diff options
author | Andrew Bartlett <abartlet@samba.org> | 2006-07-03 01:04:14 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:09:44 -0500 |
commit | 673cce78171663a33b5f3f19b02b260f99750f23 (patch) | |
tree | b076cda95422ee8c5e7ad022acc5fcd279327b5d | |
parent | 5517249fadfced980db5eb47bf04ece5edcb6c53 (diff) | |
download | samba-673cce78171663a33b5f3f19b02b260f99750f23.tar.gz samba-673cce78171663a33b5f3f19b02b260f99750f23.tar.bz2 samba-673cce78171663a33b5f3f19b02b260f99750f23.zip |
r16768: Add a simple script to set a user's password. This should grow into a
real smbpasswd command some day.
Andrew Bartlett
(This used to be commit 8d0582796608b757fde776e69ea5d70b2b13eb36)
-rw-r--r-- | source4/setup/setpassword | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/source4/setup/setpassword b/source4/setup/setpassword new file mode 100644 index 0000000000..c3357a3cdd --- /dev/null +++ b/source4/setup/setpassword @@ -0,0 +1,122 @@ +#!/bin/sh +exec smbscript "$0" ${1+"$@"} +/* + set a user's password on a Samba4 server + Copyright Andrew Tridgell 2005 + Copyright Andrew Bartlett 2006 + Released under the GNU GPL v2 or later +*/ + +options = GetOptions(ARGV, + "POPT_AUTOHELP", + 'username=s', + 'filter=s', + 'newpassword=s', + "POPT_COMMON_SAMBA", + "POPT_COMMON_VERSION", + "POPT_COMMON_CREDENTIALS", + 'quiet'); + +if (options == undefined) { + println("Failed to parse options"); + return -1; +} + +libinclude("base.js"); +libinclude("provision.js"); + +/* + print a message if quiet is not set +*/ +function message() +{ + if (options["quiet"] == undefined) { + print(vsprintf(arguments)); + } +} + +/* + show some help +*/ +function ShowHelp() +{ + print(" +Samba4 newuser + +newuser [options] + --username USERNAME username + --filter LDAPFILTER LDAP Filter to set password on + --newpassword PASSWORD set password + +You must provide either a filter or a username, as well as password +"); + exit(1); +} + +if (options['username'] == undefined && options['filter'] == undefined) { + ShowHelp(); +} + +if (options['newpassword'] == undefined) { + ShowHelp(); +} + + var lp = loadparm_init(); + var samdb = lp.get("sam database"); + var ldb = ldb_init(); + random_init(local); + ldb.session_info = system_session(); + ldb.credentials = options.get_credentials(); + + /* connect to the sam */ + var ok = ldb.connect(samdb); + assert(ok); + + ldb.transaction_start(); + +/* find the DNs for the domain and the domain users group */ +var attrs = new Array("defaultNamingContext"); +var attrs2 = new Array("cn"); +res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, attrs); +assert(res.length == 1 && res[0].defaultNamingContext != undefined); +var domain_dn = res[0].defaultNamingContext; +assert(domain_dn != undefined); + +if (options['filter'] != undefined) { + var res = ldb.search(options['filter'], + domain_dn, ldb.SCOPE_SUBTREE, attrs2); + if (res.length != 1) { + message("Failed to find record for filter %s\n", options['filter']); + exit(1); + } +} else { + var res = ldb.search(sprintf("samAccountName=%s", options['username']), + domain_dn, ldb.SCOPE_SUBTREE, attrs2); + if (res.length != 1) { + message("Failed to find record for user %s\n", options['username']); + exit(1); + } +} + +var mod = sprintf(" +dn: %s +changetype: modify +replace: sambaPassword +sambaPassword: %s +", + res[0].dn, options['newpassword']); +var ok = ldb.modify(mod); +if (!ok) { + message("set password for %s failed - %s\n", + res[0].dn, ldb.errstring()); + ldb.transaction_cancel(); + exit(1); +} else { + message("set password for %s (%s) succeded\n", + res[0].dn, res[0].cn); + + ldb.transaction_commit(); +} + + +return 0; |