summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2006-07-03 01:04:14 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:09:44 -0500
commit673cce78171663a33b5f3f19b02b260f99750f23 (patch)
treeb076cda95422ee8c5e7ad022acc5fcd279327b5d
parent5517249fadfced980db5eb47bf04ece5edcb6c53 (diff)
downloadsamba-673cce78171663a33b5f3f19b02b260f99750f23.tar.gz
samba-673cce78171663a33b5f3f19b02b260f99750f23.tar.bz2
samba-673cce78171663a33b5f3f19b02b260f99750f23.zip
r16768: Add a simple script to set a user's password. This should grow into a
real smbpasswd command some day. Andrew Bartlett (This used to be commit 8d0582796608b757fde776e69ea5d70b2b13eb36)
-rw-r--r--source4/setup/setpassword122
1 files changed, 122 insertions, 0 deletions
diff --git a/source4/setup/setpassword b/source4/setup/setpassword
new file mode 100644
index 0000000000..c3357a3cdd
--- /dev/null
+++ b/source4/setup/setpassword
@@ -0,0 +1,122 @@
+#!/bin/sh
+exec smbscript "$0" ${1+"$@"}
+/*
+ set a user's password on a Samba4 server
+ Copyright Andrew Tridgell 2005
+ Copyright Andrew Bartlett 2006
+ Released under the GNU GPL v2 or later
+*/
+
+options = GetOptions(ARGV,
+ "POPT_AUTOHELP",
+ 'username=s',
+ 'filter=s',
+ 'newpassword=s',
+ "POPT_COMMON_SAMBA",
+ "POPT_COMMON_VERSION",
+ "POPT_COMMON_CREDENTIALS",
+ 'quiet');
+
+if (options == undefined) {
+ println("Failed to parse options");
+ return -1;
+}
+
+libinclude("base.js");
+libinclude("provision.js");
+
+/*
+ print a message if quiet is not set
+*/
+function message()
+{
+ if (options["quiet"] == undefined) {
+ print(vsprintf(arguments));
+ }
+}
+
+/*
+ show some help
+*/
+function ShowHelp()
+{
+ print("
+Samba4 newuser
+
+newuser [options]
+ --username USERNAME username
+ --filter LDAPFILTER LDAP Filter to set password on
+ --newpassword PASSWORD set password
+
+You must provide either a filter or a username, as well as password
+");
+ exit(1);
+}
+
+if (options['username'] == undefined && options['filter'] == undefined) {
+ ShowHelp();
+}
+
+if (options['newpassword'] == undefined) {
+ ShowHelp();
+}
+
+ var lp = loadparm_init();
+ var samdb = lp.get("sam database");
+ var ldb = ldb_init();
+ random_init(local);
+ ldb.session_info = system_session();
+ ldb.credentials = options.get_credentials();
+
+ /* connect to the sam */
+ var ok = ldb.connect(samdb);
+ assert(ok);
+
+ ldb.transaction_start();
+
+/* find the DNs for the domain and the domain users group */
+var attrs = new Array("defaultNamingContext");
+var attrs2 = new Array("cn");
+res = ldb.search("defaultNamingContext=*", "", ldb.SCOPE_BASE, attrs);
+assert(res.length == 1 && res[0].defaultNamingContext != undefined);
+var domain_dn = res[0].defaultNamingContext;
+assert(domain_dn != undefined);
+
+if (options['filter'] != undefined) {
+ var res = ldb.search(options['filter'],
+ domain_dn, ldb.SCOPE_SUBTREE, attrs2);
+ if (res.length != 1) {
+ message("Failed to find record for filter %s\n", options['filter']);
+ exit(1);
+ }
+} else {
+ var res = ldb.search(sprintf("samAccountName=%s", options['username']),
+ domain_dn, ldb.SCOPE_SUBTREE, attrs2);
+ if (res.length != 1) {
+ message("Failed to find record for user %s\n", options['username']);
+ exit(1);
+ }
+}
+
+var mod = sprintf("
+dn: %s
+changetype: modify
+replace: sambaPassword
+sambaPassword: %s
+",
+ res[0].dn, options['newpassword']);
+var ok = ldb.modify(mod);
+if (!ok) {
+ message("set password for %s failed - %s\n",
+ res[0].dn, ldb.errstring());
+ ldb.transaction_cancel();
+ exit(1);
+} else {
+ message("set password for %s (%s) succeded\n",
+ res[0].dn, res[0].cn);
+
+ ldb.transaction_commit();
+}
+
+
+return 0;