LocalLdbError.__init__ZsL���^�^�A�&�F��^�^�A�&�F�5��#�#�W�f�f�9>�>�C��!�!�.�#�6rNr r$rr�
LocalLdbErrorrNYrHrrRc��|j�|jS|j�}|j}|�B|j�}|dk7rt	d|z��|jd�}d}d}|dz
}d}d}	nd}d}d|z}|j
|�}	||_||_|�d	|�d
|�d�|_||_	|	|_
|jS)N�ROLE_ACTIVE_DIRECTORY_DCzInvalid server_role %sznetbios name�ncalrpc�z,auth_type=ncalrpc_as_system�ncacn_npz	ldap://%s�:�[�])r+�get_loadparm�	ipaddress�server_roler�get�get_credentialsr*r,�local_ldap_urlr-)
r�	sambaopts�localdcopts�lpr+r]�local_transport�local_binding_optionsr`r-s
          r�setup_local_serverz%DomainTrustCommand.setup_local_serveras������(��$�$�$�
�
#�
#�
%��"�,�,�����.�.�*�K��8�8�"�#;�{�#K�L�L��6�6�.�1�L�'�O�$&�!�!�%C�C�!�!�N��K�(�O�$&�!�(�<�7�N�%�5�5�b�9�K���
�(���3B�L�Rg�$h��!�,���&���� � � rc�l�tj|j|j|j�Sr))r
�lsarpcr,r*r-r1s r�new_local_lsa_connectionz+DomainTrustCommand.new_local_lsa_connection�s%���z�z�$�3�3�T�]�]�D�DT�DT�U�Urc�l�tj|j|j|j�Sr))rr,r*r-r1s r�new_local_netlogon_connectionz0DomainTrustCommand.new_local_netlogon_connection�s'��� � ��!:�!:�D�M�M�4�K[�K[�\�\rc�l�t|jt�|j|j��S)N)�url�session_info�credentialsrc)rr`rr-r*r1s r�new_local_ldap_connectionz,DomainTrustCommand.new_local_ldap_connection�s-����,�,�"0�"2�!%�!1�!1��
�
�'�	'rc	���|r|sJ�|j�|jSd|z|_|j�J�|j|j�}|j}d}	t||j|��}tjtjz}	|r|	tjz}	|r|	tjz}	|j|	||��}
itjd	�tj d
�tjd�tjd�tj"d
�tj$d�tj&d�tjd�tj(d�tj*d�tj,d�tj.d�tj0d�tj2d�tj4d�tj6d�tj8d�tj:dtj<di�}|j?||
j@d��}
|jBjEd|
jF�d|
jH�d |
�d!��|
jH|_d"|j�d#|�d$�|_%||_&|jS#t$r#}td|�d|jd����d}~wt$rtd|z��wxYw)%Nz__unknown__remote_server__.%srV)�server)�flags�domain�addressz*Failed to find a writeable DC for domain 'z': rAz-Failed to find a writeable DC for domain '%s'�PDC�GC�LDAP�DS�KDC�TIMESERV�CLOSEST�WRITABLE�
GOOD_TIMESERV�NDNC�SELECT_SECRET_DOMAIN_6�FULL_SECRET_DOMAIN_6�ADS_WEB_SERVICE�DS_8�DS_9�DS_10�HAS_DNS_NAME�
IS_DEFAULT_NC�FOREST_ROOTT��
names_onlyzRemoteDC Netbios[�] DNS[z
] ServerType[�]
z	ncacn_np:rYrZ)'r.r+r_r*r\rr�NBT_SERVER_LDAP�
NBT_SERVER_DS�NBT_SERVER_WRITABLE�NBT_SERVER_PDC�finddcrrr9�	Exception�
NBT_SERVER_GC�NBT_SERVER_KDC�NBT_SERVER_TIMESERV�NBT_SERVER_CLOSEST�NBT_SERVER_GOOD_TIMESERV�NBT_SERVER_NDNC�!NBT_SERVER_SELECT_SECRET_DOMAIN_6�NBT_SERVER_FULL_SECRET_DOMAIN_6�NBT_SERVER_ADS_WEB_SERVICE�NBT_SERVER_DS_8�NBT_SERVER_DS_9�NBT_SERVER_DS_10�NBT_SERVER_HAS_DNS_NAME�NBT_SERVER_IS_DEFAULT_NC�NBT_SERVER_FOREST_ROOT�generic_bitmap_to_string�server_type�outf�write�pdc_name�pdc_dns_namer/r0)r�credoptsrt�require_pdc�require_writabler0r.�remote_binding_options�
remote_net�remote_flags�remote_info�error�flag_map�server_type_strings              r�setup_remote_serverz&DomainTrustCommand.setup_remote_server�s���#�#�#����)��%�%�%�<�v�E���� � �,�,�,��/�/��
�
�>�� �*�*�
�!#��
	Y��\�4�=�=��O�J��.�.��1B�1B�B�L���� 7� 7�7����� 2� 2�2��$�+�+�,�v�Wd�+�e�K�
�����
����t�
�
����
�
���t�	
�

����
�
�#�#�Z�

�
�"�"�I�
�
�#�#�Z�
�
�(�(�/�
�
����
�
�1�1�3K�
�
�/�/�1G�
�
�*�*�,=�
�
����
�
����
� 
� � �'�!
�"
�'�'��#
�$
�(�(�/��&�&�
�'
��*"�:�:�8�;F�;R�;R�_c�;�e���	�	���#�,�,�#�0�0�*�,�	-�
)�5�5���:>�:L�:L�Nd�%e��"�(����!�!�!��I�	8�� &��
�
�1�
� 7�8�
8���	Y��N�QW�W�X�X�	Y�s�!A7J0�0	K2�9K�K2c�l�tj|j|j|j�Sr))r
rhr/r*r0r1s r�new_remote_lsa_connectionz,DomainTrustCommand.new_remote_lsa_connection�s%���z�z�$�4�4�d�m�m�T�EV�EV�W�Wrc�l�tj|j|j|j�Sr))rr/r*r0r1s r�new_remote_netlogon_connectionz1DomainTrustCommand.new_remote_netlogon_connection�s'��� � ��!;�!;�T�]�]�D�L]�L]�^�^rc���tj�}tj�|_|j	djd�||�}|j
|tj�}||fS)Nrzutf-8)r
�ObjectAttribute�QosInfo�sec_qos�OpenPolicy2�decode�QueryInfoPolicy2�LSA_POLICY_INFO_DNS)r�conn�
policy_access�
objectAttr�policy�infos      r�get_lsa_infozDomainTrustCommand.get_lsa_info�sb���(�(�*�
� �[�[�]�
���!�!�#�*�*�W�"5�",�m�=���$�$�V�S�-D�-D�E����~�rc	��	|j|dddddtj�}|jS#t$r|j||�cYSwxYw�Nr)�netr_DsRGetDCNameEx2r�DS_RETURN_DNS_NAME�dc_unc�RuntimeError�netr_GetDcName)rr�rrrtr�s     r�get_netlogon_dc_uncz&DomainTrustCommand.get_netlogon_dc_unc�s\��	7��,�,�V�-1�1�d�D�$�-5�-H�-H�J�D��;�;����	7��&�&�v�v�6�6�	7�s�03�A�Ac	�P�|j|dddddtj�}|Sr�)r�rr�)rr�rrr�s    r�get_netlogon_dc_infoz'DomainTrustCommand.get_netlogon_dc_info�s0���(�(��)-�q�$��d�)1�)D�)D�F���rc�l�|jtjk(r|jS|jSr))�
trust_typer
�LSA_TRUST_TYPE_DOWNLEVEL�netbios_name�dns_name�r�ts  r�netr_DomainTrust_to_namez+DomainTrustCommand.netr_DomainTrust_to_name�s(���<�<�3�7�7�7��>�>�!��z�z�rc��d}d}|D]O}|jtjzs�!|}|jtjzs||j}n|jtj
zr8||ury|jtjzry||j}||uryy|jtjzryy)N�Parent�TreeRoot�Child�Shortcut�Forest�External)	�trust_flagsr�NETR_TRUST_FLAG_PRIMARY�NETR_TRUST_FLAG_TREEROOT�parent_index�NETR_TRUST_FLAG_IN_FOREST�trust_attributesr
�%LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)r�ar��primary�primary_parent�_t�parents       r�netr_DomainTrust_to_typez+DomainTrustCommand.netr_DomainTrust_to_type�s��������	�B��~�~�� @� @�@����~�~��(I�(I�I�%&�r���%7�N��	�
�=�=�8�=�=�=��N�"���}�}�x�@�@�@�!��q�~�~�&�F��� ������� I� I�I��rc��|jtjzry|jtj
zry|jtjzryy)N�Yes�No)r�rr�r�r
�"LSA_TRUST_ATTRIBUTE_NON_TRANSITIVEr�r�s  r�netr_DomainTrust_to_transitivez1DomainTrustCommand.netr_DomainTrust_to_transitivesH���=�=�8�=�=�=������ F� F�F������ I� I�I��rc���|jtjzr|jtjzry|jtjzry|jtjzryy)N�BOTH�INCOMING�OUTGOING�INVALID)r�r�NETR_TRUST_FLAG_INBOUND�NETR_TRUST_FLAG_OUTBOUNDr�s  r�netr_DomainTrust_to_directionz0DomainTrustCommand.netr_DomainTrust_to_directionsV���=�=�8�;�;�;��=�=�8�<�<�<���=�=�8�;�;�;���=�=�8�<�<�<��rc�j�	||}d||fz}|S#t$r|j|�}d|z}Y�*wxYw)Nz__unknown__%08X__�	0x%x (%s))�KeyErrorr7)r�e_dictr6r��w�v32�rs       r�generic_enum_to_stringz)DomainTrustCommand.generic_enum_to_string)sM��	*��q�	�A�

�1�a�&� ������	*��,�,�q�/�C�#�c�)�A�	*�s��2�2c���g}|}t|j��D]}||zs�	||z}|||gz
}�|dk7r|j|�}|d|zgz
}dj|�}|r|Sd||fz}	|	S)Nrz__unknown_%08X__�,r�)�sorted�keysr7�join)
r�b_dictr6r��s�c�b�c32r�r�s
          rr�z+DomainTrustCommand.generic_bitmap_to_string3s�����
������
�&�	�A���E��
�!��G�A�
�&��)���A�		�
��6��,�,�q�/�C�
�$�s�*�+�+�A��H�H�Q�K����H��1�a�&� ���rc��tjdtjdtjdtjdi}|j||�S)N�	DOWNLEVEL�UPLEVEL�MIT�DCE)r
r��LSA_TRUST_TYPE_UPLEVEL�LSA_TRUST_TYPE_MIT�LSA_TRUST_TYPE_DCEr�)rr6�typess   r�trustType_stringz#DomainTrustCommand.trustType_stringHsJ���(�(�+��&�&�	��"�"�E��"�"�E�	
���*�*�5�!�4�4rc��tjtjzdtjdtjdi}|j||�S)Nr��INBOUND�OUTBOUND)r
�LSA_TRUST_DIRECTION_INBOUND�LSA_TRUST_DIRECTION_OUTBOUNDr�)rr6�
directionss   r�trustDirection_stringz(DomainTrustCommand.trustDirection_stringQsN���+�+��,�,�
-�.4��+�+�Y��,�,�j�	
�
��*�*�:�q�9�9rc�*�tjdtjdtjdtjdtj
dtjdtjdtjdi}|j||�S)	N�NON_TRANSITIVE�UPLEVEL_ONLY�QUARANTINED_DOMAIN�FOREST_TRANSITIVE�CROSS_ORGANIZATION�
WITHIN_FOREST�TREAT_AS_EXTERNAL�USES_RC4_ENCRYPTION)
r
r�� LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY�&LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAINr��&LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION�!LSA_TRUST_ATTRIBUTE_WITHIN_FOREST�%LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL�'LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTIONr�)rr6�
attributess   r�trustAttributes_stringz)DomainTrustCommand.trustAttributes_stringZs|���2�2�4D��0�0�.��6�6�8L��5�5�7J��6�6�8L��1�1�?��5�5�7J��7�7�9N�	
�
��,�,�Z��;�;rc�j�tjdtjdtjdtjdtj
dtjdtjdtjdtjd	tjd
i
}|j||�S)N�DES_CBC_CRC�DES_CBC_MD5�RC4_HMAC_MD5�AES128_CTS_HMAC_SHA1_96�AES256_CTS_HMAC_SHA1_96zAES256_CTS_HMAC_SHA1_96-SK�FAST_SUPPORTED�COMPOUND_IDENTITY_SUPPORTED�CLAIMS_SUPPORTED�!RESOURCE_SID_COMPRESSION_DISABLED)r
�KERB_ENCTYPE_DES_CBC_CRC�KERB_ENCTYPE_DES_CBC_MD5�KERB_ENCTYPE_RC4_HMAC_MD5�$KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96�$KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96�'KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96_SK�KERB_ENCTYPE_FAST_SUPPORTED�(KERB_ENCTYPE_COMPOUND_IDENTITY_SUPPORTED�KERB_ENCTYPE_CLAIMS_SUPPORTED�.KERB_ENCTYPE_RESOURCE_SID_COMPRESSION_DISABLEDr�)rr6�enctypess   r�kerb_EncTypes_stringz'DomainTrustCommand.kerb_EncTypes_stringgs����-�-�}��-�-�}��.�.���9�9�;T��9�9�;T��<�<�>Z��0�0�2B��=�=�?\��2�2�4F��C�C�Eh�
���,�,�X�q�9�9rc��|dk(rytjdtjdtjdi}d|j	||d��zS)	Nr�Status[Enabled]zDisabled-New�DisabledzDisabled-Conflicting�
Status[%s]Tr�)r
�LSA_TLN_DISABLED_NEW�LSA_TLN_DISABLED_ADMIN�LSA_TLN_DISABLED_CONFLICTr��r�e_flagsrss   r�entry_tln_statusz#DomainTrustCommand.entry_tln_statusvsW���a�<�$�
�$�$�n��&�&�
��)�)�+A�
��
�d�;�;�E�7�W[�;�\�\�\rc��|dk(rytjdtjdtjdtjdi}d|j||d�	�zS)
NrrCzDisabled-SIDzDisabled-SID-ConflictingzDisabled-NBzDisabled-NB-ConflictingrETr�)r
�LSA_SID_DISABLED_ADMIN�LSA_SID_DISABLED_CONFLICT�LSA_NB_DISABLED_ADMIN�LSA_NB_DISABLED_CONFLICTr�rIs   r�entry_dom_statusz#DomainTrustCommand.entry_dom_status�sc���a�<�$�
�&�&���)�)�+E��%�%�}��(�(�*C�	
���d�;�;�E�7�W[�;�\�\�\rNc���|�d|z}nd}|jjdt|j�|fz�t	|j�D�]�\}}|j
}d}|�F|jD]7}	|	j|k7r�|	j
}d|	jjz}�9|j}
|jtjk(r@|jjd|j|�d�d|
j�d|�d	����|jtjk(r/|jjd
dd�d|
j�d����|jtjk(s��1|jjd
|j!|�d�d|
j"j�d|
j$j�d|
j&�d|�d	�����y)Nz TDO[%s]rVzNamespaces[%d]%s:
z Collision[%s]�TLN: �32� DNS[*.rZ�
zTLN_EX: �29r�zDOM: z DNS[z
] Netbios[�] SID[)r�r��len�entries�	enumeraters�index�name�string�forest_trust_data�typer
�LSA_FOREST_TRUST_TOP_LEVEL_NAMErK�"LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX�LSA_FOREST_TRUST_DOMAIN_INFOrQ�dns_domain_name�netbios_domain_name�
domain_sid)r�fti�tln�
collisions�
tln_string�i�ers�collision_stringr�ds           r�write_forest_trust_infoz*DomainTrustCommand.write_forest_trust_info�s����?�#�c�)�J��J��	�	���-��C�K�K�(�*�16�6�	7��c�k�k�*�	A�D�A�q��G�G�E�!���%�#�+�+�J�A��w�w�!�|� ��G�G�E�'7�1�6�6�=�=�'I�$�	J��#�#�A��v�v��<�<�<��	�	��� $� 5� 5�e� <� !���*:�!<�=����3�A�A�A��	�	��� "�A�H�H�!.�/����3�;�;�;��	�	��� $� 5� 5�e� <� !� 1� 1� 8� 8� !� 5� 5� <� <� !���.>�	!@�A�+	A�4	r)TT)F)NN)"r!r"r#�__doc__rr7r=rrGrLrRrfrirkrpr�r�r�r�r�r�r�r�r�r�r�r�rrr+rArKrQror$rrr&r&-s����
!�(��7�L�7�7�\�7�7��7�!�>V�]�'�)-�-1�@"�DX�_�	�7����8
����*5�:�<�
:�	]�
]�#rr&c�T�eZdZdZdZejejed�Z	gZ
dd�Zy)�cmd_domain_trust_listr'z%prog [options]�ra�versionoptsrbNc
��|j||�}	|j�}	|j	|t
jt
jzt
jz�}|j}|D]�}	|	jt
jzr�!|j j#d|j%||	�zd�dd|j'|	�zd�dd	|j)|	�zd
�dd|j+|	�z�d����y#t$r}|j||d��d}~wwxYw#t$rF}|j|tj�rtd|z��|j||d��d}~wwxYw)
N�!failed to connect netlogon serverz:LOCAL_DC[%s]: netr_DsrEnumerateDomainTrusts not supported.z$netr_DsrEnumerateDomainTrusts failedzType[%s]�14� zTransitive[%s]�15z
Direction[%s]�19zName[%s]rV)rfrkr�rG�netr_DsrEnumerateDomainTrustsrr�r�r�r=r�WERR_RPC_S_PROCNUM_OUT_OF_RANGEr�arrayr�r�r�r�r�r�r�r�)
rrartrbr+�local_netlogonr��local_netlogon_trustsr�r�s
          r�runzcmd_domain_trust_list.run�s����.�.�y�+�F��	[�!�?�?�A�N�	^��<�<�\�=E�=_�=_�=E�=^�=^�>_�=E�=]�=]�>^�_�
"�
"�'�'���	L�A��}�}�x�?�?�?���I�I�O�O�&��)F�)F�q�!�)L�L�,�t�/R�/R�ST�/U�U�+�d�.P�.P�QR�.S�S�&��)F�)F�q�)I�I�	K�
L�	L�	��3�	[��(�(��u�6Y�Z�Z��	[���	^��'�'��v�/U�/U�V�"�#_�#/�$1�2�2��(�(��u�6\�]�]��	^�s0�D�AD0�	D-�D(�(D-�0	E?�9AE:�:E?�NNN)r!r"r#rp�synopsisr�SambaOptions�VersionOptionsr�takes_optiongroups�
takes_optionsr�r$rrrrrr�s5��� �H��)�)��-�-�0����M�rrrc�Z�eZdZdZdZejejed�Z	gZ
dgZdd�Zy)�cmd_domain_trust_show�Show trusted domain details.�%prog NAME [options]rsrtNc	��
�|j||�	|j�}	tj
}|j
||�\}}	|jjd|	jj�d|	jj�d|	j�d��t	j�}
||
_
	|j||
tj�}|j }|j"}
	|j||
tj.�}	d}|j8tj:zr!|j=||
tj>�}|jjd�|jjd
|jJjz�|jJj|jLjk7r2|jjd|jLjz�|jjd|jz�|jjd|jO|jP�z�|jjd|jS|jT�z�|jjd|jW|j8�z�tYjZ|
j"�j\}tYj^|
j"�j\}|jjd||fz�|jjd|ja|j6�z�|j8tj:zr'|jc||jLj��y#t$r}|j||d��d}~wwxYw#t$r}|j||d��d}~wwxYw#t$$rF}|j'|t(j*�rt-d|z��|j||d��d}~wwxYw#t$$r}|j'|t(j0�rd}|j'|t(j2�rd}|�|j||d	��t	j4�}d
|_Yd}~���d}~wwxYw#t$r�}|j'|t(j@�rd}|j'|t(jB�rd}|�|j||d��t	jD�}d
|_#g|_$Yd}~��d}~wwxYw)N�failed to connect lsa server�#failed to query LSA_POLICY_INFO_DNS�LocalDomain Netbios[r�rXr��4trusted domain object does not exist for domain [%s]z.QueryTrustedDomainInfoByName(FULL_INFO) failed�?QueryTrustedDomainInfoByName(SUPPORTED_ENCRYPTION_TYPES) failedrz&lsaRQueryForestTrustInformation failedzTrustedDomain:

zNetbiosName:    %s
zDnsName:        %s
zSID:            %s
zType:           %s
zDirection:      %s
zAttributes:     %s
zPosixOffset:    0x%08X (%d)
zkerb_EncTypes:  %s
�rh)2rfrir�rGr
�!LSA_POLICY_VIEW_LOCAL_INFORMATIONr�r�r�r]r^�
dns_domain�sid�String�QueryTrustedDomainInfoByName�!LSA_TRUSTED_DOMAIN_INFO_FULL_INFO�info_ex�posix_offsetrr=r�NT_STATUS_OBJECT_NAME_NOT_FOUNDr�-LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES�NT_STATUS_INVALID_PARAMETER�NT_STATUS_INVALID_INFO_CLASS� TrustDomainInfoSupportedEncTypes�	enc_typesr�r��lsaRQueryForestTrustInformationrc�"NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE�NT_STATUS_NOT_FOUND�ForestTrustInformation�countrZr��domain_namerr�r�trust_directionr+r3r4r5�c_int32rAro)rrtrartrb�	local_lsar��local_policy_access�local_policy�local_lsa_info�	lsaString�local_tdo_full�local_tdo_info�local_tdo_posix�local_tdo_enctypes�local_tdo_forest�posix_offset_u32�posix_offset_i32s                  rr�zcmd_domain_trust_show.run�s������	�;�7�	V��5�5�7�I�	]�"%�"G�"G��-1�->�->�y�J]�-^�*�\�>�	
�	�	���&�+�+�2�2�&�1�1�8�8�&�*�*�,�	-�
�J�J�L�	�!�	��	h��6�6�|�7@�7:�7\�7\�^�
�,�3�3�N�,�9�9�O�	-��6�6�|�7@�7:�7h�7h�j�
�"	*�#���.�.��1Z�1Z�Z��=�=�l�>G�>A�>^�>^�`�!� 	
�	�	���,�-��	�	���.��1L�1L�1S�1S�S�T��&�&�-�-��1K�1K�1R�1R�R��I�I�O�O�2�^�5O�5O�5V�5V�V�W��	�	���.��1C�1C�C�D��	�	���.��1F�1F�~�G`�G`�1a�a�b��	�	���.��1K�1K�N�Lj�Lj�1k�k�l��	�	���.��1L�1L�^�Ml�Ml�1m�m�n�!�?�?�?�+G�+G�H�N�N��!�>�>�/�*F�*F�G�M�M���	�	���7�;K�M]�:^�^�_��	�	���.��1J�1J�K]�Kg�Kg�1h�h�i��*�*�S�-V�-V�V��(�(�)9�-;�-G�-G�-N�-N�
)�
P�	��g�	V��(�(��u�6T�U�U��	V���	]��(�(��u�6[�\�\��	]��"�	h��'�'��x�/W�/W�X�"�#Y�\b�#b�c�c��(�(��u�6f�g�g��		h���	-��'�'��x�/S�/S�T����'�'��x�/T�/T�U���� ��,�,�T�5�-n�p�p�"%�!E�!E�!G��+,��(�(��	-��(�
	*��'�'��x�/Z�/Z�[����'�'��x�/K�/K�L���� ��,�,�T�5�:b�c�c�"�9�9�;��%&��"�')��$�$��
	*�sz�O�%O$�=9P�7!Q�AS%�	O!�	O�O!�$	P�-P�P�	Q�AQ�Q�	S"�#A4S�S"�%	U4�.A;U/�/U4r�)
r!r"r#rpr�rr�r�rr�r��
takes_argsr�r$rrr�r��s?��&�%�H��)�)��-�-�0����M���J�Xrr�c	��eZdZdZdZejejed�Z	e
ddddd�	�e
d
dddd�	�e
d
dddd�	�gZdgZ		dd�Z
y)�cmd_domain_trust_modifyr�r�rsz--use-aes-keys�
store_truez!The trust uses AES kerberos keys.�use_aes_keysN��action�help�dest�default�
--no-aes-keysz:The trust does not have any support for AES kerberos keys.�disable_aes_keysz--raw-kerb-enctypes�storezThe raw kerberos enctype bits�
kerb_enctypesrtc	��d}d}	|�|	dz
}	|�|	dz
}	|�|	dz
}	|	dkDrtd��|	dk(r|dz
}|dk(rtd��|j||�	|j�}
	t
j}|t
jz}|j|
|�\}
}|jjd|jj�d|jj�d	|j�d
��|	dk(�r�tj�}||_	|
j!|
|t
j"�}|jjd|j3|j0�z�tj.�}|�t5|d�
�|_n^|�9t6j8|_|xj0t6j:zc_n#|�t6j<|_ntd��|j0|j0k7r[	|
j?|
|t
j"|�}|jjd|j3|j0�z�y|jjd�y#t$r}|j	||d��d}~wwxYw#t$r}|j	||d��d}~wwxYw#t$$r}|j'|t(j*�rd}|j'|t(j,�rd}|�|j	||d��tj.�}d|_Yd}~��d}~wwxYw#t$$r}|�|j	||d��Yd}~yd}~wwxYw)NrrAzL--no-aes-keys, --use-aes-keys and --raw-kerb-enctypes are mutually exclusivez/modification arguments are required, try --helpzfailed to connect to lsa serverr�r�r�rXr�r�zOld kerb_EncTypes:  %s
)�basez&Internal error should be checked abovezNew kerb_EncTypes:  %s
z=SetTrustedDomainInfoByName(SUPPORTED_ENCRYPTION_TYPES) failedzNo kerb_EncTypes update needed
) rrfrir�rGr
r��LSA_POLICY_TRUST_ADMINr�r�r�r]r^r�r�r�r�r�rr=rr�r�r�r�rA�intr
r9r:r8�SetTrustedDomainInfoByName)rrtrartrbr�r�r��num_modifications�enctype_argsr�r�r�r�r�r�r�r�s                  rr�zcmd_domain_trust_modify.runhs��������$��A��L��#��A��L��'��A��L��!���m�n�n��1����"����!��P�Q�Q����	�;�7�	Y��5�5�7�I�	]�"%�"G�"G���3�#=�#=�=��-1�->�->�y�J]�-^�*�\�>�	
�	�	���&�+�+�2�2�&�1�1�8�8�&�*�*�,�	-�
�1���
�
��I�%�I��
1��:�:�<�;D�;>�;l�;l�n�#�"
�I�I�O�O�6��9R�9R�Se�So�So�9p�p�q��<�<�>�I��(�&)�-�a�&@�	�#��)�&.�&S�&S�	�#��#�#�x�'T�'T�T�#�!�-�'/�&H�&H�	�#�"�#K�L�L��"�"�&8�&B�&B�B�
v�!�<�<�\�=F�=@�=n�=n�=F�H�'�
�I�I�O�O�$>��AZ�AZ�[d�[n�[n�Ao�$o�p�	��	�	��� B�C���G�	Y��(�(��u�6W�X�X��	Y���	]��(�(��u�6[�\�\��	]��"!�
1��+�+�E�8�3W�3W�X� �E��+�+�E�8�3X�3X�Y� �E��$��0�0��u�1r�t�t�&)�%I�%I�%K�"�/0�"�,�,��
1��H%�v��(�"�4�4�T�5�5t�v�v�)�	��v�sb�J�(8J,�!K�AM�	J)�J$�$J)�,	K
�5K�K
�	M�A4M�M�	N�$M>�>N)NNNNNN�r!r"r#rpr�rr�r�rr�rr�r�r�r$rrr�r�Ls���&�%�H��)�)��-�-�0���	���7�"��	�	��|�P�&��	�	�$�W�3�#��	�
�M���J�HL�DH�Zrr�c�r�eZdZdZdZejejeje	d�Z
edddddgd	d
d��eddd
gd�ddd��edddddgddd��eddddd��edddgd�d d!d"��ed#dd$d%d��ed&dd'd(d��ed)d*d+d,d-��ed.d*d/d0d-��g	Zd1gZ
					d3d2�Zy")4�cmd_domain_trust_createz Create a domain or forest trust.�%prog DOMAIN [options]�rartr�rbz--type�choice�TYPE�external�forestz.The type of the trust: 'external' or 'forest'.r��r`�metavar�choicesr�r�r�z--direction�	DIRECTION)�incoming�outgoing�bothz6The trust direction: 'incoming', 'outgoing' or 'both'.r�r�z--create-location�LOCATION�localz=Where to create the trusted domain object: 'local' or 'both'.�create_locationz--cross-organisationr�z=The related domains does not belong to the same organisation.�cross_organisationFr�z
--quarantinedzyes|no)�yes�noNz�Special SID filtering rules are applied to the trust. With --type=external the default is yes. With --type=forest the default is no.�quarantined_argNz--not-transitivez#The forest trust is not transitive.�not_transitivez--treat-as-externalz'The treat the forest trust as external.�treat_as_externalr��store_falsez)The trust does not use AES kerberos keys.r�Tz--skip-validationzSkip validation of the trust.�validatertc	�X&��tj�}d}|
�|dk(r
d}n|
dk(rd}|dk7r|rtd��|rtd��tj�}|
r9tj
|_|xjtjzc_ntj|_tj}|tjz}|tjz}tj�}tj|_d|_|d	k(rG|xjtj zc_|xjtj"zc_nQ|d
k(r$|xjtj zc_n(|dk(r#|xjtj"zc_d|_|	r#|xj$tj&zc_|r#|xj$tj(zc_|dk(r#|xj$tj*zc_|r#|xj$tj,zc_|r#|xj$tj.zc_�fd�}d}d}tj}|d
k(r�|jtj zr"|d�}t1|j3d��}|jtj"zr"|d�}t1|j3d��}d}�nd�}|jtj zr|d�}|jtj"zr|d�}|tjz}|tjz}tj�}tj|_d|_|d	k(rG|xjtj zc_|xjtj"zc_nQ|d
k(r$|xjtj"zc_n(|dk(r#|xjtj zc_d|_|	r#|xj$tj&zc_|r#|xj$tj(zc_|dk(r#|xj$tj*zc_|r#|xj$tj,zc_|r#|xj$tj.zc_�j5||�}	�j7�}	�j=||�\}} �j>jAd| jBjD�d| jFjD�d| jH�d��	�jK||�}!	�jO�}"	�j=|"|�\}#}$�j>jAd|$jBjD�d|$jFjD�d|$jH�d��|$jFjD|jP_"|$jBjD|jR_"|$jH|_$|r[| jFjD|jP_"| jBjD|jR_"| jH|_$	|jPjD|_"|jU||tjV�td|jDz��#t8$r}�j;�|d��d}~wwxYw#t8$r}�j;�|d��d}~wwxYw#t8$r}�jM�|d��d}~wwxYw#t8$r}�jM�|d��d}~wwxYw#t8$r}�jM�|d��d}~wwxYw#tX$rJ}�j[|t\j^�s �j;�|d|jDz��Yd}~nd}~wwxYw	|jRjD|_"|jU||tjV�td|jDz��#tX$rJ}�j[|t\j^�s �j;�|d|jDz��Yd}~nd}~wwxYw|�rV	|jPjD|_"|"jU|#|tjV�td|jDz��#tX$rJ}�j[|t\j^�s �jM�|d|jDz��Yd}~nd}~wwxYw	|jRjD|_"|"jU|#|tjV�td|jDz��#tX$rJ}�j[|t\j^�s �jM�|d|jDz��Yd}~nd}~wwxYw	�ja�}%n$#t8$r}�j;�|d��d}~wwxYw	�jc|%|�}&n$#t8$r}�j;�|d��d}~wwxYw|ro	�je�}'n$#t8$r}�jM�|d��d}~wwxYw	�jg|'|!|�}(n$#t8$r}�jM�|d��d}~wwxYwd�})tijj�}*|)||*�}+|)||*�},d}-d}.	|r��j>jAd �d!d"d#�}/tm|"|#|tjn|,|+�}.�j>jAd$�|rA�j>jAd%�d!d&d#�}/|"jq|.tjr|��j>jAd'�d
d"d#�}/tm|||tjn|+|,�}-�j>jAd(�|rA�j>jAd)�d
d&d#�}/|jq|-tjr|�n�#t8$r�}�j>jAd*/d+�d,|/d-�d.��|.r.�j>jAd/�|"ju|.�d}.|-r.�j>jAd0�|ju|-�d}-|/d-d!k(r�jM�|d1|/d+z���j;�|d1|/d+z��d}~wwxYw|�rU|j$tj*z�r�j>jAd2�	|%jw|&jx|$jFjDtzj|�}0n$#t8$r}�j;�|d3��d}~wwxYw	|j||$jFtj�|0d�}1n$#t8$r}�j;�|d4��d}~wwxYw�j�|0|$jFjD|1�5�|r�j>jAd6�	'jw(| jFjDtzj|�}2n$#t8$r}�jM�|d3��d}~wwxYw	|"j|#| jFtj�|2d�}3n$#t8$r}�jM�|d4��d}~wwxYw�j�|2| jFjD|3�5�|jtj"z�r��j>jAd7�	|%j�|&jxtzj�d8|$jFjD�}4n$#t8$r}�j;�|d9��d}~wwxYw�j�|4j�d�}5�j�|4j�d�}6|4j�tzj�zr1d:|4j��d;|4j�d<�d=|4j�d<�d>�}7n0d:|4j��d;|4j�d<�d=|4j�d<�d?�}7|5t�j�k7s|6t�j�k7rt|7���j>jAd@|7z�|�r�|jtj"z�r��j>jAdA�	'j�(tzj�d8| jFjD�}8n$#t8$r}�jM�|d9��d}~wwxYw�j�|8j�d�}9�j�|8j�d�}:|8j�tzj�zr1dB|8j��d;|8j�d<�d=|8j�d<�d>�};n0dB|8j��d;|8j�d<�d=|8j�d<�d?�};|9t�j�k7s|:t�j�k7rt|;���j>jAd@|;z�|.�$	|"j�|.�n#t8$rYnwxYwd}.|-�$	|j�|-�n#t8$rYnwxYwd}-�j>jAdC�y)DNFr�Tr�r�z'--not-transitive requires --type=forestz*--treat-as-external requires --type=forestrr�r�r�c���d}	|�|dk7r|Std|z�}td|z�}||k(sd}�jjd��H)NrVzNew %s Password: zRetype %s Password: zSorry, passwords do not match.
)rr�r�)r]�password�passwordverifyrs   �r�get_passwordz1cmd_domain_trust_create.run.<locals>.get_password7s_����H���'�H��N�#�O�"�#6��#=�>��!(�)?�$�)F�!G���>�1�#�H��I�I�O�O�$F�G�rr�zIncoming Trust�	utf-16-lezOutgoing Trustc�n�tj|dz|dz�}t|jd��S)N�r�)�samba� generate_random_machine_passwordr�encode)�length�pws  r�random_trust_secretz8cmd_domain_trust_create.run.<locals>.random_trust_secretYs1���;�;�F�a�K��ST��U��+�B�I�I�k�,B�C�Cr��r�r�r�r�rXr��failed to locate remote server�RemoteDomain Netbios[zTrustedDomain %s already exist'z2QueryTrustedDomainInfoByName(%s, FULL_INFO) failedrv�failed to get netlogon dc infoc��|�tj�}d|_|Stj�}t	|�|_||_tj�}tj|�|_
tj|_
||_tj�}d|_|g|_tj�}d|_||_|S)NrrA)r	�trustAuthInOutBlobr��
AuthInfoClearrY�sizer��AuthenticationInformationr��unix2nttime�LastUpdateTimer
�TRUST_AUTH_TYPE_CLEAR�AuthType�AuthInfo�AuthenticationInformationArrayr}�current)�secret�update_time�blob�clearr�r}s      r�generate_AuthInOutBlobz;cmd_domain_trust_create.run.<locals>.generate_AuthInOutBlob�s����~��2�2�4����
����*�*�,�E��V��E�J�#�E�N��5�5�7�D�"'�"3�"3�K�"@�D���5�5�D�M�!�D�M��;�;�=�E��E�K��&�E�K��.�.�0�D��D�J� �D�L��KrzCreating remote TDO.
�remote�CreateTrustedDomainEx2)�locationr]zRemote TDO created.
z2Setting supported encryption types on remote TDO.
�SetInformationTrustedDomainzCreating local TDO.
zLocal TDO created
z1Setting supported encryption types on local TDO.
zError: r]z failed r	zly - cleaning up
zDeleting remote TDO.
zDeleting local TDO.
z%sz(Setup local forest trust information...
�*netr_DsRGetForestTrustInformation() failed�&lsaRSetForestTrustInformation() failed�rhriz)Setup remote forest trust information...
zValidating outgoing trust...
r��!NETLOGON_CONTROL_TC_VERIFY failed�LocalValidation: DC[�
] CONNECTION[rA�] TRUST[�] VERIFY_STATUS_RETURNEDrZ�OK: %s
zValidating incoming trust...
�RemoteValidation: DC[z	Success.
)Mr
r�rr�r
r9r�r:r8r�r��LSA_POLICY_CREATE_SECRET�TrustDomainInfoInfoExrr�r�rrr�r&r%r�r�r(rr�rfrir�rGr�r�r�r]r^r�r�r�rLr�r�r�r�r�rr=rr�rkr�r�r�r��current_unix_timer�LSA_TRUSTED_DOMAIN_ALL_ACCESSr
r��DeleteObject�!netr_DsRGetForestTrustInformationr�r�DS_GFTI_UPDATE_TDO�lsaRSetForestTrustInformationrcro�netr_LogonControl2Ex�NETLOGON_CONTROL_TC_VERIFYr7�pdc_connection_status�tc_connection_statusrs�NETLOGON_VERIFY_STATUS_RETURNED�trusted_dc_namer�WERR_SUCCESS�Close)<rrtrarbr�rtr�r�r�r�r�r�r�r�r�r��quarantinedr�r��local_trust_infor��incoming_secret�outgoing_secret�remote_policy_access�incoming_password�outgoing_password�remote_trust_infor�r+r�r�r�r�r.�
remote_lsa�
remote_policy�remote_lsa_infor~�local_netlogon_info�remote_netlogon�remote_netlogon_dc_uncrr�
incoming_blob�
outgoing_blob�local_tdo_handle�remote_tdo_handle�current_request�local_forest_info�local_forest_collision�remote_forest_info�remote_forest_collision�local_trust_verify�local_trust_status�local_conn_status�local_validation�remote_trust_verify�remote_trust_status�remote_conn_status�remote_validations<`                                                           rr�zcmd_domain_trust_create.run�s ����J�J�L�	����"��Z�'�"��
��
%��K���!��"�#L�M�M� �"�#O�P�P��8�8�:�	��"*�"O�"O�I�����8�#P�#P�P��#+�"D�"D�I��!�C�C���s�9�9�9���s�;�;�;���4�4�6��&)�&@�&@��#�+,��(��f�$��,�,��0O�0O�O�,��,�,��0P�0P�P�,�
�
�
*��,�,��0O�0O�O�,�
�
�
*��,�,��0P�0P�P�,�,-��)���-�-��1[�1[�[�-���-�-��1[�1[�[�-���!��-�-��1Z�1Z�Z�-���-�-��1W�1W�W�-���-�-��1Z�1Z�Z�-�		H�����"�D�D���g�%��/�/�#�2Q�2Q�Q�$0�1A�$B�!�"6�7H�7O�7O�P[�7\�"]���/�/�#�2R�2R�R�$0�1A�$B�!�"6�7H�7O�7O�P[�7\�"]�� $��
D� �/�/�#�2Q�2Q�Q�"5�c�":���/�/�#�2R�2R�R�"5�c�":�� �C�$>�$>�>� � �C�$@�$@�@� � #� 9� 9� ;��+.�+E�+E��(�01��-��&�(�!�1�1�S�5T�5T�T�1�!�1�1�S�5U�5U�U�1� �J�.�!�1�1�S�5U�5U�U�1� �J�.�!�1�1�S�5T�5T�T�1�12��.�!�!�2�2�c�6`�6`�`�2��!�2�2�c�6`�6`�`�2��X�%�!�2�2�c�6_�6_�_�2��!�2�2�c�6\�6\�\�2� �!�2�2�c�6_�6_�_�2��.�.�y�+�F��	V��5�5�7�I�	]�-1�->�->�y�J]�-^�*�\�>�	
�	�	���&�+�+�2�2�&�1�1�8�8�&�*�*�,�	-�
	Y� �4�4�X�v�F�M�	W��7�7�9�J�	^�/3�/@�/@��Ma�/b�,�]�O�	
�	�	���'�,�,�3�3�'�2�2�9�9�'�+�+�-�	.�
/>�.H�.H�.O�.O��$�$�+�/>�/C�/C�/J�/J��%�%�,�.�2�2����3A�3L�3L�3S�3S��)�)�0�4B�4G�4G�4N�4N��*�*�1�$2�$6�$6��!�
	D�/�;�;�B�B�I���2�2�<�3<�36�3X�3X�
Z��@�9�CS�CS�S�T�T��_�	V��(�(��u�6T�U�U��	V��
�	]��(�(��u�6[�\�\��	]���	Y��)�)�$��7W�X�X��	Y��
�	W��)�)�$��7U�V�V��	W��
�	^��)�)�$��7\�]�]��	^��.�	D��+�+�E�8�3[�3[�\��,�,�T�5�-a�1:�1A�1A�.C�D�D�]��	D��
	D�/�<�<�C�C�I���2�2�<�3<�36�3X�3X�
Z��@�9�CS�CS�S�T�T���	D��+�+�E�8�3[�3[�\��,�,�T�5�-a�1:�1A�1A�.C�D�D�]��	D���

