summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJim McDonough <jmcd@samba.org>2002-05-23 15:05:17 +0000
committerJim McDonough <jmcd@samba.org>2002-05-23 15:05:17 +0000
commitbc2d07fc8a894697d0e66bb097fa708e92515695 (patch)
tree69f7a97f0b6a873ce4f3ee74d2a211216797de61
parent0c4c34d481be2790f0aae9f24a361f2458d1908c (diff)
downloadsamba-bc2d07fc8a894697d0e66bb097fa708e92515695.tar.gz
samba-bc2d07fc8a894697d0e66bb097fa708e92515695.tar.bz2
samba-bc2d07fc8a894697d0e66bb097fa708e92515695.zip
Allow initial password set on net ads user add. I need to do this on
rpc and rap too. Anyone know what key I'm supposed to use to encrypt it for the rap one? (This used to be commit 033faaa8cbfe7e368c554b26e7a506098d06fa02)
-rw-r--r--source3/utils/net_ads.c33
1 files changed, 30 insertions, 3 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index df10452867..5af492bbb0 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -167,6 +167,7 @@ static int ads_user_add(int argc, const char **argv)
{
ADS_STRUCT *ads;
ADS_STATUS status;
+ char *upn, *userdn;
void *res=NULL;
int rc = -1;
@@ -189,12 +190,38 @@ static int ads_user_add(int argc, const char **argv)
status = ads_add_user_acct(ads, argv[0], opt_comment);
+ if (!ADS_ERR_OK(status)) {
+ d_printf("Could not add user %s: %s\n", argv[0],
+ ads_errstr(status));
+ goto done;
+ }
+
+ /* if no password is to be set, we're done */
+ if (argc == 1) {
+ d_printf("User %s added\n", argv[0]);
+ rc = 0;
+ goto done;
+ }
+
+ /* try setting the password */
+ asprintf(&upn, "%s@%s", argv[0], ads->realm);
+ status = krb5_set_password(ads->kdc_server, upn, argv[1]);
+ safe_free(upn);
if (ADS_ERR_OK(status)) {
d_printf("User %s added\n", argv[0]);
rc = 0;
- } else {
- d_printf("Could not add user %s: %s\n", argv[0],
- ads_errstr(status));
+ goto done;
+ }
+
+ /* password didn't set, delete account */
+ d_printf("Could not add user %s. Error setting password %s\n",
+ argv[0], ads_errstr(status));
+ ads_msgfree(ads, res);
+ status=ads_find_user_acct(ads, &res, argv[0]);
+ if (ADS_ERR_OK(status)) {
+ userdn = ads_get_dn(ads, res);
+ ads_del_dn(ads, userdn);
+ ads_memfree(ads, userdn);
}
done: