function run_msktutils()
{
$unix = new unix();
$sock = new sockets();
if (is_file("/usr/sbin/msktutil")) {
@chmod("/usr/sbin/msktutil", 0755);
}
$msktutil = $unix->find_program("msktutil");
$function = __FUNCTION__;
if (!is_file($msktutil)) {
if (is_file("/home/artica/mskutils.tar.gz.old")) {
progress_logs(20, "{join_activedirectory_domain}", "{$function}, uncompress /home/artica/mskutils.tar.gz.old");
shell_exec("tar xf /home/artica/mskutils.tar.gz.old -C /");
}
}
$msktutil = $unix->find_program("msktutil");
if (!is_file($msktutil)) {
progress_logs(20, "{join_activedirectory_domain}", "{$function}, msktutil not installed, you should use it..");
return;
}
$array = unserialize(base64_decode($sock->GET_INFO("KerbAuthInfos")));
if (!isset($array["COMPUTER_BRANCH"])) {
$array["COMPUTER_BRANCH"] = "CN=Computers";
}
$myFullHostname = $unix->hostname_g();
$myNetBiosName = $unix->hostname_simple();
$ipaddr = trim($array["ADNETIPADDR"]);
$hostname = strtolower(trim($array["WINDOWS_SERVER_NETBIOSNAME"])) . "." . strtolower(trim($array["WINDOWS_DNS_SUFFIX"]));
if (!isset($array["WINDOWS_SERVER_TYPE"])) {
$array["WINDOWS_SERVER_TYPE"] = "WIN_2003";
}
progress_logs(20, "{join_activedirectory_domain}", "{$function}, computers branch `{$array["COMPUTER_BRANCH"]}`");
progress_logs(20, "{join_activedirectory_domain}", "{$function}, my full hostname `{$myFullHostname}`");
progress_logs(20, "{join_activedirectory_domain}", "{$function}, my netbios name `{$myNetBiosName}`");
progress_logs(20, "{join_activedirectory_domain}", "{$function}, Active Directory hostname `{$hostname}` ({$ipaddr})");
$kdestroy = $unix->find_program("kdestroy");
$domain_controller = $hostname;
if ($ipaddr != null) {
$domain_controller = $ipaddr;
}
$enctypes = null;
if ($array["WINDOWS_SERVER_TYPE"] == "WIN_2008AES") {
$enctypes = " --enctypes 28";
}
$msktutil_version = msktutil_version();
progress_logs(20, "{join_activedirectory_domain}", "{$function}, msktutil version 0.{$msktutil_version}");
$f[] = "{$msktutil} -c -b \"{$array["COMPUTER_BRANCH"]}\"";
$f[] = "-s HTTP/{$myFullHostname} -h {$myFullHostname} -k /etc/krb5.keytab";
$f[] = "--computer-name {$myNetBiosName} --upn HTTP/{$myFullHostname} --server {$domain_controller} {$enctypes}";
$f[] = "--verbose";
if ($msktutil_version == 4) {
//$f[]="--user-creds-only";
}
$cmdline = @implode(" ", $f);
progress_logs(20, "{join_activedirectory_domain}", "{$function},`{$cmdline}`");
exec("{$cmdline} 2>&1", $results);
while (list($num, $a) = each($results)) {
if (trim($a) == null) {
continue;
}
progress_logs(20, "{join_activedirectory_domain}", "{$function}, {$a} Line:" . __LINE__ . "");
}
if ($msktutil_version == 4) {
$cmdline = "{$msktutil} --auto-update --verbose --computer-name {$myNetBiosName} --server {$domain_controller}";
exec("{$cmdline} 2>&1", $results);
while (list($num, $a) = each($results)) {
if (trim($a) == null) {
continue;
}
progress_logs(20, "{join_activedirectory_domain}", "{$function}, {$a} Line:" . __LINE__ . "");
}
}
}
function run_msktutils()
{
$unix = new unix();
$sock = new sockets();
if (is_file("/usr/sbin/msktutil")) {
@chmod("/usr/sbin/msktutil", 0755);
}
$msktutil = $unix->find_program("msktutil");
$function = __FUNCTION__;
$klist = $unix->find_program("klist");
if (!is_file($msktutil)) {
if (is_file("/home/artica/mskutils.tar.gz.old")) {
progress_logs(20, "{join_activedirectory_domain}", "{$function}, uncompress /home/artica/mskutils.tar.gz.old");
shell_exec("tar xf /home/artica/mskutils.tar.gz.old -C /");
}
}
$msktutil = $unix->find_program("msktutil");
if (!is_file($msktutil)) {
progress_logs(20, "{join_activedirectory_domain}", "{$function}, msktutil not installed, you should use it..");
return;
}
$array = unserialize(base64_decode($sock->GET_INFO("KerbAuthInfos")));
if (!isset($array["COMPUTER_BRANCH"])) {
$array["COMPUTER_BRANCH"] = "CN=Computers";
}
$myFullHostname = $unix->hostname_g();
$myNetBiosName = $unix->hostname_simple();
$ActiveDirectorySquidHTTPHostname = $sock->GET_INFO("ActiveDirectorySquidHTTPHostname");
$ipaddr = trim($array["ADNETIPADDR"]);
$hostname = strtolower(trim($array["WINDOWS_SERVER_NETBIOSNAME"])) . "." . strtolower(trim($array["WINDOWS_DNS_SUFFIX"]));
if (!isset($array["WINDOWS_SERVER_TYPE"])) {
$array["WINDOWS_SERVER_TYPE"] = "WIN_2003";
}
progress_logs(20, "{join_activedirectory_domain}", "{$function}, computers branch `{$array["COMPUTER_BRANCH"]}`");
progress_logs(20, "{join_activedirectory_domain}", "{$function}, my full hostname `{$myFullHostname}`");
progress_logs(20, "{join_activedirectory_domain}", "{$function}, my netbios name `{$myNetBiosName}`");
progress_logs(20, "{join_activedirectory_domain}", "{$function}, Active Directory hostname `{$hostname}` ({$ipaddr})");
$kdestroy = $unix->find_program("kdestroy");
$domain_controller = $hostname;
$enctypes = null;
if ($array["WINDOWS_SERVER_TYPE"] == "WIN_2008AES") {
$enctypes = " --enctypes 28";
}
$msktutil_version = msktutil_version();
progress_logs(20, "{join_activedirectory_domain}", "{$function}, msktutil version 0.{$msktutil_version}");
// msktutil -c -b "CN=COMPUTERS"
//-s HTTP/squid.demo.local
//-k /etc/squid3/PROXY.keytab
//--computer-name squid-http --upn HTTP/squid.demo.local --server dc2008demo.demo.local --verbose --enctypes 28
$myNetBiosName = strtolower($myNetBiosName);
$myFullHostname = strtolower($myFullHostname);
if ($ActiveDirectorySquidHTTPHostname != null) {
$myFullHostname = strtolower($ActiveDirectorySquidHTTPHostname);
}
$f[] = "{$msktutil} -c -b \"{$array["COMPUTER_BRANCH"]}\"";
$f[] = "-s HTTP/{$myFullHostname}";
$f[] = "-k /etc/squid3/PROXY.keytab";
$f[] = "--computer-name {$myNetBiosName}-k";
$f[] = "--upn HTTP/{$myFullHostname}";
$f[] = "--server {$domain_controller}";
$f[] = "--verbose";
$f[] = "{$enctypes}";
$IpClass = new IP();
echo "{$domain_controller} as IP address {$ipaddr}\n";
if ($IpClass->isValid($ipaddr)) {
echo "{$domain_controller} as IP address {$ipaddr} -> /etc/hosts\n";
$unix->create_EtcHosts($domain_controller, $ipaddr);
}
$MSKTUTIL_SUCCESS = true;
$cmdline = @implode(" ", $f);
progress_logs(20, "{join_activedirectory_domain}", "{$function},`{$cmdline}`");
exec("{$cmdline} 2>&1", $results);
while (list($num, $a) = each($results)) {
if (trim($a) == null) {
continue;
}
progress_logs(20, "{join_activedirectory_domain}", "{$function}, {$a} Line:" . __LINE__ . "");
if (preg_match("#Is your kerberos ticket expired#i", $a)) {
progress_logs(20, "{join_activedirectory_domain} kerberos failed", "{$function},`{$cmdline}`");
echo "###################################################################\n";
echo "######################### MKTUTILS FAILED #########################\n";
echo "###################################################################\n";
$MSKTUTIL_SUCCESS = false;
break;
}
}
if (!$MSKTUTIL_SUCCESS) {
$net = $unix->find_program("net");
echo "###################################################################\n";
echo "######################### ALTERNATIVE KEYTAB ######################\n";
echo "###################################################################\n";
$f = array();
$f[] = "#!/bin/sh";
$f[] = "PATH=/bin:/usr/bin:/sbin:/usr/sbin";
$f[] = "export KRB5_KTNAME=FILE:/etc/squid3/PROXY.keytab";
$f[] = "{$net} ads keytab CREATE";
$f[] = "{$net} ads keytab ADD HTTP";
$f[] = "unset KRB5_KTNAME\n";
@file_put_contents("/tmp/netads.sh", @implode("\n", $f));
@chmod("/tmp/netads.sh", 0755);
system("/tmp/netads.sh");
@unlink("/tmp/netads.sh");
}
exec("{$klist} -k /etc/squid3/PROXY.keytab -t 2>&1", $klist_results);
@chmod("/etc/squid3/PROXY.keytab", 0755);
@chown("/etc/squid3/PROXY.keytab", "squid");
@chgrp("/etc/squid3/PROXY.keytab", "squid");
$SUCCESS = false;
while (list($num, $a) = each($klist_results)) {
if (preg_match("#{$myNetBiosName}-k#", $a)) {
echo "{$a} [SUCCESS]\n";
$SUCCESS = true;
}
}
$cmdline = "{$msktutil} --auto-update --verbose --computer-name {$myNetBiosName}-k --server {$domain_controller}";
$CRON[] = "#!/bin/sh";
$CRON[] = "exec {$cmdline}";
$CRON[] = "";
@file_put_contents("/etc/cron.daily/msktutil", @implode("\n", $CRON));
chmod("/etc/cron.daily/msktutil", 0755);
chown("/etc/cron.daily/msktutil", "root");
if ($SUCCESS) {
if ($msktutil_version == 4) {
exec("{$cmdline} 2>&1", $results);
while (list($num, $a) = each($results)) {
if (trim($a) == null) {
continue;
}
progress_logs(20, "{join_activedirectory_domain}", "{$function}, {$a} Line:" . __LINE__ . "");
}
}
}
return true;
}
function run_msktutils()
{
kinit();
$unix = new unix();
$sock = new sockets();
if (is_file("/usr/sbin/msktutil")) {
@chmod("/usr/sbin/msktutil", 0755);
}
$msktutil = $unix->find_program("msktutil");
$function = __FUNCTION__;
if (!is_file($msktutil)) {
if (is_file("/home/artica/mskutils.tar.gz.old")) {
echo "Starting......: " . date("H:i:s") . " {$function}, uncompress /home/artica/mskutils.tar.gz.old\n";
shell_exec("tar xf /home/artica/mskutils.tar.gz.old -C /");
}
}
$msktutil = $unix->find_program("msktutil");
if (!is_file($msktutil)) {
echo "Starting......: " . date("H:i:s") . " {$function}, msktutil not installed, you should use it..\n";
return;
}
$array = unserialize(base64_decode($sock->GET_INFO("SambaAdInfos")));
$domainUp = strtoupper($array["ADDOMAIN"]);
$domain_lower = strtolower($array["ADDOMAIN"]);
$adminpassword = $array["PASSWORD"];
$adminpassword = $unix->shellEscapeChars($adminpassword);
$adminname = $array["ADADMIN"];
$ad_server = $array["ADSERVER"];
$workgroup = $array["WORKGROUP"];
$ipaddr = trim($array["ADSERVER_IP"]);
if (!isset($array["COMPUTER_BRANCH"])) {
$array["COMPUTER_BRANCH"] = "CN=Computers";
}
$myFullHostname = $unix->hostname_g();
$myNetBiosName = $unix->hostname_simple();
$hostname = strtolower(trim($array["ADSERVER"])) . "." . strtolower(trim($array["ADDOMAIN"]));
if (!isset($array["WINDOWS_SERVER_TYPE"])) {
$array["WINDOWS_SERVER_TYPE"] = "WIN_2003";
}
echo "Starting......: " . date("H:i:s") . " {$function}, computers branch `{$array["COMPUTER_BRANCH"]}`\n";
echo "Starting......: " . date("H:i:s") . " {$function}, my full hostname `{$myFullHostname}`\n";
echo "Starting......: " . date("H:i:s") . " {$function}, my netbios name `{$myNetBiosName}`\n";
echo "Starting......: " . date("H:i:s") . " {$function}, Active Directory hostname `{$hostname}` ({$ipaddr})\n";
$kdestroy = $unix->find_program("kdestroy");
$domain_controller = $hostname;
if ($ipaddr != null) {
$domain_controller = $ipaddr;
}
$enctypes = null;
if ($array["WINDOWS_SERVER_TYPE"] == "WIN_2008AES") {
$enctypes = " --enctypes 28";
}
$msktutil_version = msktutil_version();
echo "Starting......: " . date("H:i:s") . " {$function}, msktutil version 0.{$msktutil_version}\n";
$f[] = "{$msktutil} -c -b \"{$array["COMPUTER_BRANCH"]}\"";
$f[] = "-s HTTP/{$myFullHostname} -h {$myFullHostname} -k /etc/krb5.keytab";
$f[] = "--computer-name {$myNetBiosName} --upn HTTP/{$myFullHostname} --server {$domain_controller} {$enctypes}";
$f[] = "--verbose";
if ($msktutil_version == 4) {
//$f[]="--user-creds-only";
}
$cmdline = @implode(" ", $f);
echo "Starting......: " . date("H:i:s") . " {$function},`{$cmdline}`\n";
exec("{$cmdline} 2>&1", $results);
while (list($num, $a) = each($results)) {
if (trim($a) == null) {
continue;
}
echo "Starting......: " . date("H:i:s") . " {$function}, {$a} Line:" . __LINE__ . "\n";
}
if ($msktutil_version == 4) {
$cmdline = "{$msktutil} --auto-update --verbose --computer-name {$myNetBiosName} --server {$domain_controller}";
exec("{$cmdline} 2>&1", $results);
while (list($num, $a) = each($results)) {
if (trim($a) == null) {
continue;
}
echo "Starting......: " . date("H:i:s") . " {$function}, {$a} Line:" . __LINE__ . "\n";
}
}
}
