summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2003-08-28 20:24:25 +0000
committerGerald Carter <jerry@samba.org>2003-08-28 20:24:25 +0000
commit494bb81bb047863f612f98e93720cf36d6c3f024 (patch)
tree8abcc5e1a50166646fdaf2dd5f1f981d5407ce18
parentbda60c71c1b2a486d0c5b36aeed0df62e18b448e (diff)
downloadsamba-494bb81bb047863f612f98e93720cf36d6c3f024.tar.gz
samba-494bb81bb047863f612f98e93720cf36d6c3f024.tar.bz2
samba-494bb81bb047863f612f98e93720cf36d6c3f024.zip
fixing typos pointed out by Vance in WHATSNEW
Include patch to manually set the machine trust account password (on request from jht) to mimic 2.2. behavior. last changes before RC2 (not counting syncing the docs). (This used to be commit ce090371449097d4e5010e1219d449db8b0ccac5)
-rw-r--r--WHATSNEW.txt29
-rw-r--r--source3/utils/net.c52
-rw-r--r--source3/utils/net_help.c7
3 files changed, 72 insertions, 16 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 2f0b33f464..5319adeee7 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -40,7 +40,8 @@ Major new features:
7) Better Windows 2000/XP/2003 printing support including publishing
printer attributes in active directory.
-8) New loadable RPC modules.
+8) New loadable module support for passdb backends and
+ character sets.
9) New default dual-daemon winbindd support for better performance.
@@ -73,17 +74,17 @@ refer to the various man pages for information on individual options.
######################################################################
-Changes since 3.0rc
-###################
+Changes since 3.0rc1
+####################
Please refer to the CVS log for the SAMBA_3_0 branch for complete
details:
1) Add levels 261 and 262 to search. Found using Samba4 tester.
-2) Correct bad errot return code in session setup reply
+2) Correct bad error return code in session setup reply
3) Fix bug where smbd returned DOS error codes from SMBsearch
even when NT1 protocol was negotiated.
-4) Implement SMBxit properly.
+4) Implement SMBexit properly.
5) Return group lists from a Samba PDC to a Windows 9x/ME box
in implementing user level access control (bug 314).
6) Prevent SWAT from crashing when adding shares (bug 254)
@@ -99,29 +100,29 @@ details:
14) Include initial version of smbldap-tool scripts for the Samba
3.0 schema.
15) Implement numerous fixes for multi-byte character strings.
-16) Enable unix extensions by default.
-17) Make sure we set the sid type when falling back to the rid
+16) Enable 'unix extensions' parameter by default.
+17) Make sure we set the SID type when falling back to the rid
algorithm (bug 245).
18) Correct linking problems with pam_smbpass (bug 327).
19) Add SYSV defines for Irix and Solaris to ensure the 'printing'
parameter default to the correct value (bug 230)
-20) Fix recusion bug in alloc_string+sub() (bug 289, et. al.)
+20) Fix recursion bug in alloc_string_sub() (bug 289, et. al.)
21) Ensure that 'make install' includes the static and shared
versions of the libsmbclient libraries.
22) Add CP850 and CP437 internal character set support (bug 150).
-23) Add support to examples/LDAP/convertSambaAccuont for generating
- LDIF modify files instaed of just add (303).
+23) Add support to examples/LDAP/convertSambaAccount for generating
+ LDIF modify files instead of just add (303).
24) Fix support for -W option in smbclient (bug 39)
25) Remove 'ldap trust ids' parameter since it could not be supported
by the current architecture.
26) Don't crash when no argument is given to -T in smbclient (bug 345).
27) Ensure smbadduser contains the same paths for the smbpasswd file
as the other Samba tools (bug 290).
-28) Port of 'avalable = no' fix for [homes] from SAMBA_2_2 cvs tree.
+28) Port of 'available = no' fix for [homes] from SAMBA_2_2 cvs tree.
29) Add sanity checks to DeletePrinterData[Ex]() and ensure that the
modified printer is written to disk.
-30) Force winbindd to preiodically update the trusted domain cache.
-31) Remove outdate import/export script to convert an smbpasswd file
+30) Force winbindd to periodically update the trusted domain cache.
+31) Remove outdated import/export script to convert an smbpasswd file
to and from and LDAP directory. Use the pdbedit tool instead.
@@ -214,7 +215,7 @@ Changes since 3.0beta3
53) Add vfs_readonly VFS module.
54) Make sure to initialize the sambaNextUserRid and sambaNextGroupRid
attributes when using 'idmap backend = ldap' (bug 280).
-55) Make sure that UNIX users shared between a Samba PDC and member
+55) Make sure that users shared between a Samba PDC and member
samba server are seen as domain users and not local users on the
domain member.