I�#4�#@�#@�#G�#G�	� ��7�7�
�8A�8;�8]�8]�_�#�#D�y�GW�GW�#W�X�X�� �
I��/�/��x�7_�7_�`��1�1�$��2f�6?�6F�6F�3H�I�I�a��
I��

I�#4�#A�#A�#H�#H�	� ��7�7�
�8A�8;�8]�8]�_�#�#D�y�GW�GW�#W�X�X�� �
I��/�/��x�7_�7_�`��1�1�$��2f�6?�6F�6F�3H�I�I�a��
I��	[�!�?�?�A�N���	[��(�(��u�6Y�Z�Z��	[��	X�"&�";�";�N�L�"Y����	X��(�(��u�6V�W�W��	X���
`�"&�"E�"E�"G����
`��-�-�d�E�;^�_�_��
`��
]�)-�)A�)A�/�BO�QW�*Y�&���
]��-�-�d�E�;[�\�\��
]��	�4�-�-�/��.���L�
�.���L�
��� ��0	C� ��	�	��� 8�9�/7�AY�"Z��$<�Z�=J�=N�=@�=^�=^�=J�=J�%L�!��	�	��� 7�8���I�I�O�O�$Y�Z�3;�Eb�&c�O��:�:�;L�;>�;l�;l�;D�F�
�I�I�O�O�3�4�+2�<T�U�O�7�	�8D�8H�8;�8Y�8Y�8E�8E� G��
�I�I�O�O�1�2���	�	��� T�U�/6�@]�"^���5�5�6F�69�6g�6g�6?�A���	C��I�I�O�O�+�F�3�_�Z�5P�R�
S� ��	�	��� 8�9��'�'�(9�:�$(�!���	�	��� 7�8��&�&�'7�8�#'� ��z�*�h�6��-�-�d�E�4�.=�f�.E�<G�H�H��(�(��u�d�)8��)@�7B�C�
C��	C��"��0�0�3�3\�3\�\��	�	��� K�L�
l�'�H�H�I\�Ic�Ic�IX�Ic�Ic�Ij�Ij�IQ�Id�Id�f�&��$�l��0�0��u�>j�k�k��l��	h�"�?�?��@O�@Z�@Z�@C�@`�@`�@Q�@A�	C�+��$�h��0�0��u�>f�g�g��h���,�,�->�1@�1K�1K�1R�1R�8N�-�P�%��I�I�O�O�$P�Q�
q�,�M�M�Nd�N\�Ng�Ng�Nn�Nn�NV�Ni�Ni�k�+��(�q�"�5�5�d�E�Co�p�p��q��	m�'�D�D�]�ES�E^�E^�EH�Ee�Ee�EW�EF�	H�0��(�m�"�5�5�d�E�Ck�l�l��m���0�0�1C�5C�5N�5N�5U�5U�<S�1�U� �/�/�#�2R�2R�R��	�	��� @�A�c�)7�)L�)L�M`�Mg�Mg�MU�Mp�Mp�MN�M\�Mg�Mg�Mn�Mn�*p�&��$�c��0�0��u�>a�b�b��c��&*�\�\�2D�2Z�2Z�[\�2]�%^�"�$(�L�L�1C�1X�1X�YZ�1[�$\�!�%�+�+�h�.V�.V�V�'9�'I�'I�'9�'N�'N�q�'Q�'9�'O�'O�PQ�'R�(T�$�W�(:�'I�'I�'9�'N�'N�q�'Q�'9�'O�'O�PQ�'R�(T�$�
&��)<�)<�<�@Q�U[�Uh�Uh�@h�&�'7�8�8��I�I�O�O�J�1A�$A�B� �$�4�4�s�7W�7W�W��I�I�O�O�$D�E�h�+�@�@�AW�AI�Ad�Ad�AB�AO�AZ�AZ�Aa�Aa�c�,��
(�h�"�5�5�d�E�Cf�g�g��h��+/�,�,�7J�7`�7`�ab�7c�*d�'�)-���6I�6^�6^�_`�6a�)b�&�*�0�0�8�3[�3[�[�+>�+N�+N�+>�+S�+S�TU�+V�+>�+T�+T�UV�+W�-Y�)�\�,?�+N�+N�+>�+S�+S�TU�+V�+>�+T�+T�UV�+W�-Y�)�
+�f�.A�.A�A�EW�[a�[n�[n�En�*�+<�=�=��	�	���
�5F�(F�G��(�
�� � �!2�3���
��
�� $���'�
���� 0�1���
��
��#���	�	����%�s'�(]�9]'�&^�9^/�
_�/A_7�	]$�]�]$�'	^�0^�^�	^,�^'�'^,�/	_�8_�_�	_4�_/�/_4�7	a
�Aa�a
�Ab"�"	c5�+Ac0�0c5�<Ae�	f#�Af�f#�'Ag;�;	i�Ai	�	i�i#�#	j�,i?�?j�j�	j<�$j7�7j<�k�	k4�k/�/k4�8l�	l-�l(�(l-�D:r�	u)�"Cu$�$u)�)?w)�)	x
�2x�x
�-x<�<	y�y�y�&5{�	{=�%{8�8{=�-|/�/	}�8}�}�5A6�6	A@�?A@�@A@�E 6AF�F	AF8�F AF3�F3AF8�KAK�K	AK%�K$AK%�K-AK?�K?	AL�L
AL)
NNNNNNNFNFFFT�r!r"r#rpr�rr�r�rrr�rr�r�r�r$rrr�r��sO��*�'�H��)�)��-�-��.�.�0�	��	�x�h��"�H�-�D� �!�		#�
	�}�8�[�7�L�%��		�
	�"��:���(�S�%��		�
	�%�l�S�(��	�	��X�x�*�<�&��
	�	�!�,�9�$��	�	�$�\�=�'��	�	��}�?�"��	�	�"�=�3���	�O+�M�Z��J�W[�CG�6:�49�)-�	Hrr�c	��eZdZdZdZejejeje	d�Z
edddddgd	d
d��gZdgZ
		dd�Zy
)�cmd_domain_trust_deletezDelete a domain trust.r�r�z--delete-locationr�r�r�r�z=Where to delete the trusted domain object: 'local' or 'both'.�delete_locationr�rtNc	��tj}|tjz}|tjz}|dk(rd}n6tj}|tjz}|tjz}|j	||�	|j�}		|j|	|�\}}|jjd|jj�d|jj�d|j�d��d}
d}d}d}tj�}	||_|	j!||tj"�}
|��D	|j1||�	|j3�}	|j||�\}}|jjd
|jj�d|jj�d|j�d��|j|
jk7sZ|jj|
j4jk7s-|jj|
j6jk7rGt-d|
j4j�d|
j6j�d|
j�d���	|jj|_|j!||tj"�}|��|j|jk7sZ|jj|j4jk7s-|jj|j6jk7rGt-d|j4j�d|j6j�d|j�d���|
�P	|
j6j|_|	j9||t:j<�}|	j?|�d}|�=	|j6j|_j9|t:j<�}|�0	j?|�d}|jjd�yy#t$r}
|j||
d��d}
~
wwxYw#t$r}
|j||
d��d}
~
wwxYw#t$$rF}
|j'|
t(j*�rt-d|z��|j/||
d	��d}
~
wwxYw#t$r}
|j/||
d	��d}
~
wwxYw#t$r}
|j/||
d��d}
~
wwxYw#t$r}
|j/||
d��d}
~
wwxYw#t$$rK}
|j'|
t(j*�s |j/||
d
|jz��Yd}
~
���d}
~
wwxYw#t$r%}
|j||
d|jz��d}
~
wwxYw#t$r%}
|j/||
d|jz��d}
~
wwxYw#t$r9}
|jjd|j/||
d�z�Yd}
~
yd}
~
wwxYw)Nr�r�r�r�r�rXr�z$Failed to find trust for domain '%s'r�r�zLocalTDO inconsistent: Netbios[rZz QueryTrustedDomainInfoByName(%s)z RemoteTDO inconsistent: Netbios[zOpenTrustedDomainByName(%s)zRemoteTDO deleted.
z%s
zDeleteObject() failed) r
r�r�rrfrir�rGr�r�r�r]r^r�r�r�r��LSA_TRUSTED_DOMAIN_INFO_INFO_EXrr=rr�rrLr�r�r�r��OpenTrustedDomainByNamer
�SEC_STD_DELETEr)rrtrarbr�rtrGr�r)r�r�r�r�r�r5�remote_tdo_infor6r�r-r.r/s                     rr�zcmd_domain_trust_delete.run�s4��"�C�C���s�9�9�9���s�;�;�;���g�%�#'� �#&�#H�#H� � �C�$>�$>�>� � �C�$@�$@�@� ����	�;�7�	V��5�5�7�I�	]�-1�->�->�y�J]�-^�*�\�>�	
�	�	���&�+�+�2�2�&�1�1�8�8�&�*�*�,�	-�
������ ���J�J�L�	�	Y�%�I��&�C�C�L�DM�s�Or�Or�t�N� �+�
]��(�(��6�:�
[�!�;�;�=�
�
b�37�3D�3D�Z�Qe�3f�0���
�I�I�O�O�+�0�0�7�7�+�6�6�=�=�+�/�/�1�
2�
�"�"�n�&8�&8�8��#�#�*�*�n�.I�.I�.P�.P�P��)�)�0�0�N�4N�4N�4U�4U�U�"�#1�#>�#>�#E�#E�#1�#=�#=�#D�#D�#1�#5�#5�$7�8�8�
	
