summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2002-07-24 05:26:32 +0000
committerAndrew Bartlett <abartlet@samba.org>2002-07-24 05:26:32 +0000
commit24675d99e51609de542c70a8e6f39befeed46722 (patch)
tree88eea2eec03a093d36dce9d87e2f2c9b8dc8e07b
parent3760e52ca852c2818787720c9f33a4ddf5d66145 (diff)
downloadsamba-24675d99e51609de542c70a8e6f39befeed46722.tar.gz
samba-24675d99e51609de542c70a8e6f39befeed46722.tar.bz2
samba-24675d99e51609de542c70a8e6f39befeed46722.zip
Make it possible to query account policy values from pdbedit (set to come soon).
Update account_pol.c to use just uint32, rather then uint32 for paramaters, int32 for storage. (The int32 functions didn't have seperate return/status values, uint32 functions use a pointer-paramater). Move the #define -> string from a swtich to a table, so we can look it up both ways. Andrew Bartlett (This used to be commit c5b5e3d653f5c38a283d901a409be6603d5103f7)
-rw-r--r--source3/lib/account_pol.c88
-rw-r--r--source3/utils/pdbedit.c40
2 files changed, 91 insertions, 37 deletions
diff --git a/source3/lib/account_pol.c b/source3/lib/account_pol.c
index 07676e2202..f603f0f191 100644
--- a/source3/lib/account_pol.c
+++ b/source3/lib/account_pol.c
@@ -2,6 +2,7 @@
* Unix SMB/CIFS implementation.
* account policy storage
* Copyright (C) Jean François Micouleau 1998-2001.
+ * Copyright (C) Andrew Bartlett 2002
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -31,6 +32,7 @@ BOOL init_account_policy(void)
{
static pid_t local_pid;
char *vstring = "INFO/version";
+ uint32 version;
if (tdb && local_pid == sys_getpid())
return True;
@@ -44,9 +46,9 @@ BOOL init_account_policy(void)
/* handle a Samba upgrade */
tdb_lock_bystring(tdb, vstring);
- if (tdb_fetch_int32(tdb, vstring) != DATABASE_VERSION) {
+ if (!tdb_fetch_uint32(tdb, vstring, &version) || version != DATABASE_VERSION) {
tdb_traverse(tdb, tdb_traverse_delete_fn, NULL);
- tdb_store_int32(tdb, vstring, DATABASE_VERSION);
+ tdb_store_uint32(tdb, vstring, DATABASE_VERSION);
account_policy_set(AP_MIN_PASSWORD_LEN, MINPASSWDLENGTH); /* 5 chars minimum */
account_policy_set(AP_PASSWORD_HISTORY, 0); /* don't keep any old password */
@@ -63,33 +65,50 @@ BOOL init_account_policy(void)
return True;
}
+static const struct {
+ int field;
+ char *string;
+} account_policy_names[] = {
+ {AP_MIN_PASSWORD_LEN, "min password length"},
+ {AP_PASSWORD_HISTORY, "password history"},
+ {AP_USER_MUST_LOGON_TO_CHG_PASS, "user must logon to change password"},
+ {AP_MAX_PASSWORD_AGE, "maximum password age"},
+ {AP_MIN_PASSWORD_AGE,"minimum password age"},
+ {AP_LOCK_ACCOUNT_DURATION, "lockout duration"},
+ {AP_RESET_COUNT_TIME, "reset count minutes"},
+ {AP_BAD_ATTEMPT_LOCKOUT, "bad lockout attempt"},
+ {AP_TIME_TO_LOGOUT, "disconnect time"},
+ {0, NULL}
+};
+
+/****************************************************************************
+Get the account policy name as a string from its #define'ed number
+****************************************************************************/
+
+static const char *decode_account_policy_name(int field)
+{
+ int i;
+ for (i=0; account_policy_names[i].string; i++) {
+ if (field == account_policy_names[i].field)
+ return account_policy_names[i].string;
+ }
+ return NULL;
+
+}
+
/****************************************************************************
+Get the account policy name as a string from its #define'ed number
****************************************************************************/
-static char *decode_account_policy_name(int field)
+int account_policy_name_to_feildnum(const char *name)
{
- switch (field) {
- case AP_MIN_PASSWORD_LEN:
- return "min password length";
- case AP_PASSWORD_HISTORY:
- return "password history";
- case AP_USER_MUST_LOGON_TO_CHG_PASS:
- return "user must logon to change password";
