diff options
-rw-r--r-- | source3/utils/net_sam.c | 461 |
1 files changed, 351 insertions, 110 deletions
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c index f603065f9c..140bc53719 100644 --- a/source3/utils/net_sam.c +++ b/source3/utils/net_sam.c @@ -36,7 +36,7 @@ static int net_sam_userset(struct net_context *c, int argc, const char **argv, const char *dom, *name; NTSTATUS status; - if (argc != 2) { + if (argc != 2 || c->display_usage) { d_fprintf(stderr, "usage: net sam set %s <user> <value>\n", field); return -1; @@ -139,8 +139,9 @@ static int net_sam_set_userflag(struct net_context *c, int argc, NTSTATUS status; uint16 acct_flags; - if ((argc != 2) || (!strequal(argv[1], "yes") && - !strequal(argv[1], "no"))) { + if ((argc != 2) || c->display_usage || + (!strequal(argv[1], "yes") && + !strequal(argv[1], "no"))) { d_fprintf(stderr, "usage: net sam set %s <user> [yes|no]\n", field); return -1; @@ -229,8 +230,9 @@ static int net_sam_set_pwdmustchangenow(struct net_context *c, int argc, const char *dom, *name; NTSTATUS status; - if ((argc != 2) || (!strequal(argv[1], "yes") && - !strequal(argv[1], "no"))) { + if ((argc != 2) || c->display_usage || + (!strequal(argv[1], "yes") && + !strequal(argv[1], "no"))) { d_fprintf(stderr, "usage: net sam set pwdmustchangenow <user> [yes|no]\n"); return -1; } @@ -291,7 +293,7 @@ static int net_sam_set_comment(struct net_context *c, int argc, const char *dom, *name; NTSTATUS status; - if (argc != 2) { + if (argc != 2 || c->display_usage) { d_fprintf(stderr, "usage: net sam set comment <name> " "<comment>\n"); return -1; @@ -338,35 +340,107 @@ static int net_sam_set_comment(struct net_context *c, int argc, static int net_sam_set(struct net_context *c, int argc, const char **argv) { - struct functable2 func[] = { - { "homedir", net_sam_set_homedir, - "Change a user's home directory" }, - { "profilepath", net_sam_set_profilepath, - "Change a user's profile path" }, - { "comment", net_sam_set_comment, - "Change a users or groups description" }, - { "fullname", net_sam_set_fullname, - "Change a user's full name" }, - { "logonscript", net_sam_set_logonscript, - "Change a user's logon script" }, - { "homedrive", net_sam_set_homedrive, - "Change a user's home drive" }, - { "workstations", net_sam_set_workstations, - "Change a user's allowed workstations" }, - { "disabled", net_sam_set_disabled, - "Disable/Enable a user" }, - { "pwnotreq", net_sam_set_pwnotreq, - "Disable/Enable the password not required flag" }, - { "autolock", net_sam_set_autolock, - "Disable/Enable a user's lockout flag" }, - { "pwnoexp", net_sam_set_pwnoexp, - "Disable/Enable whether a user's pw does not expire" }, - { "pwdmustchangenow", net_sam_set_pwdmustchangenow, - "Force users password must change at next logon" }, - {NULL, NULL} + struct functable3 func[] = { + { + "homedir", + net_sam_set_homedir, + NET_TRANSPORT_LOCAL, + "Change a user's home directory", + "net sam set homedir\n" + " Change a user's home directory" + }, + { + "profilepath", + net_sam_set_profilepath, + NET_TRANSPORT_LOCAL, + "Change a user's profile path", + "net sam set profilepath\n" + " Change a user's profile path" + }, + { + "comment", + net_sam_set_comment, + NET_TRANSPORT_LOCAL, + "Change a users or groups description", + "net sam set comment\n" + " Change a users or groups description" + }, + { + "fullname", + net_sam_set_fullname, + NET_TRANSPORT_LOCAL, + "Change a user's full name", + "net sam set fullname\n" + " Change a user's full name" + }, + { + "logonscript", + net_sam_set_logonscript, + NET_TRANSPORT_LOCAL, + "Change a user's logon script", + "net sam set logonscript\n" + " Change a user's logon script" + }, + { + "homedrive", + net_sam_set_homedrive, + NET_TRANSPORT_LOCAL, + "Change a user's home drive", + "net sam set homedrive\n" + " Change a user's home drive" + }, + { + "workstations", + net_sam_set_workstations, + NET_TRANSPORT_LOCAL, + "Change a user's allowed workstations", + "net sam set workstations\n" + " Change a user's allowed workstations" + }, + { + "disabled", + net_sam_set_disabled, + NET_TRANSPORT_LOCAL, + "Disable/Enable a user", + "net sam set disable\n" + " Disable/Enable a user" + }, + { + "pwnotreq", + net_sam_set_pwnotreq, + NET_TRANSPORT_LOCAL, + "Disable/Enable the password not required