summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/passdb/pdb_ldap.c4
-rw-r--r--source3/utils/net_rpc.c131
2 files changed, 133 insertions, 2 deletions
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index dcb2040530..3db0702c92 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -911,7 +911,7 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
|| (lp_ldap_passwd_sync()!=LDAP_PASSWD_SYNC_ONLY)) {
if (need_update(sampass, PDB_LMPASSWD)) {
- uchar *lm_pw = pdb_get_lanman_passwd(sampass);
+ const uchar *lm_pw = pdb_get_lanman_passwd(sampass);
if (lm_pw) {
pdb_sethexpwd(temp, lm_pw,
pdb_get_acct_ctrl(sampass));
@@ -925,7 +925,7 @@ static BOOL init_ldap_from_sam (struct ldapsam_privates *ldap_state,
}
}
if (need_update(sampass, PDB_NTPASSWD)) {
- uchar *nt_pw = pdb_get_nt_passwd(sampass);
+ const uchar *nt_pw = pdb_get_nt_passwd(sampass);
if (nt_pw) {
pdb_sethexpwd(temp, nt_pw,
pdb_get_acct_ctrl(sampass));
diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c
index 804faf3b9a..eef3adbcb8 100644
--- a/source3/utils/net_rpc.c
+++ b/source3/utils/net_rpc.c
@@ -678,6 +678,135 @@ static int rpc_user_delete(int argc, const char **argv)
}
/**
+ * Set a password for a user on a remote RPC server
+ *
+ * All parameters are provided by the run_rpc_command function, except for
+ * argc, argv which are passes through.
+ *
+ * @param domain_sid The domain sid acquired from the remote server
+ * @param cli A cli_state connected to the server.
+ * @param mem_ctx Talloc context, destoyed on completion of the function.
+ * @param argc Standard main() style argc
+ * @param argv Standard main() style argv. Initial components are already
+ * stripped
+ *
+ * @return Normal NTSTATUS return.
+ **/
+
+static NTSTATUS rpc_user_password_internals(const DOM_SID *domain_sid,
+ struct cli_state *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+ POLICY_HND connect_pol, domain_pol, user_pol;
+ SAM_USERINFO_CTR ctr;
+ SAM_USER_INFO_24 p24;
+ uchar pwbuf[516];
+ const char *user;
+ const char *new_password;
+ char *prompt = NULL;
+
+ if (argc < 1) {
+ d_printf("User must be specified\n");
+ rpc_user_usage(argc, argv);
+ return NT_STATUS_OK;
+ }
+
+ user = argv[0];
+
+ if (argv[1]) {
+ new_password = argv[1];
+ } else {
+ asprintf(&prompt, "Enter new password for %s:", user);
+ new_password = getpass(prompt);
+ SAFE_FREE(prompt);
+ }
+
+ /* Get sam policy and domain handles */
+
+ result = cli_samr_connect(cli, mem_ctx, MAXIMUM_ALLOWED_ACCESS,
+ &connect_pol);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ result = cli_samr_open_domain(cli, mem_ctx, &connect_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ domain_sid, &domain_pol);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ /* Get handle on user */
+
+ {
+ uint32 *user_rids, num_rids, *name_types;
+ uint32 flags = 0x000003e8; /* Unknown */
+
+ result = cli_samr_lookup_names(cli, mem_ctx, &domain_pol,
+ flags, 1, &user,
+ &num_rids, &user_rids,
+ &name_types);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ result = cli_samr_open_user(cli, mem_ctx, &domain_pol,
+ MAXIMUM_ALLOWED_ACCESS,
+ user_rids[0], &user_pol);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+ }
+
+ /* Set password on account */
+
+ ZERO_STRUCT(ctr);
+ ZERO_STRUCT(p24);
+
+ encode_pw_buffer(pwbuf, new_password, STR_UNICODE);
+
+ init_sam_user_info24(&p24, (char *)pwbuf,24);
+
+ ctr.switch_value = 24;
+ ctr.info.id24 = &p24;
+
+ result = cli_samr_set_userinfo(cli, mem_ctx, &user_pol, 24,
+ &cli->user_session_key, &ctr);
+
+ if (!NT_STATUS_IS_OK(result)) {
+ goto done;
+ }
+
+ /* Display results */
+
+ done:
+ return result;
+
+}
+
+/**
+ * Set a user's password on a remote RPC server
+ *
+ * @param argc Standard main() style argc
+ * @param argv Standard main() style argv. Initial components are already
+ * stripped
+ *
+ * @return A shell status integer (0 for success)
+ **/
+
+static int rpc_user_password(int argc, const char **argv)
+{
+ return run_rpc_command(NULL, PI_SAMR, 0, rpc_user_password_internals,
+ argc, argv);
+}
+
+/**
* List user's groups on a remote RPC server
*
* All parameters are provided by the run_rpc_command function, except for
@@ -870,6 +999,7 @@ int net_rpc_user(int argc, const char **argv)
{"add", rpc_user_add},
{"info", rpc_user_info},
{"delete", rpc_user_delete},
+ {"password", rpc_user_password},
{NULL, NULL}
};
@@ -2547,6 +2677,7 @@ int net_rpc(int argc, const char **argv)
{"oldjoin", net_rpc_oldjoin},
{"testjoin", net_rpc_testjoin},
{"user", net_rpc_user},
+ {"password", rpc_user_password},
{"group", net_rpc_group},
{"share", net_rpc_share},
{"file", net_rpc_file},