summaryrefslogtreecommitdiff
path: root/source3/utils
diff options
context:
space:
mode:
authorJim McDonough <jmcd@samba.org>2002-05-23 15:05:17 +0000
committerJim McDonough <jmcd@samba.org>2002-05-23 15:05:17 +0000
commitbc2d07fc8a894697d0e66bb097fa708e92515695 (patch)
tree69f7a97f0b6a873ce4f3ee74d2a211216797de61 /source3/utils
parent0c4c34d481be2790f0aae9f24a361f2458d1908c (diff)
downloadsamba-bc2d07fc8a894697d0e66bb097fa708e92515695.tar.gz
samba-bc2d07fc8a894697d0e66bb097fa708e92515695.tar.bz2
samba-bc2d07fc8a894697d0e66bb097fa708e92515695.zip
Allow initial password set on net ads user add. I need to do this on
rpc and rap too. Anyone know what key I'm supposed to use to encrypt it for the rap one? (This used to be commit 033faaa8cbfe7e368c554b26e7a506098d06fa02)
Diffstat (limited to 'source3/utils')
-rw-r--r--source3/utils/net_ads.c33
1 files changed, 30 insertions, 3 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index df10452867..5af492bbb0 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -167,6 +167,7 @@ static int ads_user_add(int argc, const char **argv)
{
ADS_STRUCT *ads;
ADS_STATUS status;
+ char *upn, *userdn;
void *res=NULL;
int rc = -1;
@@ -189,12 +190,38 @@ static int ads_user_add(int argc, const char **argv)
status = ads_add_user_acct(ads, argv[0], opt_comment);
+ if (!ADS_ERR_OK(status)) {
+ d_printf("Could not add user %s: %s\n", argv[0],
+ ads_errstr(status));
+ goto done;
+ }
+
+ /* if no password is to be set, we're done */
+ if (argc == 1) {
+ d_printf("User %s added\n", argv[0]);
+ rc = 0;
+ goto done;
+ }
+
+ /* try setting the password */
+ asprintf(&upn, "%s@%s", argv[0], ads->realm);
+ status = krb5_set_password(ads->kdc_server, upn, argv[1]);
+ safe_free(upn);
if (ADS_ERR_OK(status)) {
d_printf("User %s added\n", argv[0]);
rc = 0;
- } else {
- d_printf("Could not add user %s: %s\n", argv[0],
- ads_errstr(status));
+ goto done;
+ }
+
+ /* password didn't set, delete account */
+ d_printf("Could not add user %s. Error setting password %s\n",
+ argv[0], ads_errstr(status));
+ ads_msgfree(ads, res);
+ status=ads_find_user_acct(ads, &res, argv[0]);
+ if (ADS_ERR_OK(status)) {
+ userdn = ads_get_dn(ads, res);
+ ads_del_dn(ads, userdn);
+ ads_memfree(ads, userdn);
}
done: