diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2013-02-28 22:59:48 +1100 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2013-03-06 14:46:43 -0800 |
| commit | c66632046d62786dd19c8978847bfc6470da4e89 (patch) | |
| tree | ff68c27b439f2d761a000bbc11d0e887c0dda584 | |
| parent | 166288b162e7b658b48bc908c71f635928edc5b5 (diff) | |
| download | samba-c66632046d62786dd19c8978847bfc6470da4e89.tar.gz samba-c66632046d62786dd19c8978847bfc6470da4e89.tar.bz2 samba-c66632046d62786dd19c8978847bfc6470da4e89.zip | |
net ads join: Add support for specifying the machine account password
This allows a predictable password to be specified, just like --machinepass does on samba-tool domain join.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra@samba.org>
| -rw-r--r-- | docs-xml/manpages/net.8.xml | 7 | ||||
| -rw-r--r-- | source3/utils/net_ads.c | 11 |
2 files changed, 17 insertions, 1 deletions
diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml index 01044e1045..0cdadea9e2 100644 --- a/docs-xml/manpages/net.8.xml +++ b/docs-xml/manpages/net.8.xml @@ -194,7 +194,8 @@ the remote server using <command>/bin/date</command>. </para> </refsect2> <refsect2> -<title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] [createcomputer=OU] [options]</title> +<title>[RPC|ADS] JOIN [TYPE] [-U username[%password]] [createupn=UPN] +[createcomputer=OU] [machinepass=PASS] [options]</title> <para> Join a domain. If the account already exists on the server, and @@ -220,6 +221,10 @@ a '/'. Please note that '\' is used for escape by both the shell and ldap, so it may need to be doubled or quadrupled to pass through, and it is not used as a delimiter. </para> +<para> +[PASS] (ADS only) Set a specific password on the computer account +being created by the join. +</para> </refsect2> <refsect2> diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index 013884d176..569994362d 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -1315,6 +1315,8 @@ static int net_ads_join_usage(struct net_context *c, int argc, const char **argv " E.g. \"createcomputer=Computers/Servers/Unix\"\n" " NB: A backslash '\\' is used as escape at multiple levels and may\n" " need to be doubled or even quadrupled. It is not used as a separator.\n")); + d_printf(_(" machinepass=PASS Set the machine password to a specific value during the join.\n" + " The deault password is random.\n")); d_printf(_(" osName=string Set the operatingSystem attribute during the join.\n")); d_printf(_(" osVer=string Set the operatingSystemVersion attribute during the join.\n" " NB: osName and osVer must be specified together for either to take effect.\n" @@ -1421,6 +1423,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) WERROR werr = WERR_SETUP_NOT_JOINED; bool createupn = false; const char *machineupn = NULL; + const char *machine_password = NULL; const char *create_in_ou = NULL; int i; const char *os_name = NULL; @@ -1482,6 +1485,13 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) goto fail; } } + else if ( !strncasecmp_m(argv[i], "machinepass", strlen("machinepass")) ) { + if ( (machine_password = get_string_param(argv[i])) == NULL ) { + d_fprintf(stderr, _("Please supply a valid password to set as trust account password.\n")); + werr = WERR_INVALID_PARAM; + goto fail; + } + } else { domain = argv[i]; } @@ -1511,6 +1521,7 @@ int net_ads_join(struct net_context *c, int argc, const char **argv) r->in.dc_name = c->opt_host; r->in.admin_account = c->opt_user_name; r->in.admin_password = net_prompt_pass(c, c->opt_user_name); + r->in.machine_password = machine_password; r->in.debug = true; r->in.use_kerberos = c->opt_kerberos; r->in.modify_config = modify_config; |