Use a common function to create the SAM_ACCOUNT being used to add accounts

to the system.  This means that we always run Get_Pwnam(), and can never add
FOO when foo exists on the system (the idea is to instead add foo into
the passdb, using it's full name, RID etc).

Andrew Bartlett
(This used to be commit bb79b127e02cefae13c822fd0fd165f1f214b740)

3 files changed, 45 insertions, 61 deletions

diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index 9f91fb57f3..bbccb86d82 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -301,6 +301,38 @@ NTSTATUS pdb_init_sam_pw(SAM_ACCOUNT **new_sam_acct, const struct passwd *pwd)
 }
 
 
+/*************************************************************
+ Initialises a SAM_ACCOUNT ready to add a new account, based
+ on the unix user if possible.
+ ************************************************************/
+
+NTSTATUS pdb_init_sam_new(SAM_ACCOUNT **new_sam_acct, const char *username)
+{
+	NTSTATUS nt_status = NT_STATUS_NO_MEMORY;
+
+	struct passwd *pwd;
+	
+	pwd = Get_Pwnam(username);
+
+	if (pwd) {
+		if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_pw(new_sam_acct, pwd))) {
+			*new_sam_acct = NULL;
+			return nt_status;
+		}
+	} else {
+		if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(new_sam_acct))) {
+			*new_sam_acct = NULL;
+			return nt_status;
+		}
+		if (!pdb_set_username(*new_sam_acct, username, PDB_SET)) {
+			pdb_free_sam(new_sam_acct);
+			return nt_status;
+		}
+	}
+	return NT_STATUS_OK;
+}
+
+
 /**
  * Free the contets of the SAM_ACCOUNT, but not the structure.
  *
@@ -1001,7 +1033,6 @@ BOOL local_password_change(const char *user_name, int local_flags,
 			   char *err_str, size_t err_str_len,
 			   char *msg_str, size_t msg_str_len)
 {
-	struct passwd  *pwd = NULL;
 	SAM_ACCOUNT 	*sam_pass=NULL;
 	uint16 other_acb;
 
@@ -1013,35 +1044,15 @@ BOOL local_password_change(const char *user_name, int local_flags,
 	if(!pdb_getsampwnam(sam_pass, user_name)) {
 		pdb_free_sam(&sam_pass);
 		
-		if (local_flags & LOCAL_ADD_USER) {
-			pwd = getpwnam_alloc(user_name);
-		} else if (local_flags & LOCAL_DELETE_USER) {
+		if ((local_flags & LOCAL_ADD_USER) || (local_flags & LOCAL_DELETE_USER)) {
 			/* Might not exist in /etc/passwd */
-		} else {
-			slprintf(err_str, err_str_len-1,"Failed to find entry for user %s.\n", user_name);
-			return False;
-		}
-		
-		if (pwd) {
-			/* Local user found, so init from this */
-			if (!NT_STATUS_IS_OK(pdb_init_sam_pw(&sam_pass, pwd))){
+			if (!NT_STATUS_IS_OK(pdb_init_sam_new(&sam_pass, user_name))) {
 				slprintf(err_str, err_str_len-1, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name);
-				passwd_free(&pwd);
 				return False;
 			}
-		
-			passwd_free(&pwd);
 		} else {
-			if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_pass))){
-				slprintf(err_str, err_str_len-1, "Failed initialise SAM_ACCOUNT for user %s.\n", user_name);
-				return False;
-			}
-
-	        	if (!pdb_set_username(sam_pass, user_name, PDB_CHANGED)) {
-	                	slprintf(err_str, err_str_len - 1, "Failed to set username for user %s.\n", user_name);
-	               	 	pdb_free_sam(&sam_pass);
-	               	 	return False;
-	        	}
+			slprintf(err_str, err_str_len-1,"Failed to find entry for user %s.\n", user_name);
+			return False;
 		}
 	} else {
 		/* the entry already existed */
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 8ff993d8a6..62d5f8ab0c 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2277,7 +2277,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
 	/* the passdb lookup has failed; check to see if we need to run the
 	   add user/machine script */
 	   
-	pw = getpwnam_alloc(account);
+	pw = Get_Pwnam(account);
 	
 	if ( !pw ) {
 		/* 
@@ -2299,33 +2299,14 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_
  			DEBUG(3,("_api_samr_create_user: Running the command `%s' gave %d\n", add_script, add_ret));
   		}
 		
-		/* try again */
-		pw = getpwnam_alloc(account);
 	}
 	
-
-	if (pw) {
-		nt_status = pdb_init_sam_pw(&sam_pass, pw);
-		passwd_free(&pw); /* done with this now */
-		if (!NT_STATUS_IS_OK(nt_status)) {
-			pdb_free_sam(&sam_pass);
-			return nt_status;
-		}
-	} else {
-		DEBUG(3,("attempting to create non-unix account %s\n", account));
-		
-		if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&sam_pass))) {
-			return nt_status;
-		}
+	nt_status = pdb_init_sam_new(&sam_pass, account);
+	if (!NT_STATUS_IS_OK(nt_status))
+		return nt_status;
 		
-		if (!pdb_set_username(sam_pass, account, PDB_CHANGED)) {
-			pdb_free_sam(&sam_pass);
-			return NT_STATUS_NO_MEMORY;
-		}
-	}
-
  	pdb_set_acct_ctrl(sam_pass, acb_info, PDB_CHANGED);
- 
+	
  	if (!pdb_add_sam_account(sam_pass)) {
  		pdb_free_sam(&sam_pass);
  		DEBUG(0, ("could not add user/computer %s to passdb.  Check permissions?\n", 
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index d7de709e21..3a3d06a645 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -351,20 +351,12 @@ static int new_user (struct pdb_context *in, const char *username,
 			const char *profile, char *user_sid, char *group_sid)
 {
 	SAM_ACCOUNT *sam_pwent=NULL;
-	struct passwd  *pwd = NULL;
+	NTSTATUS nt_status;
 	char *password1, *password2, *staticpass;
 	
-	ZERO_STRUCT(sam_pwent);
-
-	if ((pwd = getpwnam_alloc(username))) {
-		pdb_init_sam_pw (&sam_pwent, pwd);
-		passwd_free(&pwd);
-	} else {
-		fprintf (stderr, "WARNING: user %s does not exist in system passwd\n", username);
-		pdb_init_sam(&sam_pwent);
-		if (!pdb_set_username(sam_pwent, username, PDB_CHANGED)) {
-			return -1;
-		}
+	if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam_new(&sam_pwent, username))) {
+		DEBUG(0, ("could not create account to add new user %s\n", username));
+		return -1;
 	}
 
 	staticpass = getpass("new password:");