summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2003-03-23 11:50:16 +0000
committerVolker Lendecke <vlendec@samba.org>2003-03-23 11:50:16 +0000
commitb8d83f7cdb5aed2bdcc185388f148e2fe4726bf8 (patch)
tree94d48f65a20f05fef839fb89cbd3de3339e302a1
parenteaf3fbe642d3c84fa5aeaacb11f9676a05a26b31 (diff)
downloadsamba-b8d83f7cdb5aed2bdcc185388f148e2fe4726bf8.tar.gz
samba-b8d83f7cdb5aed2bdcc185388f148e2fe4726bf8.tar.bz2
samba-b8d83f7cdb5aed2bdcc185388f148e2fe4726bf8.zip
This does two things:
* pdbedit -i -e sets all SAM_ACCOUNT elements to CHANGED to satisfy the new pdb_ldap.c handling * pdbedit -g transfers group mappings. I made this separate from the user database, as current installations have to live with a split backend. So, if you are running 3_0 alphas with LDAP as a backend and upgrade to the next 3_0 alpha, you should call pdbedit -i tdbsam -e ldapsam -g to transfer your group mapping database to LDAP. You certainly have to have all your groups as posixGroup objects in LDAP and adapt the LDAP schema before this call. Volker (This used to be commit 09a3db0ffcbbe578788d3dd5ee7540d27cc7c09a)
-rw-r--r--docs/docbook/manpages/pdbedit.8.sgml13
-rw-r--r--source3/utils/pdbedit.c38
2 files changed, 50 insertions, 1 deletions
diff --git a/docs/docbook/manpages/pdbedit.8.sgml b/docs/docbook/manpages/pdbedit.8.sgml
index 1484bfec9a..2457d899de 100644
--- a/docs/docbook/manpages/pdbedit.8.sgml
+++ b/docs/docbook/manpages/pdbedit.8.sgml
@@ -31,6 +31,7 @@
<arg choice="opt">-x</arg>
<arg choice="opt">-i passdb-backend</arg>
<arg choice="opt">-e passdb-backend</arg>
+ <arg choice="opt">-g</arg>
<arg choice="opt">-b passdb-backend</arg>
<arg choice="opt">-d debuglevel</arg>
<arg choice="opt">-s configfile</arg>
@@ -266,6 +267,18 @@
</varlistentry>
<varlistentry>
+ <term>-g</term>
+ <listitem><para>If you specify <parameter>-g</parameter>,
+ then <parameter>-i in-backend -e out-backend</parameter>
+ applies to the group mapping instead of the user database.
+
+ <para>This option will ease migration from one passdb backend to
+ another and will ease backing up.</para>
+
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>-b passdb-backend</term>
<listitem><para>Use a different default passdb backend. </para>
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index 265bda1e5d..4c97903f51 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -69,6 +69,12 @@ static int export_database (struct pdb_context *in, struct pdb_context *out) {
}
while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) {
+ int i;
+
+ for (i=0; i<PDB_COUNT; i++) {
+ pdb_set_init_flags(user, i, PDB_CHANGED);
+ }
+
out->pdb_add_sam_account(out, user);
if (!NT_STATUS_IS_OK(pdb_reset_sam(user))){
fprintf(stderr, "Can't reset SAM_ACCOUNT!\n");
@@ -82,6 +88,30 @@ static int export_database (struct pdb_context *in, struct pdb_context *out) {
}
/*********************************************************
+ Add all currently available group mappings to another db
+ ********************************************************/
+
+static int export_groups (struct pdb_context *in, struct pdb_context *out) {
+ GROUP_MAP *maps = NULL;
+ int i, entries = 0;
+
+ if (NT_STATUS_IS_ERR(in->pdb_enum_group_mapping(in, SID_NAME_UNKNOWN,
+ &maps, &entries,
+ False, False))) {
+ fprintf(stderr, "Can't get group mappings!\n");
+ return 1;
+ }
+
+ for (i=0; i<entries; i++) {
+ out->pdb_add_group_mapping_entry(out, &(maps[i]));
+ }
+
+ SAFE_FREE(maps);
+
+ return 0;
+}
+
+/*********************************************************
Print info from sam structure
**********************************************************/
@@ -478,6 +508,7 @@ int main (int argc, char **argv)
static char *backend = NULL;
static char *backend_in = NULL;
static char *backend_out = NULL;
+ static BOOL transfer_groups = False;
static char *logon_script = NULL;
static char *profile_path = NULL;
static char *account_control = NULL;
@@ -507,6 +538,7 @@ int main (int argc, char **argv)
{"backend", 'b', POPT_ARG_STRING, &backend, 0, "use different passdb backend as default backend", NULL},
{"import", 'i', POPT_ARG_STRING, &backend_in, 0, "import user accounts from this backend", NULL},
{"export", 'e', POPT_ARG_STRING, &backend_out, 0, "export user accounts to this backend", NULL},
+ {"group", 'g', POPT_ARG_NONE, &transfer_groups, 0, "use -i and -e for groups", NULL},
{"account-policy", 'P', POPT_ARG_STRING, &account_policy, 0,"value of an account policy (like maximum password age)",NULL},
{"value", 'V', POPT_ARG_LONG, &account_policy_value, 'V',"set the account policy to this value", NULL},
{"account-control", 'c', POPT_ARG_STRING, &account_control, 0, "Values of account control", NULL},
@@ -621,7 +653,11 @@ int main (int argc, char **argv)
} else {
bout = bdef;
}
- return export_database(bin, bout);
+ if (transfer_groups) {
+ return export_groups(bin, bout);
+ } else {
+ return export_database(bin, bout);
+ }
}
/* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */