diff options
-rw-r--r-- | source3/utils/net_sam.c | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c index 9edbc7b8cf..00289d3bd3 100644 --- a/source3/utils/net_sam.c +++ b/source3/utils/net_sam.c @@ -387,6 +387,80 @@ static int net_sam_set(int argc, const char **argv) } /* + * Change account policies + */ + +static int net_sam_policy(int argc, const char **argv) +{ + + const char *account_policy = NULL; + uint32 value, old_value; + int field; + + if ((argc < 1) || (argc > 2)) { + d_fprintf(stderr, "usage: net sam policy \"<account policy>\" " + "-> show current value\n"); + d_fprintf(stderr, "usage: net sam policy \"<account policy>\" " + "<value> -> set a new value\n"); + return -1; + } + + account_policy = argv[0]; + field = account_policy_name_to_fieldnum(account_policy); + + if (field == 0) { + char *apn = account_policy_names_list(); + d_fprintf(stderr, "No account policy by that name!\n"); + if (apn) { + d_fprintf(stderr, "Valid account policies " + "are:\n%s\n", apn); + } + SAFE_FREE(apn); + return -1; + } + + if (!pdb_get_account_policy(field, &old_value)) { + fprintf(stderr, "Valid account policy, but unable to " + "fetch value!\n"); + return -1; + } + + if (argc == 1) { + /* + * Just read the value + */ + + printf("Account policy \"%s\" description: %s\n", + account_policy, account_policy_get_desc(field)); + printf("Account policy \"%s\" value is: %d\n", account_policy, + old_value); + return 0; + } + + /* + * Here we know we have 2 args, so set it + */ + + value = strtoul(argv[1], NULL, 10); + + printf("Account policy \"%s\" description: %s\n", account_policy, + account_policy_get_desc(field)); + printf("Account policy \"%s\" value was: %d\n", account_policy, + old_value); + + if (!pdb_set_account_policy(field, value)) { + d_fprintf(stderr, "Setting account policy %s to %u failed \n", + account_policy, value); + } + + printf("Account policy \"%s\" value is now: %d\n", account_policy, + value); + + return 0; +} + + +/* * Map a unix group to a domain group */ @@ -1232,6 +1306,8 @@ int net_sam(int argc, const char **argv) "Show details of a SAM entry" }, { "set", net_sam_set, "Set details of a SAM account" }, + { "policy", net_sam_policy, + "Set account policies" }, #ifdef HAVE_LDAP { "provision", net_sam_provision, "Provision a clean User Database" }, |