E�#1�#<�#<�#C�#C�	� ��;�;�M�<E�<?�<_�<_�a� ��*�!�%�%��)<�)<�<�!�&�&�-�-��1M�1M�1T�1T�T�!�,�,�3�3��7R�7R�7Y�7Y�Y�&�'6�'C�'C�'J�'J�'6�'B�'B�'I�'I�'6�':�':�(<�=�=�
�%�
@�#1�#=�#=�#D�#D�	� ��5�5�l�6?�6>�6M�6M�O�!�
�"�"�#3�4�#���&�
A�#2�#>�#>�#E�#E�	� ��6�6�}�7@�7?�7N�7N�P�"��(�
h��'�'�(9�:�$(�!��	�	��� 6�7�	��]�	V��(�(��u�6T�U�U��	V��
�	]��(�(��u�6[�\�\��	]��$�	Y��'�'��x�/W�/W�X�"�#I�F�#R�S�S��)�)�$��7W�X�X��	Y�� �
]��-�-�d�E�;[�\�\��
]��
 �
[��-�-�d�E�;Y�Z�Z��
[��
 �
b��-�-�d�E�;`�a�a��
b��,!�
E��/�/��x�7_�7_�`��1�1�$��?a�2;�2B�2B�@D�E�E�a��
E��* �
@��,�,�T�5�:W�-6�-=�-=�;?�@�@��
@�� �
A��-�-�d�E�;X�.7�.>�.>�<@�A�A��
A�� �
h��	�	�����)@�)@��u�Ne�)f� f�g�g���
h�s��Q�Q9�"(R�S/�!T�2T7�<U�<V2�&<W#�%.X�	Q6�Q1�1Q6�9	R�R�R�	S,�&AS'�'S,�/	T�8T�T�	T4�T/�/T4�7	U�U�U�	V/�$AV*�*V/�2	W �; W�W �#	X�, X�X�	Y�/Y�Y�NNNNNrDr$rrrFrF�sp�� �'�H��)�)��-�-��.�.�0�	��	�"��:���(�S�%��		��M���J�W[� �rrFc	��eZdZdZdZejejeje	d�Z
edddddgd	d
d��gZdgZ
		dd�Zy
)�cmd_domain_trust_validatezValidate a domain trust.r�r�z--validate-locationr�r�r�r�z?Where to validate the trusted domain object: 'local' or 'both'.�validate_locationr�rtNc	�b�tj}|j||�}	|j�}		|j
|	|�\}}|jjd|jj�d|jj�d|j�d��	tj�}
||
_
|	j||
tj�}|jjd	|j*j�d|j,j�d|j�d��	|j/�}	|j1|t2j4d|j,j�}|j7|j8d
�}|j7|j:d
�}|j<t2j>zr1d|j@�d|j:d�d|j8d�d�}n0d|j@�d|j:d�d|j8d�d�}|tBjDk7s|tBjDk7rt)|��|jjd|z�	|j@jGdd�}|j,j�d|��}|j1|t2jHd|�}|j7|j:d
�}d|j@�d|j:d�d�}|tBjDk7rt)|��|jjd|z�|dk7�r:	|jK||d��}	|jO�}	|j1|t2j4d|jj�}|j7|j8d
�}|j7|j:d
�}|j<t2j>zr1d|j@�d|j:d�d|j8d�d�}n0d|j@�d|j:d�d|j8d�d�}|tBjDk7s|tBjDk7rt)|��|jjd|z�	|j@jGdd�}|jj�d|��}|j1|t2jHd|�}|j7|j:d
�}d|j@�d|j:d�d�}|tBjDk7rt)|��|jjd|z�y#t$r}
|j||
d��d}
~
wwxYw#t$r}
|j||
d��d}
~
wwxYw#t $rF}
|j#|
t$j&�rt)d|z��|j||
d��d}
~
wwxYw#t$r}
|j||
d
��d}
~
wwxYw#t$r}
|j||
d��d}
~
wwxYw#t$r}
|j||
d��d}
~
wwxYw#t$r}
|jM||
d��d}
~
wwxYw#t$r}
|jM||
d
��d}
~
wwxYw#t$r}
|jM||
d��d}
~
wwxYw#t$r}
|jM||
d��d}
~
wwxYw)Nr�r�r�r�rXr�r��,QueryTrustedDomainInfoByName(INFO_EX) failed�LocalTDO Netbios[rvr�rrrrrArrrZr�\rVz"NETLOGON_CONTROL_REDISCOVER failedzLocalRediscover: DC[r�F)r�r�rzRemoteRediscover: DC[)(r
r�rfrir�rGr�r�r�r]r^r�r�r�r�rIrr=rr�rr�r�rkrrrr7rr rsr!r"rr#�replace�NETLOGON_CONTROL_REDISCOVERr�rLr�) rrtrartr�rbrPr�r+r�r�r�r�r�r�r~r<r=r>r?rr�domain_and_server�local_trust_rediscover�local_rediscoverr.r1r@rArBrC�remote_trust_rediscover�remote_rediscovers                                 rr�zcmd_domain_trust_validate.runxs��"�C�C���.�.�y�+�F��	V��5�5�7�I�	]�-1�->�->�y�J]�-^�*�\�>�	
�	�	���&�+�+�2�2�&�1�1�8�8�&�*�*�,�	-�
	f��
�
��I�%�I���6�6�|�7@�7:�7Z�7Z�\�
�	
�	�	���&�3�3�:�:�&�2�2�9�9�&�*�*�,�	-�
	[�!�?�?�A�N�	[��3�3�L�4<�4W�4W�45�4B�4N�4N�4U�4U�W�
�"�\�\�*<�*R�*R�ST�*U�V�� �L�L�);�)P�)P�QR�)S�T���#�#�h�&N�&N�N�1�A�A�1�F�F�q�I�1�G�G��J� L��O� 2�A�A�1�F�F�q�I�1�G�G��J� L��
��!4�!4�4�8I�V�M`�M`�8`��/�0�0��I�I�O�O�J�)9�9�:�		\�'�7�7�?�?��b�I�F�,:�,F�,F�,M�,M�v� V���3�3�L�4<�4X�4X�45�4E�G�
#�!�L�L�)?�)T�)T�UV�)W�X��5�E�E�5�J�J�1�M�O���� 3� 3�3��/�0�0��I�I�O�O�J�)9�9�:���'�
]� $� 8� 8��6�W\� 8� ]�
�
`�"&�"E�"E�"G��
`�#�8�8��9A�9\�9\�9:�9G�9R�9R�9Y�9Y�[�$�#'�,�,�/B�/X�/X�YZ�/[�"\��!%���.A�.V�.V�WX�.Y�!Z��"�(�(�8�+S�+S�S�#6�#F�#F�#6�#K�#K�A�#N�#6�#L�#L�Q�#O�%Q�!�T�$7�#F�#F�#6�#K�#K�A�#N�#6�#L�#L�Q�#O�%Q�!�
#�f�&9�&9�9�=O�SY�Sf�Sf�=f�"�#4�5�5��	�	���
�->� >�?�	
a�,�<�<�D�D�T�2�N��0>�0I�0I�0P�0P�RX�$Y�!�#�8�8��9A�9]�9]�9:�9J�L�(�"&���.E�.Z�.Z�[\�.]�!^��$;�#J�#J�#:�#O�#O�PQ�#R�!T��"�V�%8�%8�8�"�#4�5�5��	�	���
�->� >�?���e�	V��(�(��u�6T�U�U��	V��
�	]��(�(��u�6[�\�\��	]���	f��'�'��x�/W�/W�X�"�#Y�\b�#b�c�c��(�(��u�6d�e�e��		f���	[��(�(��u�6Y�Z�Z��	[���	[��(�(��u�6Y�Z�Z��	[��<�	\��(�(��u�6Z�[�[��	\��  �
]��-�-�d�E�;[�\�\��
]��
 �
`��-�-�d�E�;^�_�_��
`�� �
`��-�-�d�E�;^�_�_��
`��< �
a��-�-�d�E�;_�`�`��
a�s��V�V?�"<W#�6X5�6Y�AY=�!Z!�6[�6[)�A\
�	V<�$V7�7V<�?	W �W�W �#	X2�,AX-�-X2�5	Y�>Y�Y�	Y:�"Y5�5Y:�=	Z�Z�Z�!	[�*Z=�=[�	[&�[!�![&�)	\
�2\�\
�
	\.�\)�)\.rMrDr$rrrOrObsp��"�'�H��)�)��-�-��.�.�0�	��	�$�8�Z���(�U�'��		��M���J�W[�"�ZrrOc���eZdZdZdZejejed�Z	e
dddgd�dd	d
��e
dd
ddd��e
dddddg��e
dddddg��e
dddddg��e
ddddd g��e
d!dd"d#d$g��e
d%dd"d&d'g��e
d(dd)d*d+g��e
d,dd)d-d.g��e
d/ddd0d1g��e
d2ddd3d4g��e
d5ddd6d7g��e
d8ddd9d:g��gZd;gZ					d=d<�Z
y
)>�cmd_domain_trust_namespaceszManage forest trust namespaces.z%prog [DOMAIN] [options]rsz	--refreshr�zcheck|store)�checkr�NzLList and maybe store refreshed forest trust information: 'check' or 'store'.�refreshNr�z--enable-allr�zATry to update disabled entries, not allowed with --refresh=check.�
enable_allFr�z--enable-tln�append�	DNSDOMAINz?Enable a top level name entry. Can be specified multiple times.�
enable_tln)r�r�r�r�r�z
--disable-tlnz@Disable a top level name entry. Can be specified multiple times.�disable_tlnz--add-tln-exzAAdd a top level exclusion entry. Can be specified multiple times.�
add_tln_exz--delete-tln-exzDDelete a top level exclusion entry. Can be specified multiple times.�
delete_tln_exz--enable-nb�
NETBIOSDOMAINzIEnable a netbios name in a domain entry. Can be specified multiple times.�	enable_nbz--disable-nbzJDisable a netbios name in a domain entry. Can be specified multiple times.�
disable_nbz--enable-sid�	DOMAINSIDz@Enable a SID in a domain entry. Can be specified multiple times.�enable_sid_strz
--disable-sidzADisable a SID in a domain entry. Can be specified multiple times.�disable_sid_strz--add-upn-suffixzVAdd a new uPNSuffixes attribute for the local forest. Can be specified multiple times.�add_upnz--delete-upn-suffixz^Delete an existing uPNSuffixes attribute of the local forest. Can be specified multiple times.�
delete_upnz--add-spn-suffixz[Add a new msDS-SPNSuffixes attribute for the local forest. Can be specified multiple times.�add_spnz--delete-spn-suffixzcDelete an existing msDS-SPNSuffixes attribute of the local forest. Can be specified multiple times.�
delete_spnzdomain?c	�<�|�g}|�g}|	�g}	|
�g}
|�g}|�g}|
�g}
|�g}|�g}|�g}|�g}|�g}d}|��;|dk(rtd|z��|rtd��t|�dkDrtd��t|�dkDrtd��t|	�dkDrtd��t|
�dkDrtd	��t|
�dkDrtd
��t|�dkDrtd��t|�dkDrtd��t|�dkDrtd
��t|�dkDr(|D]!}|jd�s�td|z��d}t|�dkDr(|D]!}|jd�s�td|z��d}|D]8}|D]1}|j�|j�k7r�%td|z���:t|�dkDr(|D]!}|jd�s�td|z��d}t|�dkDr(|D]!}|jd�s�td|z��d}|D]8}|D]1}|j�|j�k7r�%td|z���:ndt|�dkDrtd��t|�dkDrtd��t|�dkDrtd��t|�dkDrtd��|��|dk(rd}|r|dk7rtd|z��t|�dkDrtd��t|�dkDrtd��t|	�dkDrtd��t|
�dkDrtd��t|
�dkDrtd��t|�dkDrtd ��t|�dkDrtd!��t|�dkD�r^td"��|rMd}t|�dkDrtd#��t|
�dkDrtd$��t|�dkDrtd%��t|�dkDrd}t|�dkDrd}|D]8}|D]1}|j�|j�k7r�%td&|z���:t|	�dkDr(|	D]!}|jd�s�td'|z��d}t|
�dkDr(|
D]!}|jd�s�td(|z��d}|	D]8}|
D]1}|j�|j�k7r�%td)|z���:t|
�dkDrd}t|�dkDrd}|
D]8}|D]1}|j	�|j	�k7r�%td*|z���:g}|D])}	tj|�}|j|��+g}|D])}	tj|�}|j|��+t|�dkDrd}t|�dkDrd}|D]}|D]}||k7r�	td-|z���tj}|r|tjz}|j||�}	|j�}	|j#||�\} }!|j$j'd0|!j(j*�d1|!j,j*�d2|!j.�d3��|��:	|j1�}"	|j3|"|�}#|#j4|#j6k7r&td6|#j4�d7|#j6�d8���	|"j9|#j:dd�}$|j$j'd;�|jG|$|!j,j*�<�	|jI�}%d>tK|%jM��z}&d?d@g}'	|%jO|&tPjRdA|'�B�}(|(d})g}*d?|)vr|*jY|)d?�g}+d@|)vr|+jY|)d@�|j$j'dDt|*�z�|*D]%},|j$j'dEdFdG�dH|,�d3���'|j$j'dIt|+�z�|+D]%},|j$j'dEdFdG�dH|,�d3���'|syd}-g}.|.jY|*�d}/g}0|0jY|+�|D]T}1|.D]:},tK|,�j�|1j�k(s�.tdJ|1z��|.j|1�d}-�V|D]h}1d}2t[|.�D]3\}3},tK|,�j�|1j�k7r�1|3}2n|2�tdK|1z��|.j]|2�d}-�j|D]T}4|0D]:},tK|,�j�|4j�k(s�.tdL|4z��|0j|4�d}/�V|D]h}4d}2t[|0�D]3\}3},tK|,�j�|4j�k7r�1|3}2n|2�tdM|4z��|0j]|2�d}/�j|j$j'dNt|.�z�|.D]%},|j$j'dEdFdG�dH|,�d3���'|j$j'dOt|0�z�|0D]%},|j$j'dEdFdG�dH|,�d3���'tQj^�}5|)j`|5_0|-r(tQjb|.tPjdd?�|5d?<|/r(tQjb|0tPjdd@�|5d@<	|%jg|5�	|"j9|#j:dd�}6|j$j'dQ�|jG|6|!j,j*�<�y	tjh�}7||7_|jk| |7tjl�}8|j$j'dT|8jtj*�d1|8j4j*�d2|8j.�d3��|8jvtjxzstdU|z��|��~	|j1�}"	|j3|"|�}#dV}9|dk(rtzj|}:|rd}9nd}:	|"j9|#j:|8j4j*|:�};	|j| |8j4tj�|;|9�}<|j$j'dX�|jG|;|8j4j*|<�Y�|dk(r�	tjh�}7|8j4j*|7_|j�| |7tj��}6|j$j'dQ�|jG|6|8j4j*�<�y	tjh�}7|8j4j*|7_|j�| |7tj��}=|j$j'd[�|jG|=|8j4j*�<�|syg}>|>jY|=j��tj��}?t|>�|?_D|>|?_B|r�|?j�D][}@|@j�tj�k7r�!@j�dk(r�1d@_H|@xj�tj�zc_G�]|?j�D]}@|@j�tj�k7r�!@j�dk(r�1d@_H|@xj�tj�zc_G|@xj�tj�zc_G��|D�]}Ad}2t[|?j��D]\\}3}@|@j�tj�k7r�$@j�j*j�Aj�k7r�Z|3}2n|2�td\Az��|?j�|2j�tj�zstd]Az��d|?j�|2_H|?j�|2xj�tj�zc_G��	|D�]6}Ad}2t[|?j��D]\\}3}@|@j�tj�k7r�$@j�j*j�Aj�k7r�Z|3}2n|2�td^Az��|?j�|2j�tj�zrtd_Az��d|?j�|2_H|?j�|2xj�tj�zc_G|?j�|2xj�tj�zc_G��9|	D�]�}Bd}2t[|?j��D]\\}3}@|@j�tj�k7r�$@j�j*j�Bj�k7r�Z|3}2n|2�td`Bz��daBj�z}Cd}2t[|?j��D]r\}3}@|@j�tj�k7r�$da@j�j*j�z}DC|Dk(rtdbBz��Cj�D�s�p|3}2n|2�tdcBz��tj��}@tj�|@_Ed|@_Gd|@_HB|@j�_g}>|>jY|?j��|>j�|2dVz|@�t|>�|?_D|>|?_B���|
D]�}Bd}2t[|?j��D]\\}3}@|@j�tj�k7r�$@j�j*j�Bj�k7r�Z|3}2n|2�tddBz��g}>|>jY|?j��|>j]|2�t|>�|?_D|>|?_B��|