flag", + "net sam set pwnotreq\n" + " Disable/Enable the password not required flag" + }, + { + "autolock", + net_sam_set_autolock, + NET_TRANSPORT_LOCAL, + "Disable/Enable a user's lockout flag", + "net sam set autolock\n" + " Disable/Enable a user's lockout flag" + }, + { + "pwnoexp", + net_sam_set_pwnoexp, + NET_TRANSPORT_LOCAL, + "Disable/Enable whether a user's pw does not expire", + "net sam set pwnoexp\n" + " Disable/Enable whether a user's pw does not expire" + }, + { + "pwdmustchangenow", + net_sam_set_pwdmustchangenow, + NET_TRANSPORT_LOCAL, + "Force users password must change at next logon", + "net sam set pwdmustchangenow\n" + " Force users password must change at next logon" + }, + {NULL, NULL, 0, NULL, NULL} }; - return net_run_function2(c, argc, argv, "net sam set", func); + return net_run_function3(c, argc, argv, "net sam set", func); } /* @@ -381,7 +455,7 @@ static int net_sam_policy_set(struct net_context *c, int argc, const char **argv int field; char *endptr; - if (argc != 2) { + if (argc != 2 || c->display_usage) { d_fprintf(stderr, "usage: net sam policy set " "\"<account policy>\" <value> \n"); return -1; @@ -447,7 +521,7 @@ static int net_sam_policy_show(struct net_context *c, int argc, const char **arg uint32 old_value; int field; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam policy show" " \"<account policy>\" \n"); return -1; @@ -491,6 +565,14 @@ static int net_sam_policy_list(struct net_context *c, int argc, const char **arg const char **names; int count; int i; + + if (c->display_usage) { + d_printf("Usage:\n" + "net sam policy list\n" + " List account policies\n"); + return 0; + } + account_policy_names_list(&names, &count); if (count != 0) { d_fprintf(stderr, "Valid account policies " @@ -505,17 +587,35 @@ static int net_sam_policy_list(struct net_context *c, int argc, const char **arg static int net_sam_policy(struct net_context *c, int argc, const char **argv) { - struct functable2 func[] = { - { "list", net_sam_policy_list, - "List account policies" }, - { "show", net_sam_policy_show, - "Show account policies" }, - { "set", net_sam_policy_set, - "Change account policies" }, - {NULL, NULL} + struct functable3 func[] = { + { + "list", + net_sam_policy_list, + NET_TRANSPORT_LOCAL, + "List account policies", + "net sam policy list\n" + " List account policies" + }, + { + "show", + net_sam_policy_show, + NET_TRANSPORT_LOCAL, + "Show account policies", + "net sam policy show\n" + " Show account policies" + }, + { + "set", + net_sam_policy_set, + NET_TRANSPORT_LOCAL, + "Change account policies", + "net sam policy set\n" + " Change account policies" + }, + {NULL, NULL, 0, NULL, NULL} }; - return net_run_function2(c, argc, argv, "net sam policy", func); + return net_run_function3(c, argc, argv, "net sam policy", func); } extern PRIVS privs[]; @@ -525,7 +625,7 @@ static int net_sam_rights_list(struct net_context *c, int argc, { SE_PRIV mask; - if (argc > 1) { + if (argc > 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam rights list [privilege name]\n"); return -1; } @@ -579,7 +679,7 @@ static int net_sam_rights_grant(struct net_context *c, int argc, const char *dom, *name; SE_PRIV mask; - if (argc != 2) { + if (argc != 2 || c->display_usage) { d_fprintf(stderr, "usage: net sam rights grant <name> " "<right>\n"); return -1; @@ -612,7 +712,7 @@ static int net_sam_rights_revoke(struct net_context *c, int argc, const char **a const char *dom, *name; SE_PRIV mask; - if (argc != 2) { + if (argc != 2 || c->display_usage) { d_fprintf(stderr, "usage: net sam rights revoke <name> " "<right>\n"); return -1; @@ -640,16 +740,34 @@ static int net_sam_rights_revoke(struct net_context *c, int argc, const char **a static int net_sam_rights(struct net_context *c, int argc, const char **argv) { - struct functable2 func[] = { - { "list", net_sam_rights_list, - "List possible user rights" }, - { "grant", net_sam_rights_grant, - "Grant a right" }, - { "revoke", net_sam_rights_revoke, - "Revoke a right" }, - { NULL } + struct functable3 func[] = { + { + "list", + net_sam_rights_list, + NET_TRANSPORT_LOCAL, + "List possible user rights", + "net sam rights list\n" + " List possible user rights" + }, + { + "grant", + net_sam_rights_grant, + NET_TRANSPORT_LOCAL, + "Grant a right", + "net sam rights grant\n" + " Grant a right" + }, + { + "revoke", + net_sam_rights_revoke, + NET_TRANSPORT_LOCAL, + "Revoke a right", + "net sam rights revoke\n" + " Revoke a right" + }, + {NULL, NULL, 0, NULL, NULL} }; - return net_run_function2(c, argc, argv, "net sam rights", func); + return net_run_function3(c, argc, argv, "net sam rights", func); } /* @@ -717,7 +835,7 @@ static int net_sam_mapunixgroup(struct net_context *c, int argc, const char **ar GROUP_MAP map; struct group *grp; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam mapunixgroup <name>\n"); return -1; } @@ -779,7 +897,7 @@ static int net_sam_unmapunixgroup(struct net_context *c, int argc, const char ** GROUP_MAP map; struct group *grp; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam unmapunixgroup <name>\n"); return -1; } @@ -812,7 +930,7 @@ static int net_sam_createlocalgroup(struct net_context *c, int argc, const char NTSTATUS status; uint32 rid; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam createlocalgroup <name>\n"); return -1; } @@ -847,7 +965,7 @@ static int net_sam_deletelocalgroup(struct net_context *c, int argc, const char const char *dom, *name; NTSTATUS status; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam deletelocalgroup <name>\n"); return -1; } @@ -889,7 +1007,7 @@ static int net_sam_createbuiltingroup(struct net_context *c, int argc, const cha fstring groupname; DOM_SID sid; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam createbuiltingroup <name>\n"); return -1; } @@ -940,7 +1058,7 @@ static int net_sam_addmem(struct net_context *c, int argc, const char **argv) enum lsa_SidType grouptype, membertype; NTSTATUS status; - if (argc != 2) { + if (argc != 2 || c->display_usage) { d_fprintf(stderr, "usage: net sam addmem <group> <member>\n"); return -1; } @@ -1013,7 +1131,7 @@ static int net_sam_delmem(struct net_context *c, int argc, const char **argv) enum lsa_SidType grouptype; NTSTATUS status; - if (argc != 2) { + if (argc != 2 || c->display_usage) { d_fprintf(stderr, "usage: net sam delmem <group> <member>\n"); return -1; } @@ -1071,7 +1189,7 @@ static int net_sam_listmem(struct net_context *c, int argc, const char **argv) enum lsa_SidType grouptype; NTSTATUS status; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam listmem <group>\n"); return -1; } @@ -1125,7 +1243,7 @@ static int net_sam_do_list(struct net_context *c, int argc, const char **argv, { bool verbose = (argc == 1); - if ((argc > 1) || + if ((argc > 1) || c->display_usage || ((argc == 1) && !strequal(argv[0], "verbose"))) { d_fprintf(stderr, "usage: net sam list %s [verbose]\n", what); return -1; @@ -1198,21 +1316,51 @@ static int net_sam_list_workstations(struct net_context *c, int argc, static int net_sam_list(struct net_context *c, int argc, const char **argv) { - struct functable2 func[] = { - { "users", net_sam_list_users, - "List SAM users" }, - { "groups", net_sam_list_groups, - "List SAM groups" }, - { "localgroups", net_sam_list_localgroups, - "List SAM local groups" }, - { "builtin", net_sam_list_builtin, - "List builtin groups" }, - { "workstations", net_sam_list_workstations, - "List domain member workstations" }, - {NULL, NULL} + struct functable3 func[] = { + { + "users", + net_sam_list_users, + NET_TRANSPORT_LOCAL, + "List SAM users", + "net sam list users\n" + " List SAM users" + }, + { + "groups", + net_sam_list_groups, + NET_TRANSPORT_LOCAL, + "List SAM groups", + "net sam list groups\n" + " List SAM groups" + }, + { + "localgroups", + net_sam_list_localgroups, + NET_TRANSPORT_LOCAL, + "List SAM local groups", + "net sam list localgroups\n" + " List SAM local groups" + }, + { + "builtin", + net_sam_list_builtin, + NET_TRANSPORT_LOCAL, + "List builtin groups", + "net sam list builtin\n" + " List builtin groups" + }, + { + "workstations", + net_sam_list_workstations, + NET_TRANSPORT_LOCAL, + "List domain member workstations", + "net sam list workstations\n" + " List domain member workstations" + }, + {NULL, NULL, 0, NULL, NULL} }; - return net_run_function2(c, argc, argv, "net sam list", func); + return net_run_function3(c, argc, argv, "net sam list", func); } /* @@ -1225,7 +1373,7 @@ static int net_sam_show(struct net_context *c, int argc, const char **argv) enum lsa_SidType type; const char *dom, *name; - if (argc != 1) { + if (argc != 1 || c->display_usage) { d_fprintf(stderr, "usage: net sam show <name>\n"); return -1; } @@ -1263,6 +1411,13 @@ static int net_sam_provision(struct net_context *c, int argc, const char **argv) struct samu *samuser; struct passwd *pwd; + if (c->display_usage) { + d_printf("Usage:\n" + "net sam provision\n" + " Init an LDAP tree with default users/groups\n"); + return 0; + } + tc = talloc_new(NULL); if (!tc) { d_fprintf(stderr, "Out of Memory!\n"); @@ -1653,38 +1808,124 @@ failed: **********************************************************/ int net_sam(struct net_context *c, int argc, const char **argv) { - struct functable2 func[] = { - { "createbuiltingroup", net_sam_createbuiltingroup, - "Create a new BUILTIN group" }, - { "createlocalgroup", net_sam_createlocalgroup, - "Create a new local group" }, - { "deletelocalgroup", net_sam_deletelocalgroup, - "Delete an existing local group" }, - { "mapunixgroup", net_sam_mapunixgroup, - "Map a unix group to a domain group" }, - { "unmapunixgroup", net_sam_unmapunixgroup, - "Remove a group mapping of an unix group to a domain group" }, - { "addmem", net_sam_addmem, - "Add a member to a group" }, - { "delmem", net_sam_delmem, - "Delete a member from a group" }, - { "listmem", net_sam_listmem, - "List group members" }, - { "list", net_sam_list, - "List users, groups and local groups" }, - { "show", net_sam_show, - "Show details of a SAM entry" }, - { "set", net_sam_set, - "Set details of a SAM account" }, - { "policy", net_sam_policy, - "Set account policies" }, - { "rights", net_sam_rights, - "Manipulate user privileges" }, + struct functable3 func[] = { + { + "createbuiltingroup", + net_sam_createbuiltingroup, + NET_TRANSPORT_LOCAL, + "Create a new BUILTIN group", + "net sam createbuiltingroup\n" + " Create a new BUILTIN group" + }, + { + "createlocalgroup", + net_sam_createlocalgroup, + NET_TRANSPORT_LOCAL, + "Create a new local group", + "net sam createlocalgroup\n" + " Create a new local group" + }, + { + "deletelocalgroup", + net_sam_deletelocalgroup, + NET_TRANSPORT_LOCAL, + "Delete an existing local group", + "net sam deletelocalgroup\n" + " Delete an existing local group" + }, + { + "mapunixgroup", + net_sam_mapunixgroup, + NET_TRANSPORT_LOCAL, + "Map a unix group to a domain group", + "net sam mapunixgroup\n" + " Map a unix group to a domain group" + }, + { + "unmapunixgroup", + net_sam_unmapunixgroup, + NET_TRANSPORT_LOCAL, + "Remove a group mapping of an unix group to a domain " + "group", + "net sam unmapunixgroup\n" + " Remove a group mapping of an unix group to a " + "domain group" + }, + { + "addmem", + net_sam_addmem, + NET_TRANSPORT_LOCAL, + "Add a member to a group", + "net sam addmem\n" + " Add a member to a group" + }, + { + "delmem", + net_sam_delmem, + NET_TRANSPORT_LOCAL, + "Delete a member from a group", + "net sam delmem\n" + " Delete a member from a group" + }, + { + "listmem", + net_sam_listmem, + NET_TRANSPORT_LOCAL, + "List group members", + "net sam listmem\n" + " List group members" + }, + { + "list", + net_sam_list, + NET_TRANSPORT_LOCAL, + "List users, groups and local groups", + "net sam list\n" + " List users, groups and local groups" + }, + { + "show", + net_sam_show, + NET_TRANSPORT_LOCAL, + "Show details of a SAM entry", + "net sam show\n" + " Show details of a SAM entry" + }, + { + "set", + net_sam_set, + NET_TRANSPORT_LOCAL, + "Set details of a SAM account", + "net sam set\n" + " Set details of a SAM account" + }, + { + "policy", + net_sam_policy, + NET_TRANSPORT_LOCAL, + "Set account policies", + "net sam policy\n" + " Set account policies" + }, + { + "rights", + net_sam_rights, + NET_TRANSPORT_LOCAL, + "Manipulate user privileges", + "net sam rights\n" + " Manipulate user privileges" + }, #ifdef HAVE_LDAP - { "provision", net_sam_provision, - "Provision a clean User Database" }, + { + "provision", + net_sam_provision, + NET_TRANSPORT_LOCAL, + "Provision a clean user database", + "net sam privison\n" + " Provision a clear user database" + }, #endif - { NULL, NULL, NULL } + {NULL, NULL, 0, NULL, NULL} }; if (getuid() != 0) { @@ -1692,6 +1933,6 @@ int net_sam(struct net_context *c, int argc, const char **argv) "work\n"); } - return net_run_function2(c, argc, argv, "net sam", func); + return net_run_function3(c, argc, argv, "net sam", func); } |