- case AP_MAX_PASSWORD_AGE:
- return "maximum password age";
- case AP_MIN_PASSWORD_AGE:
- return "minimum password age";
- case AP_LOCK_ACCOUNT_DURATION:
- return "lockout duration";
- case AP_RESET_COUNT_TIME:
- return "reset count minutes";
- case AP_BAD_ATTEMPT_LOCKOUT:
- return "bad lockout attempt";
- case AP_TIME_TO_LOGOUT:
- return "disconnect time";
- default:
- return "undefined value";
+ int i;
+ for (i=0; account_policy_names[i].string; i++) {
+ if (strcmp(name, account_policy_names[i].string) == 0)
+ return account_policy_names[i].field;
}
+ return 0;
+
}
@@ -101,8 +120,17 @@ BOOL account_policy_get(int field, uint32 *value)
init_account_policy();
+ *value = 0;
+
fstrcpy(name, decode_account_policy_name(field));
- *value=tdb_fetch_int32(tdb, name);
+ if (!*name) {
+ DEBUG(1, ("account_policy_get: Field %d is not a valid account policy type! Cannot get, returning 0.\n", field));
+ return False;
+ }
+ if (!tdb_fetch_uint32(tdb, name, value)) {
+ DEBUG(1, ("account_policy_get: tdb_fetch_uint32 failed for feild %d (%s), returning 0", field, name));
+ return False;
+ }
DEBUG(10,("account_policy_get: %s:%d\n", name, *value));
return True;
}
@@ -117,8 +145,16 @@ BOOL account_policy_set(int field, uint32 value)
init_account_policy();
fstrcpy(name, decode_account_policy_name(field));
- if ( tdb_store_int32(tdb, name, value)== -1)
+ if (!*name) {
+ DEBUG(1, ("Field %d is not a valid account policy type! Cannot set.\n", field));
return False;
+ }
+
+ if (!tdb_store_uint32(tdb, name, value)) {
+ DEBUG(1, ("tdb_store_uint32 failed for feild %d (%s) on value %u", field, name, value));
+ return False;
+ }
+
DEBUG(10,("account_policy_set: %s:%d\n", name, value));
return True;
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index f48c24fbc0..4f67cf7ab7 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -416,6 +416,7 @@ int main (int argc, char **argv)
static char *profile_path = NULL;
static char *config_file = dyn_CONFIGFILE;
static char *new_debuglevel = NULL;
+ static char *account_policy = NULL;
struct pdb_context *in;
poptContext pc;
@@ -437,34 +438,51 @@ int main (int argc, char **argv)
{"export", 'e',POPT_ARG_STRING,&backend_out,0,"export user accounts to backend", NULL},
{"debuglevel",'D', POPT_ARG_STRING, &new_debuglevel,0,"set debuglevel",NULL},
{"configfile",'c',POPT_ARG_STRING, &config_file,0,"use different configuration file",NULL},
+ {"account-policy-get",'P',POPT_ARG_STRING, &account_policy,0,"get the value of an account policy (like maximum password age)",NULL},
+
{0,0,0,0}
};
-
+
setup_logging("pdbedit", True);
-
+
pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
- POPT_CONTEXT_KEEP_FIRST);
-
+ POPT_CONTEXT_KEEP_FIRST);
+
while((opt = poptGetNextOpt(pc)) != -1);
-
+
if (new_debuglevel){
debug_parse_levels(new_debuglevel);
AllowDebugChange = False;
}
-
+
if (!lp_load(config_file,True,False,False)) {
fprintf(stderr, "Can't load %s - run testparm to debug it\n",
- config_file);
+ config_file);
exit(1);
}
-
-
+
+
setparms = (full_name || home_dir || home_drive || logon_script || profile_path);
-
- if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) > 1) {
+
+ if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) + (backend_out?1:0) + (account_policy?1:0) > 1) {
fprintf (stderr, "Incompatible options on command line!\n");
exit(1);
}
+
+ if (account_policy) {
+ uint32 value;
+ int field = account_policy_name_to_feildnum(account_policy);
+ if (field == 0) {
+ fprintf(stderr, "No account policy by that name\n");
+ exit(1);
+ }
+ if (!account_policy_get(field, &value)){
+ fprintf(stderr, "valid account policy, but unable to fetch value!\n");
+ exit(1);
+ }
+ printf("account policy value for %s is %u\n", account_policy, value);
+ exit(0);
+ }
if (!backend_in) {
if (!NT_STATUS_IS_OK(make_pdb_context_list(&in, lp_passdb_backend()))){