diff options
author | Andrew Bartlett <abartlet@samba.org> | 2004-02-07 03:54:39 +0000 |
---|---|---|
committer | Andrew Bartlett <abartlet@samba.org> | 2004-02-07 03:54:39 +0000 |
commit | 7acbbe9ba06b49f0e033b79cc5282e4be09642e8 (patch) | |
tree | 956735931922c7ab726ddbcd284332d479db8d33 | |
parent | a13282b69059fcb467cb8b4c7e2599d529ae4383 (diff) | |
download | samba-7acbbe9ba06b49f0e033b79cc5282e4be09642e8.tar.gz samba-7acbbe9ba06b49f0e033b79cc5282e4be09642e8.tar.bz2 samba-7acbbe9ba06b49f0e033b79cc5282e4be09642e8.zip |
I should have done this years ago...
This adds the very simple 'admin set password' capability to 'net rpc',
much as we have it for 'net ads'.
Andrew Bartlett
(This used to be commit ced7fb55276f3d21d69b85b40d3f64c5e790bcc9)
-rw-r--r-- | source3/utils/net_rpc.c | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 804faf3b9a..eef3adbcb8 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -678,6 +678,135 @@ static int rpc_user_delete(int argc, const char **argv) } /** + * Set a password for a user on a remote RPC server + * + * All parameters are provided by the run_rpc_command function, except for + * argc, argv which are passes through. + * + * @param domain_sid The domain sid acquired from the remote server + * @param cli A cli_state connected to the server. + * @param mem_ctx Talloc context, destoyed on completion of the function. + * @param argc Standard main() style argc + * @param argv Standard main() style argv. Initial components are already + * stripped + * + * @return Normal NTSTATUS return. + **/ + +static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid, + struct cli_state *cli, + TALLOC_CTX *mem_ctx, + int argc, const char **argv) +{ + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + POLICY_HND connect_pol, domain_pol, user_pol; + SAM_USERINFO_CTR ctr; + SAM_USER_INFO_24 p24; + uchar pwbuf[516]; + const char *user; + const char *new_password; + char *prompt = NULL; + + if (argc < 1) { + d_printf("User must be specified\n"); + rpc_user_usage(argc, argv); + return NT_STATUS_OK; + } + + user = argv[0]; + + if (argv[1]) { + new_password = argv[1]; + } else { + asprintf(&prompt, "Enter new password for %s:", user); + new_password = getpass(prompt); + SAFE_FREE(prompt); + } + + /* Get sam policy and domain handles */ + + result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS, + &connect_pol); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + result = cli_samr_open_domain(cli, mem_ctx, &connect_pol, + MAXIMUM_ALLOWED_ACCESS, + domain_sid, &domain_pol); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + /* Get handle on user */ + + { + uint32 *user_rids, num_rids, *name_types; + uint32 flags = 0x000003e8; /* Unknown */ + + result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol, + flags, 1, &user, + &num_rids, &user_rids, + &name_types); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + result = cli_samr_open_user(cli, mem_ctx, &domain_pol, + MAXIMUM_ALLOWED_ACCESS, + user_rids[0], &user_pol); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + } + + /* Set password on account */ + + ZERO_STRUCT(ctr); + ZERO_STRUCT(p24); + + encode_pw_buffer(pwbuf, new_password, STR_UNICODE); + + init_sam_user_info24(&p24, (char *)pwbuf,24); + + ctr.switch_value = 24; + ctr.info.id24 = &p24; + + result = cli_samr_set_userinfo(cli, mem_ctx, &user_pol, 24, + &cli->user_session_key, &ctr); + + if (!NT_STATUS_IS_OK(result)) { + goto done; + } + + /* Display results */ + + done: + return result; + +} + +/** + * Set a user's password on a remote RPC server + * + * @param argc Standard main() style argc + * @param argv Standard main() style argv. Initial components are already + * stripped + * + * @return A shell status integer (0 for success) + **/ + +static int rpc_user_password(int argc, const char **argv) +{ + return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_password_internals, + argc, argv); +} + +/** * List user's groups on a remote RPC server * * All parameters are provided by the run_rpc_command function, except for @@ -870,6 +999,7 @@ int net_rpc_user(int argc, const char **argv) {"add", rpc_user_add}, {"info", rpc_user_info}, {"delete", rpc_user_delete}, + {"password", rpc_user_password}, {NULL, NULL} }; @@ -2547,6 +2677,7 @@ int net_rpc(int argc, const char **argv) {"oldjoin", net_rpc_oldjoin}, {"testjoin", net_rpc_testjoin}, {"user", net_rpc_user}, + {"password", rpc_user_password}, {"group", net_rpc_group}, {"share", net_rpc_share}, {"file", net_rpc_file}, |