diff options
author | Jim McDonough <jmcd@samba.org> | 2002-05-23 15:05:17 +0000 |
---|---|---|
committer | Jim McDonough <jmcd@samba.org> | 2002-05-23 15:05:17 +0000 |
commit | bc2d07fc8a894697d0e66bb097fa708e92515695 (patch) | |
tree | 69f7a97f0b6a873ce4f3ee74d2a211216797de61 /source3/utils | |
parent | 0c4c34d481be2790f0aae9f24a361f2458d1908c (diff) | |
download | samba-bc2d07fc8a894697d0e66bb097fa708e92515695.tar.gz samba-bc2d07fc8a894697d0e66bb097fa708e92515695.tar.bz2 samba-bc2d07fc8a894697d0e66bb097fa708e92515695.zip |
Allow initial password set on net ads user add. I need to do this on
rpc and rap too. Anyone know what key I'm supposed to use to encrypt
it for the rap one?
(This used to be commit 033faaa8cbfe7e368c554b26e7a506098d06fa02)
Diffstat (limited to 'source3/utils')
-rw-r--r-- | source3/utils/net_ads.c | 33 |
1 files changed, 30 insertions, 3 deletions
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c index df10452867..5af492bbb0 100644 --- a/source3/utils/net_ads.c +++ b/source3/utils/net_ads.c @@ -167,6 +167,7 @@ static int ads_user_add(int argc, const char **argv) { ADS_STRUCT *ads; ADS_STATUS status; + char *upn, *userdn; void *res=NULL; int rc = -1; @@ -189,12 +190,38 @@ static int ads_user_add(int argc, const char **argv) status = ads_add_user_acct(ads, argv[0], opt_comment); + if (!ADS_ERR_OK(status)) { + d_printf("Could not add user %s: %s\n", argv[0], + ads_errstr(status)); + goto done; + } + + /* if no password is to be set, we're done */ + if (argc == 1) { + d_printf("User %s added\n", argv[0]); + rc = 0; + goto done; + } + + /* try setting the password */ + asprintf(&upn, "%s@%s", argv[0], ads->realm); + status = krb5_set_password(ads->kdc_server, upn, argv[1]); + safe_free(upn); if (ADS_ERR_OK(status)) { d_printf("User %s added\n", argv[0]); rc = 0; - } else { - d_printf("Could not add user %s: %s\n", argv[0], - ads_errstr(status)); + goto done; + } + + /* password didn't set, delete account */ + d_printf("Could not add user %s. Error setting password %s\n", + argv[0], ads_errstr(status)); + ads_msgfree(ads, res); + status=ads_find_user_acct(ads, &res, argv[0]); + if (ADS_ERR_OK(status)) { + userdn = ads_get_dn(ads, res); + ads_del_dn(ads, userdn); + ads_memfree(ads, userdn); } done: |