56) Fix Query FS Info level 2.
diff --git a/source3/utils/net.c b/source3/utils/net.c
index c49c77dd50..90f71f5035 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -79,6 +79,30 @@ struct in_addr opt_dest_ip;
extern BOOL AllowDebugChange;
+/**************************************************************************************************/
+/* Utility function to prompt for password from stdin. Password entered must end with a newline. */
+/**************************************************************************************************/
+static char *stdin_new_passwd(void)
+{
+ static fstring new_pw;
+ size_t len;
+
+ ZERO_ARRAY(new_pw);
+
+ /*
+ * if no error is reported from fgets() and string at least contains
+ * the newline that ends the password, then replace the newline with
+ * a null terminator.
+ */
+ if ( fgets(new_pw, sizeof(new_pw), stdin) != NULL) {
+ if ((len = strlen(new_pw)) > 0) {
+ if(new_pw[len-1] == '\n')
+ new_pw[len - 1] = 0;
+ }
+ }
+ return(new_pw);
+}
+
uint32 get_sec_channel_type(const char *param)
{
if (!(param && *param)) {
@@ -355,6 +379,33 @@ static int net_changetrustpw(int argc, const char **argv)
return net_rpc_changetrustpw(argc, argv);
}
+static int net_changesecretpw(int argc, const char **argv)
+{
+ char *trust_pw;
+ char trust_pw_hash[16];
+ uint32 sec_channel_type = SEC_CHAN_WKSTA;
+
+
+ if(opt_force) {
+ trust_pw = getpass("Enter machine password: ");
+
+ if (!secrets_store_machine_password(trust_pw, lp_workgroup(), sec_channel_type)) {
+ d_printf("Unable to write the machine account password in the secrets database");
+ return 1;
+ }
+ else {
+ d_printf("Modified trust account password in secrets database\n");
+ }
+ }
+ else {
+ d_printf("Machine account password change requires the -f flag.\n");
+ d_printf("Do NOT use this function unless you know what it does!\n");
+ d_printf("This function will change the ADS Domain member machine account password in the secrets.tdb file!\n");
+ }
+
+ return 0;
+}
+
static int net_share(int argc, const char **argv)
{
if (net_rpc_check(0))
@@ -537,6 +588,7 @@ static struct functable net_func[] = {
{"SERVICE", net_rap_service},
{"PASSWORD", net_rap_password},
{"CHANGETRUSTPW", net_changetrustpw},
+ {"CHANGESECRETPW", net_changesecretpw},
{"TIME", net_time},
{"LOOKUP", net_lookup},
{"JOIN", net_join},
diff --git a/source3/utils/net_help.c b/source3/utils/net_help.c
index 1f3afb1690..272a06bc90 100644
--- a/source3/utils/net_help.c
+++ b/source3/utils/net_help.c
@@ -47,7 +47,7 @@ int net_common_flags_usage(int argc, const char **argv)
d_printf("\t-U or --user=<name>\t\tuser name\n");
d_printf("\t-s or --configfile=<path>\t\tpathname of smb.conf file\n");
d_printf("\t-l or --long\t\t\tDisplay full information\n");
- d_printf("\t-V or --version\t\tPrint samba version information\n");
+ d_printf("\t-V or --version\t\t\tPrint samba version information\n");
d_printf("\t-P or --machine-pass\t\tAuthenticate as machine account\n");
return -1;
}
@@ -60,7 +60,8 @@ static int help_usage(int argc, const char **argv)
"\n"\
"Valid functions are:\n"\
" RPC RAP ADS FILE SHARE SESSION SERVER DOMAIN PRINTQ USER GROUP VALIDATE\n"\
-" GROUPMEMBER ADMIN SERVICE PASSWORD TIME LOOKUP GETLOCALSID SETLOCALSID\n");
+" GROUPMEMBER ADMIN SERVICE PASSWORD TIME LOOKUP GETLOCALSID SETLOCALSID\n"\
+" CHANGESCRETPW\n");
return -1;
}
@@ -156,6 +157,8 @@ static int net_usage(int argc, const char **argv)
" net cache\t\tto operate on cache tdb file\n"\
" net getlocalsid [NAME]\tto get the SID for local name\n"\
" net setlocalsid SID\tto set the local domain SID\n"\
+ " net changesecretpw\tto change the machine password in the local secrets database only\n"\
+ " \tthis requires the -f flag as a safety barrier\n"\
"\n"\
" net ads <command>\tto run ADS commands\n"\
" net rap <command>\tto run RAP (pre-RPC) commands\n"\