D�]}Ed}2t[|?j��D]f\}3}@|@j�tj�k7r�$@j�j�j*j	�Ej	�k7r�d|3}2n|2�tdeEz��|?j�|2j�tj�zstdfEz��d|?j�|2_H|?j�|2xj�tj�zc_G��|D�]@}Ed}2t[|?j��D]f\}3}@|@j�tj�k7r�$@j�j�j*j	�Ej	�k7r�d|3}2n|2�tdgEz��|?j�|2j�tj�zrtdhEz��d|?j�|2_H|?j�|2xj�tj�zc_G|?j�|2xj�tj�zc_G��CD]�}d}2t[|?j��D]@\}3}@|@j�tj�k7r�$@j�j�|k7r�>|3}2n|2�tdi|z��|?j�|2j�tj�zstdjEz��d|?j�|2_H|?j�|2xj�tj�zc_G��D�]}d}2t[|?j��D]@\}3}@|@j�tj�k7r�$@j�j�|k7r�>|3}2n|2�tdk|z��|?j�|2j�tj�zrtdlEz��d|?j�|2_H|?j�|2xj�tj�zc_G|?j�|2xj�tj�zc_G��	|j| |8j4tj�|?d�}F|j$j'dm�|jG|?|8j4j*F�Y�	tjh�}7|8j4j*|7_|j�| |7tj��}6|j$j'dQ�|jG|6|8j4j*�<�y#ttf$rtd+|z��wxYw#ttf$rtd,|z��wxYw#t$r}|j!||d.��d}~wwxYw#t$r}|j!||d/��d}~wwxYw#t$r}|j!||d4��d}~wwxYw#t$r}|j!||d5��d}~wwxYw#t$r�}|j=|t>j@�rtd9|z��|j=|t>jB�rtd9|z��|j=|t>jD�rtd9|z��|j!||d:��d}~wwxYw#t$r}|j!||d=��d}~wwxYw#tPjT$r}|jW||dC��d}~wwxYw#tPjT$r}|jW||dP��d}~wwxYw#t$r}|j!||d:��d}~wwxYw#tn$rF}|j=|tpjr�rtdR|z��|j!||dS��d}~wwxYw#t$r}|j!||d4��d}~wwxYw#t$r}|j!||d5��d}~wwxYw#t$r}|j!||d:��d}~wwxYw#t$r}|j!||dW��d}~wwxYw#t$r}|j!||dZ��d}~wwxYw#t$r}|j!||dZ��d}~wwxYw#t$r}|j!||dW��d}~wwxYw#t$r}|j!||dZ��d}~wwxYw)nNFr�z'--refresh=%s not allowed without DOMAINz'--enable-all not allowed without DOMAINrz'--enable-tln not allowed without DOMAINz(--disable-tln not allowed without DOMAINz'--add-tln-ex not allowed without DOMAINz*--delete-tln-ex not allowed without DOMAINz&--enable-nb not allowed without DOMAINz'--disable-nb not allowed without DOMAINz'--enable-sid not allowed without DOMAINz(--disable-sid not allowed without DOMAINz*.zEvalue[%s] specified for --add-upn-suffix should not include with '*.'TzHvalue[%s] specified for --delete-upn-suffix should not include with '*.'z@value[%s] specified for --add-upn-suffix and --delete-upn-suffixzEvalue[%s] specified for --add-spn-suffix should not include with '*.'zHvalue[%s] specified for --delete-spn-suffix should not include with '*.'z@value[%s] specified for --add-spn-suffix and --delete-spn-suffixz1--add-upn-suffix not allowed together with DOMAINz4--delete-upn-suffix not allowed together with DOMAINz1--add-spn-suffix not allowed together with DOMAINz4--delete-spn-suffix not allowed together with DOMAINz3--enable-all not allowed together with --refresh=%sz0--enable-tln not allowed together with --refreshz1--disable-tln not allowed together with --refreshz0--add-tln-ex not allowed together with --refreshz3--delete-tln-ex not allowed together with --refreshz/--enable-nb not allowed together with --refreshz0--disable-nb not allowed together with --refreshz0--enable-sid not allowed together with --refreshz1--disable-sid not allowed together with --refreshz3--enable-tln not allowed together with --enable-allz2--enable-nb not allowed together with --enable-allz3--enable-sid not allowed together with --enable-allz6value[%s] specified for --enable-tln and --disable-tlnzAvalue[%s] specified for --add-tln-ex should not include with '*.'zDvalue[%s] specified for --delete-tln-ex should not include with '*.'z8value[%s] specified for --add-tln-ex and --delete-tln-exz4value[%s] specified for --enable-nb and --disable-nbz7value[%s] specified for --enable-sid is not a valid SIDz8value[%s] specified for --disable-sid is not a valid SIDz6value[%s] specified for --enable-sid and --disable-sidr�r�r�r�rXr�rvr�zThe local domain [z] is not the forest root [rZz@LOCAL_DC[%s]: netr_DsRGetForestTrustInformation() not supported.rz Own forest trust information...
r�zfailed to connect to SamDBzCN=Partitions,%s�uPNSuffixeszmsDS-SPNSuffixesz(objectClass=crossRefContainer))r��scope�
expression�attrszfailed to search partition dnz#Stored uPNSuffixes attributes[%d]:
rSrVrTrUz(Stored msDS-SPNSuffixes attributes[%d]:
zBEntry already present for value[%s] specified for --add-upn-suffixz?Entry not found for value[%s] specified for --delete-upn-suffixzBEntry already present for value[%s] specified for --add-spn-suffixz?Entry not found for value[%s] specified for --delete-spn-suffixz#Update uPNSuffixes attributes[%d]:
z(Update msDS-SPNSuffixes attributes[%d]:
zfailed to update partition dnz#Stored forest trust information...
r�rRrSzItrusted domain object for domain [%s] is not marked as FOREST_TRANSITIVE.rArz"Fresh forest trust information...
r
z(lsaRQueryForestTrustInformation() failedz"Local forest trust information...
z8Entry not found for value[%s] specified for --enable-tlnzGEntry found for value[%s] specified for --enable-tln is already enabledz9Entry not found for value[%s] specified for --disable-tlnzIEntry found for value[%s] specified for --disable-tln is already disabledz>Entry already present for value[%s] specified for --add-tln-exz.%sz:TLN entry present for value[%s] specified for --add-tln-exz>No TLN parent present for value[%s] specified for --add-tln-exz;Entry not found for value[%s] specified for --delete-tln-exz7Entry not found for value[%s] specified for --enable-nbzFEntry found for value[%s] specified for --enable-nb is already enabledz7Entry not found for value[%s] specified for --delete-nbzHEntry found for value[%s] specified for --disable-nb is already disabledz8Entry not found for value[%s] specified for --enable-sidzGEntry found for value[%s] specified for --enable-sid is already enabledz8Entry not found for value[%s] specified for --delete-sidzIEntry found for value[%s] specified for --disable-sid is already disabledz$Updated forest trust information...
)VrrY�
startswith�lower�upperr
�dom_sid�
ValueError�	TypeErrorrar
r�r�rfrir�rGr�r�r�r]r^r�r�rkr�r��forest_namerr�r=rr|�WERR_INVALID_FUNCTION�WERR_NERR_ACFNOTLOADEDrorp�str�get_config_basedn�search�ldb�
SCOPE_BASE�LdbErrorrR�extendr[�pop�Message�dn�MessageElement�FLAG_MOD_REPLACE�modifyr�r�rIrrr�r�r�r�rrrrcr�rZr�r�r`rars�time�LSA_TLN_DISABLED_MASK�LSA_NB_DISABLED_MASK�LSA_SID_DISABLED_MASKr_rGrb�endswith�ForestTrustRecord�insertrerOrfrM)Grrtrarbrtr_r`rcrdrerfrkrlrhrirmrnrorp�require_update�nr�rnrl�
enable_sidrr��disable_sidr�r+r�r�r�r�r~r0�own_forest_info�local_samdb�local_partitions_dnru�msgs�
stored_msg�stored_upn_vals�stored_spn_valsr6�replace_upn�update_upn_vals�replace_spn�update_spn_vals�upn�idxrk�spn�
update_msg�stored_forest_infor�r��lsa_update_check�netlogon_update_tdo�fresh_forest_info�fresh_forest_collisionr8rZ�update_forest_infor�rh�tln_ex�tln_dot�r_dot�nb�update_forest_collisionsG                                                                       rr�zcmd_domain_trust_namespaces.run^s������J����K����J�� ��M��!��N��"� �O����I����J��?��G����J��?��G����J����>��'�!�"�#L�w�#V�W�W��"�#L�M�M��:���"�"�#L�M�M��;��!�#�"�#M�N�N��:���"�"�#L�M�M��=�!�A�%�"�#O�P�P��9�~��!�"�#K�L�L��:���"�"�#L�M�M��>�"�Q�&�"�#L�M�M��?�#�a�'�"�#M�N�N��7�|�a�� �t�A��<�<��-� �&�'n�qr�'r�s�s�t�"&���:���"�#�w�A��<�<��-� �&�'q�tu�'u�v�v�w�"&���
o��#�o�A��w�w�y�A�G�G�I�-� �&�'i�lm�'m�n�n�o�
o��7�|�a�� �t�A��<�<��-� �&�'n�qr�'r�s�s�t�"&���:���"�#�w�A��<�<��-� �&�'q�tu�'u�v�v�w�"&���
o��#�o�A��w�w�y�A�G�G�I�-� �&�'i�lm�'m�n�n�o�
o��7�|�a��"�#V�W�W��:���"�"�#Y�Z�Z��7�|�a��"�#V�W�W��:���"�"�#Y�Z�Z����'�!�!%���g��0�"�#X�[b�#b�c�c��:���"�"�#U�V�V��;��!�#�"�#V�W�W��:���"�"�#U�V�V��=�!�A�%�"�#X�Y�Y��9�~��!�"�#T�U�U��:���"�"�#U�V�V��>�"�Q�&�"�#U�V�V��?�#�a�'�"�#V�W�W��!%���z�?�Q�&�&�'\�]�]��y�>�A�%�&�'[�\�\��~�&��*�&�'\�]�]��:���"�!%���;��!�#�!%���
e��$�e�A��w�w�y�A�G�G�I�-� �&�'_�bc�'c�d�d�e�
e��:���"�#�p�A��<�<��-� �&�'j�mn�'n�o�o�p�"&���=�!�A�%�&�s�A��<�<��-� �&�'m�pq�'q�r�r�s�"&���
g��&�g�A��w�w�y�A�G�G�I�-� �&�'a�de�'e�f�f�g�
g��9�~��!�!%���:���"�!%���
c��#�c�A��w�w�y�A�G�G�I�-� �&�']�`a�'a�b�b�c�
c��J�#�
'��f�"�*�*�1�-�C��!�!�#�&�
'��K�$�
(��g�"�*�*�1�-�C��"�"�3�'�
(��:���"�!%���;��!�#�!%���
e��$�e�A��A�v� �&�'_�bc�'c�d�d�e�
e�"�C�C����3�#=�#=�=���.�.�y�+�F��	V��5�5�7�I�	]�-1�->�->�y�J]�-^�*�\�>�	
�	�	���&�+�+�2�2�&�1�1�8�8�&�*�*�,�	-�
�>�
_�!%�!C�!C�!E��
\�&*�&?�&?��P\�&]�#�#�.�.�2E�2Q�2Q�Q�"�#6�#B�#B�#6�#B�#B�$D�E�E�
h�"0�"R�"R�Sf�Sm�Sm�SW�YZ�#\��"
�I�I�O�O�?�@��(�(��-;�-F�-F�-M�-M�
)�
O�
X�"�<�<�>��#5�s�;�;X�;X�;Z�7[�"[��"�$6�7�E�
W�"�)�)�/B�03���5V�05�*�7��"�!�W�
�!�O��
�*��&�&�z�-�'@�A� �O�!�Z�/��&�&�z�2D�'E�F��I�I�O�O�B�S��EY�Y�Z�$�
D���	�	���B�� B�C�
D��I�I�O�O�G�#�o�J^�^�_�$�
D���	�	���B�� B�C�
D�"���K� �O��"�"�?�3��K� �O��"�"�?�3��
#��(�E�A��1�v�|�|�~�����4�*�,>�@C�,D�E�E�E�
 �&�&�s�+�"��
#�"�
#����%�o�6��D�A�q��1�v�|�|�~�����4� ��C��	�
�;�&�'h�kn�'n�o�o��#�#�C�(�"��
#��
#��(�E�A��1�v�|�|�~�����4�*�,>�@C�,D�E�E�E�
 �&�&�s�+�"��
#�"�
#����%�o�6��D�A�q��1�v�|�|�~�����4� ��C��	�
�;�&�'h�kn�'n�o�o��#�#�C�(�"��
#�
�I�I�O�O�B�S��EY�Y�Z�$�
D���	�	���B�� B�C�
D��I�I�O�O�G�#�o�J^�^�_�$�
D���	�	���B�� B�C�
D�����J�&�M�M�J�M��,/�,>�,>��?B�?S�?S�?L�-N�
�=�)��14�1C�1C�O�DG�DX�DX�DV�2X�
�-�.�
W��"�"�:�.�
h�%3�%U�%U�Vi�Vp�Vp�VZ�\]�&_�"�

�I�I�O�O�B�C��(�(�);�-;�-F�-F�-M�-M�
)�
O��	f��
�
��I�%�I���6�6�|�7@�7:�7Z�7Z�\�
�	
�	�	���&�3�3�:�:�&�2�2�9�9�&�*�*�,�	-�
�.�.��1Z�1Z�Z��j�ms�s�t�t���
_�!%�!C�!C�!E��
\�&*�&?�&?��P\�&]�#� !���'�!�&.�&A�&A�#��'(�$�&'�#�

h�#�D�D�EX�E_�E_�ES�E_�E_�Ef�Ef�EX�Z�"�
d��;�;�L�<J�<V�<V�<?�<\�<\�<M�<L�	N�'�
�I�I�O�O�A�B��(�(�):�-;�-G�-G�-N�-N�4J�
)�
L��'�!�j� #�
�
��I�'5�'A�'A�'H�'H�I�$�!�A�A�,�BK�BE�Bb�Bb�d�'��	�	��� F�G��,�,�-?�1?�1K�1K�1R�1R�-�T�
�	b��
�
��I�-�9�9�@�@�I���9�9�,�:C�:=�:Z�:Z�\�
�	
�	�	���=�>��$�$�%6�)7�)C�)C�)J�)J�	%�	L��������(�0�0�1� �7�7�9��#&�w�<�� �%,��"��'�/�/�
6���6�6�S�@�@�@���7�7�a�<��������C�5�5�5�5��

6�(�/�/�
6���6�6�S�=�=�=���7�7�a�<��������C�4�4�4�4�����C�5�5�5�5��
6��	P�C��C�!�"4�"<�"<�=�
���1��6�6�S�@�@�@���&�&�-�-�3�3�5�����D�����

��{�"�#]�`c�#c�d�d�%�-�-�c�2�8�8�3�;T�;T�T�"�#l�or�#r�s�s�34��&�&�s�+�0��&�&�s�+�1�1�c�6O�6O�5O�O�1�	P� �	P�C��C�!�"4�"<�"<�=�
���1��6�6�S�@�@�@���&�&�-�-�3�3�5�����D�����

��{�"�#^�ad�#d�e�e�!�)�)�#�.�4�4�s�7Q�7Q�Q�"�#n�qt�#t�u�u�34��&�&�s�+�0��&�&�s�+�1�1�c�6O�6O�5O�O�1��&�&�s�+�1�1�S�5O�5O�O�1�	P�"!�&	1�F��C�!�"4�"<�"<�=�
���1��6�6�S�C�C�C���&�&�-�-�3�3�5�����G�����

���"�#c�fl�#l�m�m��f�l�l�n�,�G��C�!�"4�"<�"<�=�	
���1��6�6�S�@�@�@���� 3� 3� :� :� @� @� B�B���e�#�&�'c�fl�'l�m�m��'�'��.�����	
��{�"�#c�fl�#l�m�m��%�%�'�A��;�;�A�F��A�G��A�F�)/�A���&��G��N�N�-�5�5�6��N�N�3��7�A�&�'*�7�|��$�)0��&�M&	1�P$�	1�F��C�!�"4�"<�"<�=�
���1��6�6�S�C�C�C���&�&�-�-�3�3�5�����G�����

��{�"�#`�ci�#i�j�j��G��N�N�-�5�5�6��K�K���'*�7�|��$�)0��&�!	1�$�	O�B��C�!�"4�"<�"<�=�
���1��6�6�S�=�=�=���&�&�:�:�A�A�G�G�I�R�X�X�Z�W�����

��{�"�#\�_a�#a�b�b�%�-�-�c�2�8�8�3�;S�;S�S�"�#k�np�#p�q�q�34��&�&�s�+�0��&�&�s�+�1�1�c�6N�6N�5N�N�1�	O� �	O�B��C�!�"4�"<�"<�=�
���1��6�6�S�=�=�=���&�&�:�:�A�A�G�G�I�R�X�X�Z�W�����

��{�"�#\�_a�#a�b�b�!�)�)�#�.�4�4�s�7P�7P�P�"�#m�pr�#r�s�s�34��&�&�s�+�0��&�&�s�+�1�1�c�6N�6N�5N�N�1��&�&�s�+�1�1�S�5N�5N�N�1�	O�"�	P�C��C�!�"4�"<�"<�=�
���1��6�6�S�=�=�=���&�&�1�1�S�8�����

��{�"�#]�`c�#c�d�d�%�-�-�c�2�8�8�3�;T�;T�T�"�#l�oq�#q�r�r�34��&�&�s�+�0��&�&�s�+�1�1�c�6O�6O�5O�O�1�	P� �	P�C��C�!�"4�"<�"<�=�
���1��6�6�S�=�=�=���&�&�1�1�S�8�����

��{�"�#]�`c�#c�d�d�!�)�)�#�.�4�4�s�7Q�7Q�Q�"�#n�qs�#s�t�t�34��&�&�s�+�0��&�&�s�+�1�1�c�6O�6O�5O�O�1��&�&�s�+�1�1�S�5O�5O�O�1�	P�"	`�&/�&M�&M�l�N\�Nh�Nh�NQ�Nn�Nn�N`�bc�'e�#�	
�	�	���?�@��$�$�%7�)7�)C�)C�)J�)J�0G�	%�	I�	b��
�
��I�-�9�9�@�@�I��!*�!J�!J�<�KT�KN�Kk�Kk�"m��	
�	�	���>�?��$�$�%7�)7�)C�)C�)J�)J�	%�	L���{#�I�.�f�&�'`�cd�'d�e�e�f��#�I�.�g�&�'a�de�'e�f�f�g��(�	V��(�(��u�6T�U�U��	V��
�	]��(�(��u�6[�\�\��	]�� �
_��,�,�T�5�:]�^�^��
_��
 �
\��,�,�T�5�:Z�[�[��
\�� �

h��+�+�E�6�3Y�3Y�Z�&�'i�'3�(5�6�6��+�+�E�6�3O�3O�P�&�'i�'3�(5�6�6��+�+�E�6�3P�3P�Q�&�'i�'3�(5�6�6��,�,�T�5�:f�g�g��

h��* �
X��,�,�T�5�:V�W�W��
X���<�<�
W��(�(��u�6U�V�V��
W��z�<�<�
W��(�(��u�6U�V�V��
W�� �
h��,�,�T�5�:f�g�g��
h���	f��'�'��x�/W�/W�X�"�#Y�\b�#b�c�c��(�(��u�6d�e�e��		f��" �
_��,�,�T�5�:]�^�^��
_��
 �
\��,�,�T�5�:Z�[�[��
\��( �
h��,�,�T�5�:f�g�g��
h�� �
d��,�,�T�5�:b�c�c��
d�� $�j��0�0��u�>h�i�i��j��(�	b��(�(��u�6`�a�a��	b��F�	`��(�(��u�6^�_�_��	`���	b��(�(��u�6`�a�a��	b�sS�6Ai1�&Aj�Aj3�Ak�Ak;�Al�+Am�Ao1�<(Ap�Aq�!Aq1�<Ar�As'�At�1At/�8-Au�.AAu7�AAv�e--Av?�gAAw#�i1Aj�jAj0�j3	Ak�j<Ak�kAk�k	Ak8�k Ak3�k3Ak8�k;	Al�lAl�lAl�l	Am�l(Al;�l;Am�m	Ao.�mBAo)�o)Ao.�o1	Ap�o:Ap
�p
Ap�pAq�p(Ap;�p;Aq�qAq.�qAq)�q)Aq.�q1	Ar�q:Ar
�r
Ar�r	As$�rAAs�sAs$�s'	At�s0At�tAt�t	At,�tAt'�t'At,�t/	Au�t8Au�uAu�u	Au4�uAu/�u/Au4�u7	Av�vAv�vAv�v	Av<�v$Av7�v7Av<�v?	Aw �wAw�wAw �w#	Ax�w,Aw?�w?Ax)NNNNNFNNNNNNNNNNNNr�r$rrr]r]s���)�)�H��)�)��-�-�0���	�{��=�/�b���		�
	�~�l�W� ��	�	�~�h��U� ��	�	��x��V�!��	�	�~�h��W� ��	�	� ��;�Z�#��	�	�}�X��_���	�	�~�h��`� ��	�	�~�h��V�$��	�	��x��W�%��	�	�!�(�K�l���	�	�$�X�{�t� ��	�	�!�(�K�q���	�	�$�X�{�y� ��	�m:�M�x��J�MQ�%*�NR�RV�DH�	w
rr]c��eZdZdZiZe�ed<e�ed<e�ed<e�ed<e	�ed<e
�ed<e�ed<y	)
�cmd_domain_trustz#Domain and forest trust management.�list�show�creater��deleter��
namespacesN)r!r"r#rp�subcommandsrrr�r�r�rFrOr]r$rrr�r�	se��-��K�/�1�K���/�1�K���3�5�K���3�5�K���3�5�K���7�9�K�
�� ;� =�K��rr�)*r3rr��samba.getopt�getoptr�samba.ntaclsr�rrrr�
samba.authr�samba.dcerpcr	r
rrr
�	samba.netr�samba.netcmdrrrr�samba.samdbr�samba.trust_utilsrrrr&rrr�r�r�rFrOr]r�r$rr�<module>r�s���2��
���G�G�%�?�?��D�D��6�S�� :� :�S�
C��C�L,�.�,�^h�.�h�Tv�0�v�pC�0�C�LU�0�U�pp� 2�p�f@�"4�@�F
>�|�
>r

Zerion Mini Shell 1.0